logging in or signing up Network Security: Smart Card Presentation elhussenkaz Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 710 Category: Science & Tech.. License: Some Rights Reserved Like it (0) Dislike it (0) Added: December 13, 2010 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript CRYPTOGRAPHICALGORITHMS IN SMART CARDS : CRYPTOGRAPHICALGORITHMS IN SMART CARDS By MUKTAR HUSSAINI G1012757 Agenda : Agenda Introduction History of Smart Card Smart Cards Applications Types of Cards Cryptographic Capabilities of Smart Cards Cryptographic Algorithms in Smart Cards Implementation Analysis of the result Conclusion References Introduction : Introduction The security services offered by a smart card often include both data encryption and public key operations. Securities mechanisms consist in smart cards have made them the widely employed security hardware in communication, digital verification and financial applications History of Smart Card : History of Smart Card In the 1950s, charge card company Diners Club produced the first card to use for financial payments. The company used a synthetic material called . In 1968, German electrical engineer Jürgen Dethloff (1916 to 1981) and his colleague Helmut Grötrupp applied for the first ICC-related patents, which was finally approved in 1982. Kunitaka Arimura of Japan and Roland Moreno of France followed in 1970 and 1974, respectively. It was not until 1977 that the smart card began to be mass-produced. In 1984, the smart card reached a milestone when the French Postal and Telecommunications services (PTT) successfully tested ATM bank cards with chips. In 1994, Europay, MasterCard and Visa came to a joint agreement on developing specifications for the use of smart cards in banking. The use of smart cards continues to grow, applied to several activities from making phone calls to ATM withdrawals. Smart Card Applications : Smart Card Applications Identity Management Ticketless Travel Loyalty Programs Building Security/Area Access Secure Network Access Information Security Healthcare Debit/Credit Card Electronic Purse Mass Transit Time and Attendance Administration Training Management Qualification Certification Distance Learning Mobile Communications Drivers License Work/Entry Permits Parking Types of Cards : Types of Cards Magnetic strip (e.g. credit cards) Electronic memory cards Microprocessor Cards Cryptographic coprocessor cards Contact and contactless smart cards Optical Memory Cards Magnetic Stripe Cards : Magnetic Stripe Cards Standard technology for bank cards, driver’s licenses, library cards, and so on…… Visual data also available in machine readable form No security of data The stripe’s storage capacity is about 1,000 bits and anyone with the appropriate read/write device can view, alter, or delete the data. Optical Cards : Optical Cards These cards can carry many megabytes of data, but the cards can only be written once and never erased with today’s technology. Uses a laser to read and write the card CANPASS Contains: Photo ID Fingerprint Memory Cards : Memory Cards Although referred to as smart cards, memory cards are typically much less expensive and much less functional than microprocessor cards. They contain erasable programmable read-only memory (EEPROM) and read-only memory (ROM), as well as some address and security logic. Can store: Financial Info Personal Info Specialized Info Cannot process Info Microprocessor Cards : Microprocessor Cards Components of this type of architecture include a central processing unit (CPU), random access memory (RAM), ROM, and EEPROM. The operating system is typically stored in ROM, the CPU uses RAM as its working memory, and most of the data is stored in EEPROM. Has an integrated circuit chip Has the ability to: Store information Carry out local processing Perform Complex Calculations Microprocessor CardsContact Smart Card : Microprocessor CardsContact Smart Card Contacts are one of the most frequent failure points in any electromechanical system due to dirt, wear, and so forth. Microprocessor CardsContactless Smart Card : Microprocessor CardsContactless Smart Card Cryptographic coprocessor Cards : Cryptographic coprocessor Cards Although these cards technically belong to the microprocessor card category, they are separated here because of differences in cost and