Presented at
Black Hat USA 2017,
July 27, 2017, 9 a.m.
(25 minutes).
JavaCard is a subset of Java that allows applets to run securely on smartcards and has been deployed to over 15 billion devices. Its main advantage compared to competing technologies is "applet interoperability." Unfortunately, over the years, several glitches in the ecosystem became apparent, and hindered its evolution. For instance, in practice, most applets are tailored for a specific card model, while there is at least a three-year gap between the time a JavaCard specification is released, and the time features appear in products.
We argue that these inconsistencies between the JavaCard vision and practice are due to the control card vendors have over the ecosystem. Specifically, since JavaCard relies on vendors to implement the specification, this enables them to impose barriers to protect their market share. For instance, the cryptographic coprocessor is accessible only for high-level operations (e.g., ECDSA signing method), while low-level methods (e.g., ECPoint Addition) are available only in vendor-specific, proprietary APIs. Moreover, vendors often release new features of the specification in their own APIs.
In this session, we present the OpenCrypto library that enables programmers to utilize all the capabilities of JavaCards (e.g., the cryptographic coprocessor) without being bound to a specific vendor. The library realizes classes for: 1) mutable Integers, 2) Elliptic Curve Points and 3) EC Curves. Currently, these classes are either not supported at all (even though they may be listed in the JC specification, e.g., Integers), or are available only through vendor-specific APIs (e.g., ECPoint). To overcome the vendor barriers, we use a combination of low-level byte manipulation tricks and mathematical properties to reconstruct low-level arithmetic operations (e.g., integer multiplication, ECPoint Addition) from high-level crypto methods (e.g., RSA encryption). Our final library supports all the methods found in the proprietary APIs, performs almost as fast, and eliminates vendor-specific dependencies from the ecosystem.
Presenters:
-
Dan Cvrcek
- Co-founder, Enigma Bridge Ltd
Dan Cvrcek is a cryptography architect and engineer. He has extensive experience with large banking systems from operational procedures to system architectures: Swift, card payment processing, UK Faster Payments, IBM and Cryptomathic key management systems. His hardware encounters include smart cards, custom and embedded systems, and hardware security modules, from design, testing, defences to attacks, including reverse-engineering of a hidden API in Chrysalis-ITS (now SafeNet) HSM.
Dan is a PhD and associate professor with degrees from Brno University of Technology (Czech Republic 2001, 2006), post-doc at University of Cambridge (2003-2004, 2007-2008), Deloitte London (2008-2009), start-ups, freelance security consultant (2010-2016) - clients include Barclays and Deutsche Bank, founded Enigma Bridge in 2015.
-
Petr Svenda
- Security Researcher, Masaryk University
Petr Svenda is security researcher at the Masaryk University, Czech Republic. He engages in the research of key establishment protocols usable for systems with multiple parties, often with the devices significantly limited in performance capabilities and/or working in partially compromised environment, e.g., cryptographic smart cards or wireless sensor networks. He also focuses on a utilization of secure hardware in complex scenarios and the development of secure applications on such platforms.
-
Vasilios Mavroudis
- Doctoral Researcher, University College London
Vasilios Mavroudis is a doctoral researcher in the Information Security Group at University College London. He studies security and privacy aspects of digital ecosystems, with a focus on emerging technologies and previously unknown attack vectors.
His recent publication on ultrasound tracking received wide-spread attention and is considered the seminal work on the security of that ecosystem. Vasilios is currently working towards the standardization of ultrasound communications, and designs extensions of his previous attacks. Moreover, in cooperation with industrial partners, he has recently prototyped a high-assurance hardware architecture, that maintains its security properties even in the presence of malicious hardware components.
In the past, he has developed auditing tools for the Public Key Infrastructure of Deutsche Bank and participated in an international consortium studying large-scale security threats in telecommunication networks. Furthermore, he has cooperated with UC Santa Barbara in several projects, including a detection system for evasive web-malware.
Vasilios holds an Information Security MSc from UCL, and a BSc on Computer Science from University of Macedonia, Greece.
-
George Danezis
- Professor, University College London
George Danezis is a Professor of Security and Privacy Engineering at the Department of Computer Science of University College London. He has been working on anonymous communications, privacy enhancing technologies (PET), and traffic analysis since 2000. He has previously been a researcher for Microsoft Research, Cambridge; a visiting fellow at K.U.Leuven (Belgium); and a research associate at the University of Cambridge (UK), where he also completed his doctoral dissertation under the supervision of Prof. R.J. Anderson.
His theoretical contributions to the PET field include the established information theoretic metric for anonymity and pioneering the study of statistical attacks against anonymity systems. On the practical side he is one of the lead designers of the anonymous mail system Mixminion, and has worked on the traffic analysis of deployed protocols such as Tor.
His current research interests focus around smart grid privacy, peer-to-peer and social network security, as well as the application of machine learning techniques to security problems. He has published over 50 peer-reviewed scientific papers on these topics in international conferences and journals.
He was the co-program chair of ACM Computer and Communications Security Conference in 2011 and 2012, IFCA Financial Cryptography and Data Security in 2011, the Privacy Enhancing Technologies Workshop in 2005 and 2006. He sits on the PET Symposium board and he regularly serves in program committees of leading conferences in the field of privacy and security.
Links:
Similar Presentations: