Application of Physical Attacks

Size: px
Start display at page:

Download "Application of Physical Attacks"

Transcription

1 Application of Physical Attacks to Real World Systems Workshop Provable Security against Physical Attacks Lorentz Center, Leiden February 17, 2010 Christof Paar Timo Kasper Embedded Security Group Horst Görtz Institute for IT Security Ruhr University Bochum

2 Acknowledgement Thomas Eisenbarth Markus Kasper Timo Kasper Amir Moradi David Oswald

3 Agenda RemoteAccess Control with KeeLoq Contactless Smartcards with 3DES Contactless Payments with Mifare Classic Positive Applications of SCA: Watermarking Conclusions & Auxiliary Stuff 3

4 Remote Access Control with KeeLoq 4

5 KeeLoq Introduction to Remote Keyless Entry (RKE) Systems Phase1 Analysis & Frustration Phase2 Breakthrough & Euphoria Phase 3 Optimization & Routine 7

6 KeeLoq IntroductiontoRemote to Keyless Entry (RKE) Systems Phase1 Analysis & Frustration Phase2 Breakthrough & Euphorie Phase 3 Optimization & Routine 8

7 Remote Keyless Entry Systems 9

8 Modern Keyless Entry Systems advancedtheftcontrol: control: rolling code code = e k (n i ) rolling code (or hopping code) protects against replay attacks: 1. code = e k (n) 2. code = e k (n+1) 3. code = e k (n+2). e k () is often a block cipher 11

9 Popular Remote Keyless Entry Cipher: KeeLoq KeeLoq is used in rolling code mode or in a challenge-response protocol widely used for garage doors in US & Europe Wikipedia (?): Chrysler, Daewoo, Fiat, GM, Honda, Toyota, Volvo, Jaguar,... Q: How secure is KeeLoq? 13

10 KeeLoq Introduction to Remote Keyless Entry (RKE) Systems Phase 1 Analysis & Frustration Phase2 Breakthrough & Euphoria Phase 3 Optimization & Routine 20

11 KeeLoq + Side Channel Attacks Our thoughts ht ca (mostly correct) Great target for real world ld attack 23 Old cipher Implementation probably also 10+ years old SCA countermeasures very unlikely Running DPA or SPA should be a piece of cake (a few weeks)

12 Power Analysis of a Remote Control? secret tkey of remote control (HCS XXX Chip)! 26

13 Performing the Side Channel Attack 1. Find a suited predictable intermediate value in the cipher 2. Measure thepower consumption 3. Align and reduce size of acquired data 4. Correlate measurements with model 29

14 KeeLoq Algorithm State Register, y NLF XOR Key Register, k bit key, 32 bit block length NLFSR comprising a 5x1 non linear function Simple key management: key is rotated in every clock cycle 528 rounds, each round one key bit is read Lightweight cipher cheap and efficient in hardware

15 KeeLoq Attack State Register, y NLF XOR Key Register, k knowing the state directly reveals one key bit per clock cycle

16 Performing the Side Channel Attack 1. Find a suited predictable intermediate value in the cipher 2. Measure thepower consumption 3. Align and reduce size of acquired data 4. Correlate measurements with model 34

17 Measuring the Power Consumption Digital oscilloscope (max. 1 GS/s sample rate) Measure electric current or electromagnetic field 35

18 Power Trace of a remote control: Finding the KEELOQ Encryption write EEPROM KEELOQ send hopping code press button 36

19 Performing the Side Channel Attack 1. Find a suited predictable intermediate value in the cipher 2. Measure thepower consumption 3. Align and reduce size of acquired data 4. Correlate measurements with model 39

20 Performing the Side Channel Attack Recovery Key Correlatereal l power consumption I i with predicted value D = f (X i, K h ) Divide and conquer approach Best matching key candidates survive Correlation round 40

21 KeeLoq Introduction to Remote Keyless Entry (RKE) Systems Phase1 Analysis & Frustration Phase 2 Breakthrough & Euphoria Phase 3 Optimization & Routine 42

22 15 months later 43

23 Side Channel Attack Results for KeeLoq A) Hardware implementation ti ( car key ) Total attack time (for known device family): 5 30 traces, minutes 44 B) Software implementation ( car door ) Total attack time (for known device family): traces, hours reveals Manufacturer Key for ALL key derivation modes

24 So what can we do now (1)? 1. If we have access to a remote: Recover Device Key and clone the remote 2. If we have access to a receiver: Recover Manufacturer Key & generate new remotes 46

25 So what can we do now (2)? 3. After step 2 ( i.e., possessing the Manufacturer Key): Remotely eavesdrop on 1-2 communications & clone remote! #ser, KeeLoq(n+1) 49 works for all key derivation schemes instantly tl for key derivation from serial number otherwise use PC (short seed) or COPACOBANA (long seed)

26 KeeLoq Introduction to Remote Keyless Entry (RKE) Systems Phase 1 Analysis& Frustration Phase 2 Breakthrough & Euphoria Phase 3 Optimization & Routine

27 After the Attack 3 reactions from industry 1. Companies ignore us (many) 2. Companies hate us (also (l popular) 3. Companies want to improve their products with us (few) 56

28 Since 2008 We analyze several KeeLoq products All are breakable But efforts for manufacturing key recovery varies from hours weeks We gain much experience and start to improve 57

29 Software DPA: needs 1000s of Measurements Correlation for DPA decreases with #rounds (bad) Durationof one round seems to be dependent on input Duration of one round seems to be dependent on input good for SPA!

