============== Page 1/1 ============== Für n+1. Proceedings 23. Chaos Communication Congress Papers of the 23rd Chaos Communication Congress https://events.ccc.de/congress/2006/ 27. - 30. December 2006 Berlin, Old Europe Chaos Computer Club Lokstedter Weg 72 D-20251 Hamburg Support for conference speakers: Fuldablick 9 D-34302 Guxhagen ISBN: 978-3-934-63605-7 Logo & Cover: Antenne Layout: wetterfrosch Some rights reserved. They belong to the author of the respective paper. Except where otherwise noted, a paper is licensed under the Creative Commons Attribution-NonCommercial-NoDerivs 2.0 Germany License http://creativecommons.org/licenses/by-nc-nd/2.0/de/ You are free to copy, distribute, display, and perform the work under the following conditions: Attribution. You must attribute the work in the manner specified by the author or licensor. Noncommercial. You may not use this work for commercial purposes. No Derivative Works. You may not alter, transform, or build upon this work. For any reuse or distribution, you must make clear to others the license terms of this work. Any of these conditions can be waived if you get permission from the copyright holder. Your fair use and other rights are in no way affected by the above. This is a human-readable summary of the Legal Code: http://creativecommons.org/licenses/by-nc-nd/2.0/de/legalcode 6 Content Table of Contents SOCIETY 4+2+1 Jahre BigBrotherAwards Deutschland Eine Lesung aus dem “Schwarzbuch Datenschutz” 9 HACKING A 10GE monitoring system Hacking a 10 Gigabit Intrusion detection and prevention system into a network troubleshooting tool. 15 HACKING A Hacker’s Toolkit for RFID Emulation and Jamming 23 HACKING An Introduction to Traffic Analysis Attacks, Defences and Public Policy Issues ... 39 HACKING A not so smart card How bad security decisions can ruin a debit card design 53 SCIENCE A Probabilistic Trust Model for GnuPG A new way of evaluating a PGP web of trust by using a probabilistic trust metric 61 HACKING Building an Open Source PKI using OpenXPKI Take a lot of Perl, add some OpenSSL, sprinkle it with a few HSMs, stir, season to taste, enjoy! 67 HACKING Console Hacking 2006 Xbox 360, Playstation 3, Wii 73 HACKING Design and Implementation of an object-oriented, secure TCP/IP Stack Ethereal^W Wireshark without remote exploits - a proof of concept 79 SCIENCE Digitale Bildforensik Spuren in Digitalfotos 93 SCIENCE DVB-T - From Pixeldata to COFDM Transmission How to build a complete FPGA-based DVB-T transmitter 99 HACKING How To Design A Decent User Interface 111 Take a look at software from a user’s point of view and improve your applications SCIENCE How to squeeze more performance out of your wifi Cross-layer optimization strategies for long-range IEEE 802.11e based radio (mesh) networks SCIENCE Information Operations 131 Sector-Oriented Analysis of the Potential Impact and Possible Countermeasures 123 7 23. Chaos Communication Congress HACKING Inside VMware How VMware, VirtualPC and Parallels actually work 137 SCIENCE Kollaboratives Wissensmanagement im Bildungsbereich 145 CULTURE Nerds und Geeks zwischen Stereotyp und Subkultur Eine kulturanthropologische Untersuchung 153 HACKING On XSRF and why you should care Causes, Attacks and Countermeasures 159 SOCIETY Podjournalism The Role of Podcasting in Critical and Investigative Journalism 169 HACKIING Rootkits as Reversing Tools An Anonymous Talk 175 HACKIING Secure Network Server Programming on Unix Techniques and best practices to securely code your network server 185 HACKING Security in the cardholder data processing?! Experiences and lessons learned with the Payment Card Industry Data Security Standard 199 SCIENCE sFlow I can fell your traffic 209 SCIENCE SIP Security Status Quo and Future Issues 219 HACKING Subverting AJAX Next generation vulnerabilities in 2.0 Web Applications 225 HACKING The gift of sharing A critical approach to the notion of gift economy within the everyday life-world of free and open source software (FOSS). 