functionality. Because the common asymmetric cryptographic algorithms of the day (such as RSA) require very large integer math calculations However, if a cryptographic coprocessor is added to the architecture, the time required for this same operation is reduced to around a few hundred microseconds. What’s in a Card? : What’s in a Card? Vcc RST CLK RFU Vpp I/O GND RFU Typical Smartcard at time of our research 8-bit CPU, 256 to 1024 bytes RAM, 3–5 Mhz clock rate, 6 – 24 KB ROM, 1 – 16 KB EEPROM Upcoming 32-bit RISC CPU, 4 Kbytes RAM, 50 Mhz clock Typical Configurations : Typical Configurations 256 bytes to 4KB RAM. 8KB to 32KB ROM. 1KB to 32KB EEPROM. Crypto-coprocessors (implementing 3DES, RSA, SHA-1, MD-5 etc., in hardware) are optional. 8-bit to 16-bit CPU. 8051 based designs are common. Rate of data communications is 9600 bits/sec, with some that achieve 115,200 bits per second (e.g. GemClub-Micro card) The price of a mid-level chip when produced in bulk is less than US$1. CRYPTOGRAPHIC CAPABILITIES OF SMART CARD : CRYPTOGRAPHIC CAPABILITIES OF SMART CARD Current state-of-the-art smart cards have sufficient cryptographic capabilities to support popular security applications and protocols such as: Smart Cards have the ability to generate RSA key pairs, this can be very slow. Smart cards support the ability to configure multiple PINs that can have different purposes. The Data Encryption Standard (DES) and triple DES are commonly found in the leading smart cards. They usually have the option to be used in a Message Authentication Code (MAC) function. Communications protocols on smart cards at the command level often have a built-in security protocol. Common hashing algorithms include SHA-1 and MD-5; but again, the low bandwidth serial connection hinders effective use of bulk hashing on the card. Implementation and Analysis of some cryptographic Cipher : Implementation and Analysis of some cryptographic Cipher Performance Analysis of Contemporary Light weight cryptographic Algorithms on a Smart Card microcontroller. Is a research conducted by Soren Rinne. (2007). Ruhr-University Bochum, Germany Cryptographic Algorithm in Smart Cards : Cryptographic Algorithm in Smart Cards The selected Ciphers are: DES Lightweight Extension (DESL) HIGHT, Scalable Encryption Algorithm (SEA) Tiny Encryption Algorithm (TEA) XTEA, Extension to TEA Advanced Encryption Standard (AES) Data Encryption Standard (DES) Extension to DES (DESX), and International Data Encryption Algorithm (IDEA) Characteristic sizes of the focused ciphers : Characteristic sizes of the focused ciphers An overview of the ciphers’ parameters is given in Table 1, ordered alphabetically. The values of SEA can be chosen, so the values that fit this implementation are given in this table. Implementation : Implementation In this analysis, representatives for both two groups was implemented. The AES, DES, DESX, and IDEA implementations represent the first group, DESL, HIGHT, SEA, TEA, and XTEA the second one. the ciphers implemented on a constrained device, a Smart Card. The used FunCard is equipped with an AVR ATmega163 which can be compared to an AVR ATmega128 embedded in wide spread pervasive devices like ubiquitous sensor networks (Mica Motes i.e.). The analysis work intended to analyze the performance of contemporary light-weight cryptography algorithms in comparison to standardized algorithms in smart cards. Analysis of the result:Memory Usage : Analysis of the result:Memory Usage Table 2, shows the memory allocation in flash memory of every cipher in ascending order. Figure 2 visualizes the values ordered by size. Rows and columns highlighted in yellow indicate our reference implementations from now on. As expected the IDEA cipher is the smallest. The next TEA followed by its successor XTEA and the SEA implementation. Analysis of the result:Memory Usage : Analysis of the result:Memory Usage Performance of encryption and decryption in measured CPU cycles : Performance of encryption and decryption in measured CPU cycles In the following performance benchmark input and output arrays are of the size of block of each cipher. That is to say that we encrypt or decrypt one block with each cipher. Table 3, shows the number of cycles for encryption and decryption for every cipher with ascending order of encryption. Analysis of the result:Performance : Analysis of the result:Performance Throughput of Encryption in bit/sec : Throughput of Encryption in bit/sec Column 2 in Table 4 and Table 5 shows the block size in bit, column 3 recapitulates the count of cycles from Table 3. Column 4 is the quotient of column 3 and 2 and column 5 shows the throughput of encryption/decryption in bit/sec. The throughput is computed by dividing the CPU clock (assuming 4 MHz) by the value in column 4. Throughput of Decryption in bit/sec : Throughput of Decryption in bit/sec Throughput of Encrypt/Decrypt in bit/sec : Throughput of Encrypt/Decrypt in bit/sec Throughput-Code size ratio of Encryption and Decryption : Throughput-Code size ratio of Encryption and Decryption Now an additional metric introduce to give consideration to both code size and throughput. The ratio of both was computed to visualize the combined metric. CONCLUSIONS : CONCLUSIONS Performance analysis of light-weight encryption algorithms on an 8-bit Smart Card microcontroller was presented.. The reference implementations of AES and IDEA won most of the rankings. Some of them did very well in the code size or cycle count ranking: the HIGHT outperforms IDEA in both performance of encryption and decryption as well as in memory allocation. Though DESL is slightly smaller than AES in code size, it has a worse performance and does not provide comparable security. The drawback is that they still have to show that they can withstand cryptanalysis over a long time. Most of them are too young to be considered secure. By contrast older ciphers like DES or the TEA variants have been deeply analyzed in the meantime. References : References History of Smart Cards http://www.ehow.com/about_5468404_history_smart_cards.html Jiri, K. (2006). Algorithms for Differential Power Analysis of the cryptographic Smart Cards. Soren, R. (2007). Performance Analysis of Contemporary Light weight cryptographic Algorithms on a Smart Card microcontroller. Ruhr-University Bochum, Germany. Ronald, W. (2001). Survey of Cryptographic Smart Cards Capabilities and Vulnerabilities. Faculty Of Informatics, Masaryk University Czech Republic THANK YOU : THANK YOU You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
Network Security: Smart Card Presentation elhussenkaz Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 710 Category: Science & Tech.. License: Some Rights Reserved Like it (0) Dislike it (0) Added: December 13, 2010 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript CRYPTOGRAPHICALGORITHMS IN SMART CARDS : CRYPTOGRAPHICALGORITHMS IN SMART CARDS By MUKTAR HUSSAINI G1012757 Agenda : Agenda Introduction History of Smart Card Smart Cards Applications Types of Cards Cryptographic Capabilities of Smart Cards Cryptographic Algorithms in Smart Cards Implementation Analysis of the result Conclusion References Introduction : Introduction The security services offered by a smart card often include both data encryption and public key operations. Securities mechanisms consist in smart cards have made them the widely employed security hardware in communication, digital verification and financial applications History of Smart Card : History of Smart Card In the 1950s, charge card company Diners Club produced the first card to use for financial payments. The company used a synthetic material called . In 1968, German electrical engineer Jürgen Dethloff (1916 to 1981) and his colleague Helmut Grötrupp applied for the first ICC-related patents, which was finally approved in 1982. Kunitaka Arimura of Japan and Roland Moreno of France followed in 1970 and 1974, respectively. It was not until 1977 that the smart card began to be mass-produced. In 1984, the smart card reached a milestone when the French Postal and Telecommunications services (PTT) successfully tested ATM bank cards with chips. In 1994, Europay, MasterCard and Visa came to a joint agreement on developing specifications for the use of smart cards in banking. The use of smart cards continues to grow, applied to several activities from making phone calls to ATM withdrawals. Smart Card Applications : Smart Card Applications Identity Management Ticketless Travel Loyalty Programs Building Security/Area Access Secure Network Access Information Security Healthcare Debit/Credit Card Electronic Purse Mass Transit Time and Attendance Administration Training