30 SPA Attack against KeeLoq State Register, y NLF XOR Key Register, k knowing the state directly reveals one key bit per clock cycle Analyzing variations of the state t will reveal the secret key

31 KeeLoq Decryption Program Code Data dependent code Data dependent code in red

32 SPA by CrossCorrelation CrossCorrelation Reference Pattern

33 KeeLoq and SPA: What can we do now? Manufacturing key recovery with 1 single power trace No need to profile the leakage (unlike template attacks) Countermeasure: fix execution time of rounds But: Better alignment of traces will make DPA easier Further details: our Africacrypt `09 paper Important lesson Do not educate your attacker, i.e., build rock solid systems from the beginning 63

34 Contactless Payments with Mifare Classic 66

35 Case Study contactless payments: Let s investigate one large scale system! contactless employee ID card, e.g., of a large corporate enterprise more than 1 million users according to the manufacturer payments (max. 150 ), access control, recording of working time, Based on Mifare Classic 1K chip 68

36 Mifare Classic and its Security 69

37 MifareClassic 1K more than1 billion cards used worldwide, e.g, for public transport basically a (contactless) memory card with encryption, cheap ( 0,50 ) each card contains a factory programmed, read only Unique Identifier (UID) access to each sector can be secured with two cryptographic keys A and B UID Key A, sector 0 Key B, sector 0 Key A, sector 15 Key B, sector 15 70

38 Security Issues of Mifare Classic 1. Weak Cipher proprietary stream cipher CRYPTO1 kept secret until 2007 reverse engineering small cipher state, weak non linear functions cipher published on the Internet (CRAPTO1) researchers instantly reveal severe flaws 72

39 Security Issues of Mifare Classic 2. Weak Random Number Generator generates 32 bit nonces n X and responses a X for the authentication entropy: obviously only 16 bit instead of possible 32 bit randomness dependsonlyon d thetime elapsed since power up! AUTH (sector) n C n R a R a C 73

40 Security Issues of Mifare Classic 3. Weak Implementation / Protocol bad practice: keystream bits reused paritycalculated l over plaintextinstead li i d of actually transmitted ddata bug/feature: cardreplieswith replies 4 encryptedbits (NACK = 0x05), if the parity bits for the encrypted n R a R are correct, but a R is wrong * can be used as covert channel to recover parts of the keystream 74 *) guess parity bits: 1 out of 2 8 tries will be successful

41 Analyzing a Real World Contactless Payment System 77

42 Special RFID Tools Special Reader: Precisecontrolof control of the timing (accuracy: 75 ns) FIX the the card s random nonce to exactly one value! Fake Tag: Can completely emulate any ISO14443 transponder (e.g., Mifare cards) including an arbitrary UID 78

43 Our Combined Attack differential attack to extract tthe 1 st secret key 2. nested authentication attack for the remaining keys! card nonce fixed to exactly one value! crack all keys of a Mifare 1K card in < 10 Min

44 Analysis of the ID Card 1/2 test our attack on one ID Card extraction of all secret keys try ID Card of another employee card contains the same keys try ID Card of a third employee card contains the same keys... Surprising discovery: All ID Cards have identical keys! 80

45 Analysis of the ID Card 2/2 1. one time extraction of the secret keysofany y ID Card duration: < 10 minutes 2. reverse engineer engineer the card s content (repeated pay and compare and ) card number: integrity ensured with XOR checksum(uid&card number) credit balance: in plain w/o any protection other data: date of card issuance, last payment terminal, 3. knowing the above: wireless manipulating of all cards in the sstem system from cm (depending on antenna) duration: milliseconds (!) 81

46 Impersonation: Duplicate an ID Card read out relevant data in 100 milliseconds from a distance copy content of victim s ID Card to blank Mifare Classic (ebay: < 0,50 ) card number and credit balance remain unchanged* pay with a duplicate of a card that is known to the system 82 *) note: funny XOR checkbyte has to be adapted

47 Impersonation: Increase Credit Balance + top up the credit balance of the cloned card or: restore previous content when money is used up financial losses for the payment institution (money is used that has never been paid into the system) 83

48 Impersonation: Wireless Pickpocketing + attacker in addition lowers the credit on the victim s card advantage: difficult to detect (no additional money in the system) losses only on the side of the victims, fraud not noticed dby the payment institution 84

49 Selling Pre Charged Cards dump the content of a valid ID Card to a PC generate new card number and write to new (blank) card optionally: modify credit balance sell thecards (or top up service: pay 1 get 3 ) 85 poor issuing institution, rich criminal

50 Denial Of Service cards can be manipulated unnoticed by the owners disguised reader, e.g., neara a waiting line at the cashdesk automatically sets credit of any card in its proximity to 0 (in 40 ms) financial losses for the concerned customers ; no direct damage but image loss and cost for customer service for the issuing institution 86

51 Distributed All You Can Eat disguised reader, this time charges cards of victims will you complain about a 100 voucher? in court: can you be sued for s.o. else charging your card? very high losses for the issuing institution / happy customer 87

52 Emulate an arbitrary ID Card 88 NFC mobile ID Card may stay in wallet when paying electronic emulation of an arbitrary card is possible generate a new UID, card number, and credit balance for each payment detection/countermeasures difficult (blacklisting i impossible) ibl high losses for the issuing institution

53 Real World Tests with the ID Card Contactless Payment System Clone ID Cards (note: duplicates, except for the UID) can payments be carried out with clones?! UID not checked! Modify the credit balances of the clones are payments with counterfeit money possible?! If shadow accounts exist, they are not used! Production of new cards (new card number etc.) can we pay with arbitrary generated cards? obviously bi no effective measures in the back end! 91

54 Summary of the Analyses most efficient practical card only attack on Mifare to date successful attacks on a real world system: wirelessly manipulate any ID Card in milliseconds! worstrealization realization of a contactless payment system ever unfortunately this is not a single occurence realization on the system level does matter, mistakes can become very painful for the issuing institution system integrators: please check your systems, ask any cryptographer for help 92

55 Intermezzo Aha. Mifare Classic is insecure. I ve heard about these 3DES contactless cards! let s exchange the cards of our payment system & make the same errors (identical keys ) Good idea? 98

56 SCA on secure Contactless Smartcards using 3DES 99

57 RFID Side Channel Measurement: Mutual Authentication Protocol Measure EMemanation? Reader: Send protocol value X Smartcard: Encrypt X with 3DES Strong EM field of RFID hinders straightforward DEMA 103

58 Measurement Setup 104

59 Measurement Setup ISO14443 compatible Freely Programmable Low Cost (< 40 ) 105

60 Measurement Setup 1 GS/s, 128 MB Memory ± 100 mv USB 2.0 Interface 106

61 Measurement Setup Aim: Reduce Carrier Wave Influence vs. EM leakage Reader of smartcard 107

62 Side Channel Analysis Step 1: Raw measurements 110

63 EM Trace (without analogue filter) 111

64 EM Trace (without analogue filter) 112

65 EM Trace (without analogue filter)? 113 Christof Paar,

66 Side Channel Analysis Step 2: Analogue filter 114

67 Carrier Dampening from contactless tl card after subtraction from reader s oscillator 115

68 EM Trace (with analogue filter) 116

69 EM Trace (with analogue filter) 117

70 EM Trace (with analogue filter)? 118

71 Side Channel Analysis Step 3: Digital Demodulation 119

72 Digital Demodulation Digital Demodulator Rectifier Digital Filter 120

73 Digital Demodulation 121

74 Digital Demodulation?! 122 Christof Paar,

75 Side Channel Analysis Step 4: Alignment 123

76 Alignment Pick Reference Pattern 124

77 Alignment Pick Reference Pattern 125

78 Alignment 126

79 Alignment Varies for identical Plaintext 127

80 Side Channel Analysis Step 5: Location of 3DES (Profiling with ihfixed, known key) 128

81 Data Bus Locate Plain & Ciphertext Transfer 129

82 Data Bus DPA: Plaintext 8 Bit Hamming Weight (5000 traces) 130

83 Data Bus DPA: Ciphertext 8 Bit Hamming Weight (5000 traces) 131

84 Trace Overview... Other processing Plaintext 3DES Ciphertext 132

85 Assumptions?! C 3DES?! 133

86 Side Channel Analysis Step 6: Attack 134

87 3DES Engine DPA But: Only for S Box 1 & 3 136

88 3DES Engine DPA: Peak Extraction 137

89 3DES Engine DPA: Peak Extraction 138

90 3DES Engine DPA: Binwise 139

91 3DES Engine DPA: Binwise Apply DPA binwise 140

92 DES Full Key Recovery 143

93 Summary Measurement Setup built Profiling done Dt Data Bus revealed ld Full 3DES key revealed 144

94 Conclusion Aha. Mifare Classic is insecure. I ve heard about these 3DES contactless cards! let s exchange the cards of our payment system & make the same errors (identical keys ) Good idea? NO. 145

95 SCA is so destructive. Can t we find some positive use? 147

96 Side Channel based Watermarks for IP Protection 150

97 Motivation: IP Cores (Intellectual Property) 152 Hardware blocksfor certain functions (e.g., CPUs, coders ) Increased re use of previous implementations Partsof the development can be bought from another party Faster and cheaper hardware design

98 Motivation: IP Cores+ Security? Copyright violations of IP cores IP cores may have embedded Trojans 153

99 The question we want to solve: Is our IP core in there? (Did they pay the $0,10 royality?) 154

100 Watermarks Classical watermark Digital watermark Goal: Impossible to forge Goal: Impossible to remove 155

101 Watermarking for IP protection Goals of IP watermarking: 1. Detectability: The owner can detect whether or not his code is used in an IC. 2. Non repudiation: The owner can prove towards a third party that his code was used in an IC. Possible attacks on IP watermarking: 1. Removing attack: The attacker removes the watermark from his IC design. 2. Impersonation attack: The attacker tries to detect a watermark in a foreign design and claims that this watermark is his own. 156

102 A side channel based watermark Main idea of a side channel based watermark: Insertan artificial side channel into the IP core This side channel leaks out a unique ID IP owner can check ICs for their unique ID IP owner can proof copyright violations Our spread spectrum based watermark, based on side channel hardware Trojan from CHES

103 Spread spectrum based watermarks Two Components that are added to the IP core: 1. A PRNG that generates a pseudo-random bit sequence 2. A Leakage Circuit (LC) that is attached to the PRNG and that leaks out the bitstream 158

104 Detecting a spread spectrum based watermark 1. Measure a single long power trace ofthe targeted device 2. From this power trace derive exactly one power value p i for each of the n measured clock cycles. (e.g. by averaging the points of one clock cycle) 3. Compute the expected watermarking bit stream B=b 1,,b n 4. Generate different Hypotheses H i by shifting the bit stream B: H 1 =b 1,,b n H 2 =b 2,,b n,b 1 5. Correlate the Hypotheses H i with the power values P=p 1,,p n 6. If the un shifted bit stream (H 1 ) generates a significant correlation peak, the watermark is embedded in the targeted device. 159

105 Practical results Implemented: A 1 st order DPA resistant it taes implementation with an embedded spread spectrum watermark. Device: Xilinx Virtex 2 PRO XC2VP7 5 24MHz 160

106 Practical results The used PRNG: A 32 bit LFSR with X 32 +X 22 +X 2 +X 1 and a fixed initial state. The used Leakage Circuit: 16 bit Shift Register initialized with 0xAAAA shifted only if output of the PRNG is 1 161

107 Measurements Correlation for clock cycles while the AES implementation was idle. Correlation for clock cycles while the AES implementation was constantly running. 162

108 Conclusions & Auxiliary Stuff 163

109 Conclusions Experience from real world ld attacks are veryvaluable for the scientific community Real world impact of (physical) attacks sometimes hard to assess Evolution of physical attacks are an interesting (and scary) phenomenon Is there a metric for measuring the hardness of physical attacks?