235 COMMUNITY The Rise and Fall of Open Source The Million Eyeball Principle and forkbombs 8 243 SOCIETY 4+2+1 Jahre BigBrotherAwards Deutschland EINE LESUNG AUS DEM “SCHWARZBUCH DATENSCHUTZ” http://events.ccc.de/congress/2006/Fahrplan/events/1561.en.html Vorgestellt wird das “Schwarzbuch Datenschutz”, das in diesem Jahr entstanden ist: Sieben Jahre BigBrotherAwards Deutschland sind gelaufen. Was ist passiert und was bleibt übrig? Eine Rückschau auf die interessantesten Gewinner der ersten sechs Jahre, die im Buch “Schwarzbuch Datenschutz” zusammengefasst wurden, und auf die aktuellen Preisträger. Die BigBrotherAwards haben einen neuen Schwung in das Thema Datenschutz gebracht. Und keine andere Veranstaltung rund um das Thema Datenschutz genießt ein solch großes öffentliches Interesse. In Deutschland wurde der Preis mittlerweile sieben mal vergeben. Diese magische Zahl verleitet zu einem Rückblick. Die ersten sechs Jahre wurden in dem Buch “Schwarzbuch Datenschutz” zusammengefasst, aus dem viel zu hören sein wird. Es wird geklärt, wie es mit den Preisträgern weiter ging, und ob sie heute genauso schlimm sind wie damals oder ob sie ihre Politik geändert haben. Denn viele Preisträger bekamen neben dem Award auch eine Extrabehandlung. Zudem gibt es was von den aktuellen Gewinnern zu hören, die es auch faustdick hinter den Ohren haben. Die Veranstaltung ist Lesung und Performance in einem und begibt sich auf eine Zeitreise durch die letzten sieben Jahre. padeluun Rena Tangens 9 23. Chaos Communication Congress Die SchwarzbuchDatenschutz BigBrotherAwards Privacy Show Rena Tangens und padeluun (FoeBuD e.V.) "Je mehr Bürgerinnen und Bürger mit Zivilcourage ein Land hat, desto weniger Helden wird es einmal brauchen." (Franca Magnani) Das macht 'voll fett' Spaß: Rena Tangens und padeluun auf Lesereise mit ihrem Schwarzbuch über Datenschutz. Wo sich vor wenigen Jahren noch bei diesem Thema nur wenige Leute zu einem betrübten Beisammensein einfanden, füllen sich heute angesichts von Vorratsdatenspeicherung, Maut-Systemen, Kopierverboten und sonstigen Angriffen auf die Menschenwürde die Säle. Datenschutz, Privacy und Widerstand gegen Datenkraken ist zum Funsport mit ernstem Hintergrund geworden. „Datenschutz ist sexy“, proklamiert padeluun und die Damen stimmen ihm zu. Seriöser mahnt Rena Tangens, daß wir unsere Menschenrechte nicht gegen ein Linsengericht eintauschen dürfen. Der Vortrag, angereichert mit Performance-Elementen, Filmausschnitten, Bildern, Anekdoten und heftigen Apellen ans Menschlichsein reißt mit, sich aus der sonderbar sanften Umarmung des großen Bruders zu lösen und alle, die's möchten, mitzunehmen in den kühlen, belebenden Wind der Selbstverantwortung. --> 1 BigBrotherAwards dieses Jahr inklusive bundesweiter Demonstration gegen Vorratsdatenspeicherung 10 4+2+1 Jahre BigBrotherAwards Deutschland Warum BigBrotherAwards? Beim Datenschutz geht es eigentlich gar nicht um Daten, sondern um die Persönlichkeitsrechte von Menschen. Die BigBrotherAwards verfolgen Datenschutz nicht als Selbstzweck, sondern als Grundlage einer freien, sozialen, gerechten und demokratischen Gesellschaft. Die BigBrotherAwards prangern deshalb nicht nur konkrete Fälle von Datenmissbrauch oder Verletzung des Datenschutzgesetzes an, sondern nominieren auch vorausschauend, z. B. Gesetzesentwürfe oder Technologien, die gefährliche Strukturen in sich bergen. Denn es geht uns nicht darum zu zeigen, dass die Welt schlecht ist und daran sowieso nichts zu ändern ist. Sondern ganz im Gegenteil: Wir können etwas ändern. Wir wehren uns dagegen, dass unsere Demokratie „verdatet und verkauft“ wird. Wir wehren uns dagegen, dass Menschen nur noch als Marketingobjekte, als Kostenfaktor im Unternehmen, als Manövriermasse im Sozialstaat oder als potentielle Terroristen gesehen werden. Wir wünschen uns, dass die Welt zu einem lebenswerteren Ort1 wird - die BigBrotherAwards sind ein kleiner Beitrag dazu. 1 Mehr dazu siehe http://www.tangens.de/TEXTE/20jahregesamtwerk.html 11 23. Chaos Communication Congress In Deutschland arbeiten mehrere Organisationen zusammen und bilden die Jury: Rena Tangens und padeluun Verein zur Förderung des öffentlichen bewegten und unbewegten Datenverkehrs e.V. [FoeBuD] Karin Schuler Deutsche Vereinigung für Datenschutz e.V. [DVD] Frank Rosengart Chaos Computer Club e.V. [CCC] Alvar C. H. Freude Förderverein Informatik und Gesellschaft e.V. [Fitug] Werner Hülsmann Forum InformatikerInnen für Frieden und gesellschaftliche Verantwortung e.V. [FIfF] Dr. Fredrik Roggan Humanistische Union e.V. [HU] Dr. Rolf Gössner Internationale Liga für Menschenrechte [ILMR] 12 4+2+1 Jahre BigBrotherAwards Deutschland Biografisches: Rena Tangens & padeluun Rena Tangens und padeluun sind Künstler und Netzpioniere, leben in Bielefeld. 1984 gründeten sie ihr gemeinsames Kunstprojekt "Art d'Ameublement" frei nach Erik Satie. 