Management Qualification Certification Distance Learning Mobile Communications Drivers License Work/Entry Permits Parking Types of Cards : Types of Cards Magnetic strip (e.g. credit cards) Electronic memory cards Microprocessor Cards Cryptographic coprocessor cards Contact and contactless smart cards Optical Memory Cards Magnetic Stripe Cards : Magnetic Stripe Cards Standard technology for bank cards, driver’s licenses, library cards, and so on…… Visual data also available in machine readable form No security of data The stripe’s storage capacity is about 1,000 bits and anyone with the appropriate read/write device can view, alter, or delete the data. Optical Cards : Optical Cards These cards can carry many megabytes of data, but the cards can only be written once and never erased with today’s technology. Uses a laser to read and write the card CANPASS Contains: Photo ID Fingerprint Memory Cards : Memory Cards Although referred to as smart cards, memory cards are typically much less expensive and much less functional than microprocessor cards. They contain erasable programmable read-only memory (EEPROM) and read-only memory (ROM), as well as some address and security logic. Can store: Financial Info Personal Info Specialized Info Cannot process Info Microprocessor Cards : Microprocessor Cards Components of this type of architecture include a central processing unit (CPU), random access memory (RAM), ROM, and EEPROM. The operating system is typically stored in ROM, the CPU uses RAM as its working memory, and most of the data is stored in EEPROM. Has an integrated circuit chip Has the ability to: Store information Carry out local processing Perform Complex Calculations Microprocessor CardsContact Smart Card : Microprocessor CardsContact Smart Card Contacts are one of the most frequent failure points in any electromechanical system due to dirt, wear, and so forth. Microprocessor CardsContactless Smart Card : Microprocessor CardsContactless Smart Card Cryptographic coprocessor Cards : Cryptographic coprocessor Cards Although these cards technically belong to the microprocessor card category, they are separated here because of differences in cost and functionality. Because the common asymmetric cryptographic algorithms of the day (such as RSA) require very large integer math calculations However, if a cryptographic coprocessor is added to the architecture, the time required for this same operation is reduced to around a few hundred microseconds. What’s in a Card? : What’s in a Card? Vcc RST CLK RFU Vpp I/O GND RFU Typical Smartcard at time of our research 8-bit CPU, 256 to 1024 bytes RAM, 3–5 Mhz clock rate, 6 – 24 KB ROM, 1 – 16 KB EEPROM Upcoming 32-bit RISC CPU, 4 Kbytes RAM, 50 Mhz clock Typical Configurations : Typical Configurations 256 bytes to 4KB RAM. 8KB to 32KB ROM. 1KB to 32KB EEPROM. Crypto-coprocessors (implementing 3DES, RSA, SHA-1, MD-5 etc., in hardware) are optional. 8-bit to 16-bit CPU. 8051 based designs are common. Rate of data communications is 9600 bits/sec, with some that achieve 115,200 bits per second (e.g. GemClub-Micro card) The price of a mid-level chip when produced in bulk is less than US$1. CRYPTOGRAPHIC CAPABILITIES OF SMART CARD : CRYPTOGRAPHIC CAPABILITIES OF SMART CARD Current state-of-the-art smart cards have sufficient cryptographic capabilities to support popular security applications and protocols such as: Smart Cards have the ability to generate RSA key pairs, this can be very slow. Smart cards support the ability to configure multiple PINs that can have different purposes. The Data Encryption Standard (DES) and triple DES are commonly found in the leading smart cards. They usually have the option to be used in a Message Authentication Code (MAC) function. Communications protocols on smart cards at the command level often have a built-in security protocol. Common hashing algorithms include SHA-1 and MD-5; but again, the low bandwidth serial connection hinders effective use of bulk hashing on the card. Implementation and Analysis of some cryptographic Cipher : Implementation and Analysis of some cryptographic Cipher Performance Analysis of Contemporary Light weight cryptographic Algorithms on a Smart Card microcontroller. Is a research conducted by Soren Rinne. (2007). Ruhr-University Bochum, Germany Cryptographic Algorithm in Smart Cards : Cryptographic Algorithm in Smart Cards The selected Ciphers are: DES Lightweight Extension (DESL) HIGHT, Scalable Encryption Algorithm (SEA) Tiny Encryption Algorithm (TEA) XTEA, Extension to TEA Advanced Encryption Standard (AES) Data Encryption Standard (DES) Extension to DES (DESX), and International Data Encryption Algorithm (IDEA) Characteristic sizes of the focused ciphers : Characteristic sizes of the focused ciphers An overview of the ciphers’ parameters is given in Table 1, ordered alphabetically. The values of SEA can be chosen, so the values that fit this implementation are given in this table. Implementation : Implementation In this analysis, representatives for both two groups was implemented. The AES, DES, DESX, and IDEA implementations represent the first group, DESL, HIGHT, SEA, TEA, and XTEA the second one. the ciphers implemented on a constrained device, a Smart Card. The used FunCard is equipped with an AVR ATmega163 which can be compared to an AVR ATmega128 embedded in wide spread pervasive devices like ubiquitous sensor networks (Mica Motes i.e.). The analysis work intended to analyze the performance of contemporary light-weight cryptography algorithms in comparison to standardized algorithms in smart cards. Analysis of the result:Memory Usage : Analysis of the result:Memory Usage Table 2, shows the memory allocation in flash memory of every cipher in ascending order. Figure 2 visualizes the values ordered by size. Rows and columns highlighted in yellow indicate our reference implementations from now on. As expected the IDEA cipher is the smallest. The next TEA followed by its successor XTEA and the SEA implementation. Analysis of the result:Memory Usage : Analysis of the result:Memory Usage Performance of encryption and decryption in measured CPU cycles : Performance of encryption and decryption in measured CPU cycles In the following performance benchmark input and output arrays are of the size of block of each cipher. That is to say that we encrypt or decrypt one block with each cipher. Table 3, shows the number of cycles for encryption and decryption for every cipher with ascending order of encryption. Analysis of the result:Performance : Analysis of the result:Performance Throughput of Encryption in bit/sec : Throughput of Encryption in bit/sec Column 2 in Table 4 and Table 5 shows the block size in bit, column 3 recapitulates the count of cycles from Table 3. Column 4 is the quotient of column 3 and 2 and column 5 shows the throughput of encryption/decryption in bit/sec. The throughput is computed by dividing the CPU clock (assuming 4 MHz) by the value in column 4. Throughput of Decryption in bit/sec : Throughput of Decryption in bit/sec Throughput of Encrypt/Decrypt in bit/sec : Throughput of Encrypt/Decrypt in bit/sec Throughput-Code size ratio of Encryption and Decryption : Throughput-Code size ratio of Encryption and Decryption Now an additional metric introduce to give consideration to both code size and throughput. The ratio of both was computed to visualize the combined metric. CONCLUSIONS : CONCLUSIONS Performance analysis of light-weight encryption algorithms on an 8-bit Smart Card microcontroller was presented.. The reference implementations of AES and IDEA won most of the rankings. Some of them did very well in the code size or cycle count ranking: the HIGHT outperforms IDEA in both performance of encryption and decryption as well as in memory allocation. Though DESL is slightly smaller than AES in code size, it has a worse performance and does not provide comparable security. The drawback is that they still have to show that they can withstand cryptanalysis over a long time. Most of them are too young to be considered secure. By contrast older ciphers like DES or the TEA variants have been deeply analyzed in the meantime. References : References History of Smart Cards http://www.ehow.com/about_5468404_history_smart_cards.html Jiri, K. (2006). Algorithms for Differential Power Analysis of the cryptographic Smart Cards. Soren, R. (2007). Performance Analysis of Contemporary Light weight cryptographic Algorithms on a Smart Card microcontroller. Ruhr-University Bochum, Germany. Ronald, W. (2001). Survey of Cryptographic Smart Cards Capabilities and Vulnerabilities. Faculty Of Informatics, Masaryk University Czech Republic THANK YOU : THANK YOU