110 Related Workshops SECSI Secure Component and Systems Identification April 2010, Cologne, Germany CHES Cryptographic Hardware and Embedded Systems August 2010, UCSB escar Embedded Security in Cars November 2010

111 Post Doc Position in Embedded Security U Bochum Work on theoreticalti and/or practical aspect s of physical attacks 1+ year position Full scientific position, great working atmosphere Please contact Christof Paar,

112 and yet another textbook on Cryptography Hopefully helpful for people without PhD`s in mathematics Quite comprehensive

Horst Görtz Institute for IT-Security

Horst Görtz Institute for IT-Security Horst Görtz Institute for IT-Security On the Vulnerability of FPGA Bitstream Encryption against Power Analysis Attacks Extracting Keys from Xilinx Virtex-II FPGAs Amir Moradi, Alessandro Barenghi, Timo

More information

All You Can Eat. Breaking a Real-World Contactless Payment System

All You Can Eat. Breaking a Real-World Contactless Payment System All You Can Eat or Breaking a Real-World Contactless Payment System Timo Kasper, Michael Silbermann, and Christof Paar Horst Görtz Institute for IT Security, Ruhr-University Bochum, Germany {Timo.Kasper,

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Srdjan Čapkun (joint work with Aurélien Francillon, Boris Danev) 1 Agenda 1. Overview of Car Key Systems 2. Previous Attacks: In

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS 2011) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ)

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS 2011) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ) Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS ) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ) Wednesday System Security April Group 6, 1 Agenda 1. Overview of Car

More information

Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart. OV-Chipkaart Security Issues Tutorial for Non-Expert Readers

Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart. OV-Chipkaart Security Issues Tutorial for Non-Expert Readers Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart OV-Chipkaart Security Issues Tutorial for Non-Expert Readers The current debate concerning the OV-Chipkaart security was

More information

Side Channel Analysis and Embedded Systems Impact and Countermeasures

Side Channel Analysis and Embedded Systems Impact and Countermeasures Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Agenda Advances in Embedded Systems Security From USB stick to game console Current attacks Cryptographic devices Side

More information

RFID Penetration Tests when the truth is stranger than fiction

RFID Penetration Tests when the truth is stranger than fiction RFID Penetration Tests when the truth is stranger than fiction Dr. Tomáš Rosa, tomas.rosa@rb.cz Raiffeisenbank, a.s. Agenda Technology overview Physical layer of LF and HF bands The Unique ID phenomenon

More information

Hacking Mifare Classic Cards. Márcio Almeida (marcioalma@gmail.com)

Hacking Mifare Classic Cards. Márcio Almeida (marcioalma@gmail.com) Hacking Mifare Classic Cards Márcio Almeida (marcioalma@gmail.com) !! DISCLAIMERS!! Disclaimer 1: The content of this presentation results from independent research conducted by me on my own time and of

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Aurélien Francillon, Boris Danev, Srdjan Čapkun 1 Modern Cars Evolution Increasing amount of electronics in cars For convenience

More information

Using RFID Techniques for a Universal Identification Device

Using RFID Techniques for a Universal Identification Device Using RFID Techniques for a Universal Identification Device Roman Zharinov, Ulia Trifonova, Alexey Gorin Saint-Petersburg State University of Aerospace Instrumentation Saint-Petersburg, Russia {roman,

More information

Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion

Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion By Kerry Maletsky, Business Unit Director Crypto Products Summary There is a growing need for strong hardware security devices

More information

Applying Remote Side-Channel Analysis Attacks on a Security-enabled NFC Tag

Applying Remote Side-Channel Analysis Attacks on a Security-enabled NFC Tag Applying Remote Side-Channel Analysis Attacks on a Security-enabled NFC Tag Thomas Korak Thomas Plos Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology,

More information

CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Secret Key Cryptography (I) 1 Introductory Remarks Roadmap Feistel Cipher DES AES Introduction

More information

Security in Near Field Communication (NFC)

Security in Near Field Communication (NFC) Security in Near Field Communication (NFC) Strengths and Weaknesses Ernst Haselsteiner and Klemens Breitfuß Philips Semiconductors Mikronweg 1, 8101 Gratkorn, Austria ernst.haselsteiner@philips.com klemens.breitfuss@philips.com

More information

Karsten Nohl University of Virginia. Henryk Plötz HU Berlin

Karsten Nohl University of Virginia. Henryk Plötz HU Berlin Karsten Nohl University of Virginia Henryk Plötz HU Berlin Radio Frequency IDentification Tiny computer chips Passively Powered Karsten Nohl, Henryk Plötz - RFID Security 2 Constant monitoring is already

More information

The Misuse of RC4 in Microsoft Word and Excel

The Misuse of RC4 in Microsoft Word and Excel The Misuse of RC4 in Microsoft Word and Excel Hongjun Wu Institute for Infocomm Research, Singapore hongjun@i2r.a-star.edu.sg Abstract. In this report, we point out a serious security flaw in Microsoft

More information

MIFARE CONTACTLESS CARD TECHNOLOLGY AN HID WHITE PAPER

MIFARE CONTACTLESS CARD TECHNOLOLGY AN HID WHITE PAPER MIFARE CONTACTLESS CARD TECHNOLOLGY AN HID WHITE PAPER GENERAL The MIFARE contactless smart card and MIFARE card reader/writer were developed to handle payment transactions for public transportation systems.