1987 brachten sie das erste Modem auf die documenta und die ars electronica. Seit 1987 Veranstalter der monatlichen Kultur- und Technologie-Reihe 'PUBLIC DOMAIN', aus deren Besucherinnen und Besuchern sich der FoeBuD e.V. gründete. 1988 als artist in residence in Kanada auf Einladung des Canada Council. Ab 1989 engagiert im Aufbau der elektronischen Bürgernetze Z-NETZ und /CL sowie des Zamir Transnational Network während des Krieges in ExJugoslawien. 1990-1996 Softwaregestaltung für das MailBox-Programm ZERBERUS mit der Zielsetzung: freie Kommunikation, informationelle Selbstbestimmung und Netz als sozialer Raum. Seit 2000 recherchieren und organisieren sie die jährlichen deutschen BigBrotherAwards und sind unterwegs als Vortragsreisende in Sachen Kunst, Technik, Datenschutz, Bürgerrechte und Demokratie. Jüngste Veröffentlichung: Rena Tangens & padeluun (Hg.): "Schwarzbuch Datenschutz" Ausgezeichnete Datenkraken der BigBrotherAwards Im Buchhandel ISBN 3-89401-494-6 und im FoeBuD-Shop Verein zur Förderung des öffentlichen bewegten und unbewegten Datenverkehrs e.V. [FoeBuD] Der FoeBuD gründete sich 1987 und beschäftigt sich mit den Randgebieten der Informationstechnik. Der FoeBuD will nicht Menschen der technischen Entwicklung anpassen, sondern möchte die Technik und die sonstigen Rahmenbedingungen so gestalten, daß sie eine positive Vision der Welt von morgen ermöglichen und befördern. Der FoeBuD e.V. erhält zur Zeit eine Basisförderung der Stiftung bridge 13 23. Chaos Communication Congress Kontaktdaten: FoeBuD e.V. c/o Art d'Ameublement Marktstr. 18, D-33602 Bielefeld Tel: 0521-175254, Fax: 0521-61172, www.foebud.org Der FoeBuD e.V finanziert sich durch Spenden: Konto: 2129799 Sparkasse Bielefeld BLZ 480 501 61 OnlineSpenden unter: http://www.foebud.org/spende/ Alle Infos, alle, alles: www.BigBrotherAwards.de 14 HACKING A 10GE monitoring system HACKING A 10 GIGABIT INTRUSION DETECTION AND PREVENTION SYSTEM INTO A NETWORK TROUBLESHOOTING TOOL. http://events.ccc.de/congress/2006/Fahrplan/events/1640.en.html Capturing network packets is a valuable technique for troubleshooting network problems. Capturing at network speeds less, or up to one gigabit per second is feasible with a fast general purpose computer hardware. But that hardware is to slow for Ten gigabit per second ethernet (10GE). Hence, special hardware is required. This topic describes the modification of a commercially available 10GE networks security system, into a network analyser. Who can you trust? - Nobody, when it come to trouble-shooting network issues at an internet exchange point. An Internet Exchange (IX) operates by definition in-between different network providers. These providers are often competitors, each with their cultural and technical differences. Troubleshooting network issues at an IX involves at least three parties. Namely, the internet exchange operator and two or more ISPs. Each with its own systems, knowhow, procedures and culture. Such an environment is very different from networks were operators have control over the network components. Therefore an internet exchange operator must be able to identify and isolate network problems, without relying too much on the other parties involved, while the exchange stays in full operation. For this, the technique of passive monitoring - watching the traffic as it passes by - has proven to be extremely valuable. Passive monitoring for speeds less than 1 Gbps is possible with a fast general purpose computer and generic NICs. Numerous open source applications have been made for this. Ten gigabit per second ethernet (10GE) is another game. Special hardware is required to achieve that. The Amsterdam Internet Exchange (AMS-IX) modified Force10’s P10 system to monitor 10GE connections. This system was originally designed for security applications at 10GE wire speeds. But since it is build around programmable logic, it is possible to adapt it to a useful trouble-shooting tool. Arien Vijn Force 10 P10 IDS/IPS system AMS-IX http://www.force10networks.com/products/p-series_overview.asp http://www.ams-ix.net/ 15 23. Chaos Communication Congress 16 A 10GE monitoring system 17 23. Chaos Communication Congress 18 A 10GE monitoring system 19 23. Chaos Communication Congress Currently, work is in progress to accomodate be zeroed from the host, which is parparentheses in hardware. But it will only allow ticularly handy during troubleshooting. a limited level of nested parentheses. Each level Currently these counters can only count adds to the time the reduction network