More information

PUF Physical Unclonable Functions

PUF Physical Unclonable Functions Physical Unclonable Functions Protecting next-generation Smart Card ICs with SRAM-based s The use of Smart Card ICs has become more widespread, having expanded from historical banking and telecommunication

More information

Advancements in Wireless Access-Control Security. By Vivien Delport Director of Applications. And

Advancements in Wireless Access-Control Security. By Vivien Delport Director of Applications. And Advancements in Wireless Access-Control Security By Vivien Delport Director of Applications And Cristian Toma Applications Engineer Security, Microcontroller & Technology Development Division Microchip

More information

Chip Card & Security ICs Mifare NRG SLE 66R35

Chip Card & Security ICs Mifare NRG SLE 66R35 Chip Card & Security ICs Mifare NRG Intelligent 1 Kbyte Memory Chip with Interface for Contactless Transmission according to the Mifare -System Short Product Information April 2007 Short Product Information

More information

Secure My-d TM and Mifare TM RFID reader system by using a security access module Erich Englbrecht (info@eonline.de) V0.1draft

Secure My-d TM and Mifare TM RFID reader system by using a security access module Erich Englbrecht (info@eonline.de) V0.1draft Application Report Secure My-d TM and Mifare TM RFID reader system by using a security access module Erich Englbrecht (info@eonline.de) V0.1draft Embedded RF ABSTRACT This application report describes

More information

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code

More information

Gemalto Mifare 1K Datasheet

Gemalto Mifare 1K Datasheet Gemalto Mifare 1K Datasheet Contents 1. Overview...3 1.1 User convenience and speed...3 1.2 Security...3 1.3 Anticollision...3 2. Gemalto Mifare Features...4 2.1 Compatibility with norms...4 2.2 Electrical...4

More information

Privacy and Security in library RFID Issues, Practices and Architecture

Privacy and Security in library RFID Issues, Practices and Architecture Privacy and Security in library RFID Issues, Practices and Architecture David Molnar and David Wagner University of California, Berkeley CCS '04 October 2004 Overview Motivation RFID Background Library

More information

Security & Chip Card ICs SLE 44R35S / Mifare

Security & Chip Card ICs SLE 44R35S / Mifare Security & Chip Card ICs SLE 44R35S / Mifare Intelligent 1 Kbyte EEPROM with Interface for Contactless Transmission, Security Logic and Anticollision according to the MIFARE -System Short Product Info

More information

Authentication requirement Authentication function MAC Hash function Security of

Authentication requirement Authentication function MAC Hash function Security of UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy

More information

Enova X-Wall LX Frequently Asked Questions

Enova X-Wall LX Frequently Asked Questions Enova X-Wall LX Frequently Asked Questions Q: What is X-Wall LX? A: X-Wall LX is the third generation of Enova real-time hard drive cryptographic gateway ASIC (Application Specific Integrated Circuit)

More information

Pervasive Computing und. Informationssicherheit

Pervasive Computing und. Informationssicherheit Pervasive Computing und 11. Symposium on Privacy and Security Rüschlikon, 13. September 2006 Prof. Christof Paar European Competence Center for IT Security www.crypto.rub.de Contents 1. Pervasive Computing

More information

Client Server Registration Protocol

Client Server Registration Protocol Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

More information

Information Security Group (ISG) Core Research Areas. The ISG Smart Card Centre. From Smart Cards to NFC Smart Phone Security

Information Security Group (ISG) Core Research Areas. The ISG Smart Card Centre. From Smart Cards to NFC Smart Phone Security Information Security Group (ISG) From Smart Cards to NFC Smart Phone Security Information Security Group Activities Prof. Keith and Mayes Research From the Information Security Group ACE-CSR at Royal Holloway

More information

Security testing of hardware product

Security testing of hardware product Alain MERLE CESTI LETI CEA Grenoble Alain.merle@cea.fr Security testing of hardware product DCIS/SASTI/CESTI 1 Abstract «What are you doing in ITSEFs?» Testing, Security testing, Attacks, Evaluations,

More information

Mobile Electronic Payments

Mobile Electronic Payments Chapter 7 Mobile Electronic Payments 7.1 Rationale and Motivation Mobile electronic payments are rapidly becoming a reality. There is no doubt that users of mobile phones are willing and even asking to

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 3: Block ciphers and DES Ion Petre Department of IT, Åbo Akademi University January 17, 2012 1 Data Encryption Standard

More information

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards January 2007 Developed by: Smart Card Alliance Identity Council RF-Enabled Applications and Technology:

More information

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or

More information

Guide to Data Field Encryption

Guide to Data Field Encryption Guide to Data Field Encryption Contents Introduction 2 Common Concepts and Glossary 3 Encryption 3 Data Field Encryption 3 Cryptography 3 Keys and Key Management 5 Secure Cryptographic Device 7 Considerations

More information

Cryptographic Rights Management of FPGA Intellectual Property Cores

Cryptographic Rights Management of FPGA Intellectual Property Cores Cryptographic Rights Management of FPGA Intellectual Property Cores Tom Kean Algotronix Ltd. PO Box 23116 Edinburgh EH8 8YB United Kingdom tom@algotronix.com ABSTRACT As the capacity of FPGA s increases

More information

RFID Security. April 10, 2006. Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark

RFID Security. April 10, 2006. Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark April 10, 2006 Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark 1 Outline What is RFID RFID usage Security threats Threat examples Protection Schemes for

More information

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT Subject Code Department Semester : Network Security : XCS593 : MSc SE : Nineth Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT Part A (2 marks) 1. What are the various layers of an OSI reference

More information

Designing a Secure Client-Server System Master of Science Thesis in the Programme Software Engineering & Technology

Designing a Secure Client-Server System Master of Science Thesis in the Programme Software Engineering & Technology Designing a Secure Client-Server System Master of Science Thesis in the Programme Software Engineering & Technology FREDRIK ANDERSSON Department of Computer Science and Engineering CHALMERS UNIVERSITY

More information

Network Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2002): 15 Wireless LAN Security 1 Dr.-Ing G.

Network Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2002): 15 Wireless LAN Security 1 Dr.-Ing G. Network Security Chapter 15 Security of Wireless Local Area Networks Network Security WS 2002: 15 Wireless LAN Security 1 IEEE 802.11 IEEE 802.11 standardizes medium access control MAC and physical characteristics

More information

Hardware Trojans Detection Methods Julien FRANCQ

Hardware Trojans Detection Methods Julien FRANCQ DEFENDING WORLD SECURITY Hardware Trojans Detection Methods Julien FRANCQ 2013, December the 12th Outline c 2013 CASSIDIAN CYBERSECURITY - All rights reserved TRUDEVICE 2013, December the 12th Page 2 /

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 9: Authentication protocols, digital signatures Ion Petre Department of IT, Åbo Akademi University 1 Overview of

More information

SPINS: Security Protocols for Sensor Networks

SPINS: Security Protocols for Sensor Networks SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, J.D. Tygar, Victor Wen, and David Culler Department of Electrical Engineering & Computer Sciences, University of California

More information

Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards

Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards White Paper Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards By Dr. Wen-Ping Ying, Director of Software Development, February 2002 Introduction Wireless LAN networking allows the

More information

SY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.

SY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped

More information

Security and Authentication Primer

Security and Authentication Primer Security and Authentication Primer Manfred Jantscher and Peter H. Cole Auto-ID Labs White Paper WP-HARDWARE-025 Mr. Manfred Jantscher Visiting Master Student, School of Electrical and Electronics Engineering,

More information

The Data Encryption Standard (DES)

The Data Encryption Standard (DES) The Data Encryption Standard (DES) As mentioned earlier there are two main types of cryptography in use today - symmetric or secret key cryptography and asymmetric or public key cryptography. Symmetric

More information

Chapter 6 CDMA/802.11i

Chapter 6 CDMA/802.11i Chapter 6 CDMA/802.11i IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Some material copyright 1996-2012 J.F Kurose and K.W. Ross,

More information

Credit Card Fraud The Contactless Generation Kristin Paget

Credit Card Fraud The Contactless Generation Kristin Paget Credit Card Fraud The Contactless Generation Kristin Paget Chief Hacker, Recursion Ventures kris@recursion.com @KrisPaget WHAT'S COMING UP? Contactless payments What is EMV? How does NFC fit in? Threat

More information

A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags

A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags Sarah Abughazalah, Konstantinos Markantonakis, and Keith Mayes Smart Card Centre-Information Security Group (SCC-ISG) Royal Holloway,

More information

Security (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012

Security (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012 Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret

More information

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security fs@wpi.edu

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security fs@wpi.edu Introduction to WiFi Security Frank Sweetser WPI Network Operations and Security fs@wpi.edu Why should I care? Or, more formally what are the risks? Unauthorized connections Stealing bandwidth Attacks

More information

AES1. Ultra-Compact Advanced Encryption Standard Core. General Description. Base Core Features. Symbol. Applications

AES1. Ultra-Compact Advanced Encryption Standard Core. General Description. Base Core Features. Symbol. Applications General Description The AES core implements Rijndael encoding and decoding in compliance with the NIST Advanced Encryption Standard. Basic core is very small (start at 800 Actel tiles). Enhanced versions

More information

Lightweight Cryptography. Lappeenranta University of Technology

Lightweight Cryptography. Lappeenranta University of Technology Lightweight Cryptography Dr Pekka Jäppinen Lappeenranta University of Technology Outline Background What is lightweight Metrics Chip area Performance Implementation tradeoffs Current situation Conclusions

More information

Wireless LAN Security Mechanisms

Wireless LAN Security Mechanisms Wireless LAN Security Mechanisms Jingan Xu, Andreas Mitschele-Thiel Technical University of Ilmenau, Integrated Hard- and Software Systems Group jingan.xu@tu-ilmenau.de, mitsch@tu-ilmenau.de Abstract.

More information

A PERFORMANCE EVALUATION OF COMMON ENCRYPTION TECHNIQUES WITH SECURE WATERMARK SYSTEM (SWS)

A PERFORMANCE EVALUATION OF COMMON ENCRYPTION TECHNIQUES WITH SECURE WATERMARK SYSTEM (SWS) A PERFORMANCE EVALUATION OF COMMON ENCRYPTION TECHNIQUES WITH SECURE WATERMARK SYSTEM (SWS) Ashraf Odeh 1, Shadi R.Masadeh 2, Ahmad Azzazi 3 1 Computer Information Systems Department, Isra University,

More information

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the

More information

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS MODULE 13 ELECTRONIC COMMERCE OBJECTIVE QUESTIONS There are 4 alternative answers to each question. One of them is correct. Pick the correct answer. Do not guess. A key is given at the end of the module

More information

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions July, 2006 Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked

More information

More effective protection for your access control system with end-to-end security

More effective protection for your access control system with end-to-end security More effective protection for your access control system with end-to-end security By Jeroen Harmsen The first article on end-to-end security appeared as long ago as 1981. The principle originated in ICT

More information

Combining Mifare Card and agsxmpp to Construct a Secure Instant Messaging Software

Combining Mifare Card and agsxmpp to Construct a Secure Instant Messaging Software Combining Mifare Card and agsxmpp to Construct a Secure Instant Messaging Software Ya Ling Huang, Chung Huang Yang Graduate Institute of Information & Computer Education, National Kaohsiung Normal University

More information

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July 2006. The OWASP Foundation http://www.owasp.org/ Common Pitfalls in Cryptography for Software Developers OWASP AppSec Israel July 2006 Shay Zalalichin, CISSP AppSec Division Manager, Comsec Consulting shayz@comsecglobal.com Copyright 2006 - The OWASP

More information

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

More information

GSM Sniffing. Karsten Nohl, Sylvain Munaut,

GSM Sniffing. Karsten Nohl, Sylvain Munaut, GSM Sniffing Karsten Nohl, nohl@srlabs.de Sylvain Munaut, 246tnt@gmail.com GSM networks are victim and source of attacks on user privacy SS7 Phone Base station GSM backend network User database (HLR) Attack

More information

IronKey Data Encryption Methods

IronKey Data Encryption Methods IronKey Data Encryption Methods An IronKey Technical Brief November 2007 Information Depth:Technical Introduction IronKey is dedicated to building the world s most secure fl ash drives. Our dedication

More information

An Example of Mobile Forensics

An Example of Mobile Forensics An Example of Mobile Forensics Kelvin Hilton K319 kchilton@staffsacuk k.c.hilton@staffs.ac.uk www.soc.staffs.ac.uk/kch1 Objectives The sources of evidence The subscriber The mobile station The network

More information

Network Security Technology Network Management

Network Security Technology Network Management COMPUTER NETWORKS Network Security Technology Network Management Source Encryption E(K,P) Decryption D(K,C) Destination The author of these slides is Dr. Mark Pullen of George Mason University. Permission

More information

Rfid Authentication Protocol for security and privacy Maintenance in Cloud Based Employee Management System

Rfid Authentication Protocol for security and privacy Maintenance in Cloud Based Employee Management System Rfid Authentication Protocol for security and privacy Maintenance in Cloud Based Employee Management System ArchanaThange Post Graduate Student, DKGOI s COE, Swami Chincholi, Maharashtra, India archanathange7575@gmail.com,

More information

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions

More information

A Note on the Relay Attacks on e-passports

A Note on the Relay Attacks on e-passports A Note on the Relay Attacks on e-passports The Case of Czech e-passports Martin Hlaváč 1 and Tomáš Rosa 1,2 hlavm1am@artax.karlin.mff.cuni.cz and trosa@ebanka.cz 1 Department of Algebra, Charles University

More information

Technical Article. NFiC: a new, economical way to make a device NFC-compliant. Prashant Dekate

Technical Article. NFiC: a new, economical way to make a device NFC-compliant. Prashant Dekate Technical NFiC: a new, economical way to make a device NFC-compliant Prashant Dekate NFiC: a new, economical way to make a device NFC-compliant Prashant Dekate The installed base of devices with Near Field

More information

RELEASE NOTES. Table of Contents. Scope of the Document. [Latest Official] ADYTON Release 2.12.9 - corrections. ADYTON Release 2.12.

RELEASE NOTES. Table of Contents. Scope of the Document. [Latest Official] ADYTON Release 2.12.9 - corrections. ADYTON Release 2.12. Table of Contents Scope of the Document... 1 [Latest Official] ADYTON Release 2.12.9... 1 ADYTON Release 2.12.4... 1 ADYTON Release 2.9.3... 3 ADYTON Release 2.7.7... 3 ADYTON Release 2.6.2... 4 ADYTON

More information

Introducing etoken. What is etoken?

Introducing etoken. What is etoken? Introducing etoken Nirit Bear September 2002 What is etoken? Small & portable reader-less Smartcard Standard USB connectivity Logical and physical protection Tamper evident (vs. tamper proof) Water resistant

More information

Network Security. Chapter 3 Symmetric Cryptography. Symmetric Encryption. Modes of Encryption. Symmetric Block Ciphers - Modes of Encryption ECB (1)

Network Security. Chapter 3 Symmetric Cryptography. Symmetric Encryption. Modes of Encryption. Symmetric Block Ciphers - Modes of Encryption ECB (1) Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Network Security Chapter 3 Symmetric Cryptography General Description Modes of ion Data ion Standard (DES)

More information

Attestation and Authentication Protocols Using the TPM

Attestation and Authentication Protocols Using the TPM Attestation and Authentication Protocols Using the TPM Ariel Segall June 21, 2011 Approved for Public Release: 11-2876. Distribution Unlimited. c 2011. All Rights Reserved. (1/28) Motivation Almost all

More information

Failures of secret-key cryptography. D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven. http://xkcd.

Failures of secret-key cryptography. D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven. http://xkcd. Failures of secret-key cryptography D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven http://xkcd.com/538/ 2011 Grigg Gutmann: In the past 15 years no one ever lost

More information

Mobile and Contactless Payment Security

Mobile and Contactless Payment Security Mobile and Contactless Payment Security v20111118 1/842 High Street East Kew 3102 Melbourne Australia Ph: +61 3 9846 2751 Fax: +61 3 9857 0350 Rambla de Catalunya 38, 8 planta 08007 Barcelona Spain Ph.

More information

Logitech Advanced 2.4 GHz Technology

Logitech Advanced 2.4 GHz Technology Logitech Advanced 2.4 GHz Technology Revision 1.1H March 2, 2009 TABLE OF CONTENTS 1 INTRODUCTION... 3 2 SYSTEM OVERVIEW... 4 2.1 NETWORK TOPOLOGY...4 2.2 MAIN FEATURES...4 3 ASSOCIATION MODEL... 5 4 ENCRYPTION...

More information

Error oracle attacks and CBC encryption. Chris Mitchell ISG, RHUL http://www.isg.rhul.ac.uk/~cjm

Error oracle attacks and CBC encryption. Chris Mitchell ISG, RHUL http://www.isg.rhul.ac.uk/~cjm Error oracle attacks and CBC encryption Chris Mitchell ISG, RHUL http://www.isg.rhul.ac.uk/~cjm Agenda 1. Introduction 2. CBC mode 3. Error oracles 4. Example 1 5. Example 2 6. Example 3 7. Stream ciphers

More information

Developing and Investigation of a New Technique Combining Message Authentication and Encryption

Developing and Investigation of a New Technique Combining Message Authentication and Encryption Developing and Investigation of a New Technique Combining Message Authentication and Encryption Eyas El-Qawasmeh and Saleem Masadeh Computer Science Dept. Jordan University for Science and Technology P.O.

More information

802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com

802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security (WEP, WPA\WPA2) 19/05/2009 Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security Standard: WEP Wired Equivalent Privacy The packets are encrypted, before sent, with a Secret Key

More information

Secure recharge of disposable RFID tickets

Secure recharge of disposable RFID tickets Secure recharge of disposable RFID tickets Riccardo Focardi Flaminia Luccio Università Ca Foscari, Venezia {focardi,luccio}@unive.it FAST 2011 15-16 September 2011, Leuven FAST 2011 ()Secure recharge of

More information

MovieLabs Specification for Enhanced Content Protection Version 1.0

MovieLabs Specification for Enhanced Content Protection Version 1.0 MovieLabs Specification for Enhanced Content Protection Version 1.0 Introduction Digital content distribution technologies are evolving and advancing at a rapid pace. Content creators are using these technologies

More information

MF1 IC S50. 1. General description. Functional specification. 1.1 Contactless Energy and Data Transfer. 1.2 Anticollision. Energy

MF1 IC S50. 1. General description. Functional specification. 1.1 Contactless Energy and Data Transfer. 1.2 Anticollision. Energy Rev. 5.2 15 January 2007 Product data sheet 001052 PUBLIC 1. General description NXP has developed the Mifare to be used in contactess smart cards according to ISO/IEC 14443A. The communication layer (

More information

SECURITY IN LOW RESOURCE ENVIRONMENTS

SECURITY IN LOW RESOURCE ENVIRONMENTS SECURITY IN LOW RESOURCE ENVIRONMENTS SECURERF WHITE PAPER The discovery of a decades old technology is now promoted by many as the Next Big Thing. This discovery, Radio Frequency Identification (RFID),

More information

Keep Out of My Passport: Access Control Mechanisms in E-passports

Keep Out of My Passport: Access Control Mechanisms in E-passports Keep Out of My Passport: Access Control Mechanisms in E-passports Ivo Pooters June 15, 2008 Abstract Nowadays, over 40 different countries issue biometric passports to increase security on there borders.

More information

6.857 Computer and Network Security Fall Term, 1997 Lecture 4 : 16 September 1997 Lecturer: Ron Rivest Scribe: Michelle Goldberg 1 Conditionally Secure Cryptography Conditionally (or computationally) secure

More information

Scalable RFID Security Protocols supporting Tag Ownership Transfer

Scalable RFID Security Protocols supporting Tag Ownership Transfer Scalable RFID Security Protocols supporting Tag Ownership Transfer Boyeon Song a,1, Chris J. Mitchell a,1 a Information Security Group, Royal Holloway, University of London, Egham, Surrey, TW20 0EX, UK

More information

Chapter 3. Network Domain Security

Chapter 3. Network Domain Security Communication System Security, Chapter 3, Draft, L.D. Chen and G. Gong, 2008 1 Chapter 3. Network Domain Security A network can be considered as the physical resource for a communication system. This chapter

More information

Authentication. Computer Security. Authentication of People. High Quality Key. process of reliably verifying identity verification techniques

Authentication. Computer Security. Authentication of People. High Quality Key. process of reliably verifying identity verification techniques Computer Security process of reliably verifying identity verification techniques what you know (eg., passwords, crypto key) what you have (eg., keycards, embedded crypto) what you are (eg., biometric information)

More information

USB Portable Storage Device: Security Problem Definition Summary

USB Portable Storage Device: Security Problem Definition Summary USB Portable Storage Device: Security Problem Definition Summary Introduction The USB Portable Storage Device (hereafter referred to as the device or the TOE ) is a portable storage device that provides

More information

My Arduino can beat up your hotel room lock. - Cody Brocious

My Arduino can beat up your hotel room lock. - Cody Brocious My Arduino can beat up your hotel room lock - Cody Brocious Intro This talk is all about the Onity HT lock system for hotels Over 4 million locks are installed in hotels On the market since 1993 Every

More information

Mobile Devices and Systems Lesson 04 Smart Systems Labels, RFID and tokens

Mobile Devices and Systems Lesson 04 Smart Systems Labels, RFID and tokens Mobile Devices and Systems Lesson 04 Smart Systems Labels, RFID and tokens Oxford University Press 2007. All rights reserved. 1 Smart systems Smart Labels Smart labels RFID Smart tokens Oxford University

More information

Breaking the Security of Physical Devices

Breaking the Security of Physical Devices Breaking the Security of Physical Devices Dr Silvio Cesare Qualys 1 Introduction Electronics, computers, mobile phones, microcontrollers are ubiquitous devices in the world we live in. These devices, previously

More information

Exercise 1: Set up the Environment

Exercise 1: Set up the Environment RFID Lab Gildas Avoine, 2014 Contact: gildas.avoine@irisa.fr Objective: Learn how much it is easy to read contactless tags, possibly simulate/clone. Requirement: Hardware: Reader SCL3711 or ACR122, Reader

More information

Krypto för mobila system

Krypto för mobila system Inst för Elektro- och Informationsteknik Lunds Universitet Box 118, 221 00 Lund Internetdagarna 2009 Introduction Communication standards for mobile systems: GSM, UMTS (3G), 4G, Bluetooth, WiMax, WLAN,...

More information

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash

More information

CS 758: Cryptography / Network Security

CS 758: Cryptography / Network Security CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html

More information

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security? 7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk

More information