needs. frames, not frame sizes or frame rates. This time is limited to the clock cycle on which Sampling A function is added to get a ranthe data is flagged valid. This part of the work dom sample of frames at a continuously is all about finding a balance between expandadjustable frame rate to the host. This is ing expressions using software and the available useful when the exact nature of the issue resources in hardware. is unknown. Empirical analysis showed The P10 does pattern matching per octet. But that the behaviour of the card is very network analysis is also about matching one bit predictable. To avoid systematic errors a while the remaining 7 bits can be any combinapseudo random generator was added. tion. For example filtering on the multicast bit Checksums For analysing packet corruption, in a MAC address. In the original IDS code this it is essential to get the frames containing would mean 128 matching patterns. That is not corrupted packets. Please note that the so much of a problem for static rules that are frame check sum (FCS) is not helpful here given at compile time, because the synthesizer since this is calculated on egresses by its will optimise the number of gates needed. source. It would be very inefficient, if not impossible, At this point we can only calculate IPv4 to do bit-wise matching at run time. Simply checksums of IPv4 packets without opbecause the amount of resources required for tions. TCP, UDP and ICMP checksums this one operation. This has changed by adding can not easily be calculated in the backa bitmask mechanism to cover the remaining end FPGA because the end of the frame bits. is unknown there. That information got Last but not least, as layer-2 internet exchange lost in the front-end FPGA. A possible operators are mostly interested in issues at the workaround would be the usage of packet datalink layer. The original versions of the backand header length information out of the end FPGA firmware were not able to process packets it is inspecting. But that seems the first 128 bits of the ethernet frame8 . That’s a bit dodgy solution. Better and cleaner is to move the checksumming functionalbecause an IDS operates from layer-3 to 7, perity in the front-end FPGA. In there, it haps even layer-9 [5]. Hence it was not needed will also be possible to detect frame and to process the first part of the frame, although packet size mismatches. it gets presented to the back-end FPGA. This was first changed in our own firmware and is Ring buffer Sometimes it is useful to capture now an option in the stock firmware as well. frames transmitted before and/or after a certain condition was met. This is a good use of the SRAM present. However no 4.1 New Functionalities work has so far been conducted to realise this functionality. This feature would reThe functionality described so far is in essence quire a considerable rewrite of the a large not different from the original IDS/IPS system. parts of the readily available building blocks, For the purpose of network analyses a number which are briefly described in the next of new functions have been added. Section. Programmable counters Counting events is often just as useful as getting all details of each frame. So instead of triggering the 5 API match memory (see Figure 7) a counter value is raised. The counter values can All modification were possible due to the fact 8 starting from the preamble that the firmware of the back-end FPGA is ei5 20 A 10GE monitoring system ther available as source code or in binary li- We aim for a CLI application that parses libpbraries. These ’building blocks’ , commonly used cap filter expressions. That has not been refunctions (like packet processor, host interface alised yet as it is still a matter of research on and memory management) are needed to sup- what can be done in hardware and what needs port the MISD-machine. to be done in software as mentioned in 3.2. The signals of these blocks are documented to allow end users to program their own functionality. Figure 8 is visualising the position of that new function and the predefined building blocks with common functions. Currently we operate by creating a hex dump to be loaded in the registers of the back-end FPGA. Which is of course not a real user interface. memory management 7 clk valid offset block frame data front-end FPGA packet processor Monitoring via a PXC This Section is not really about the 10GE capture card itself, but rather about the way it is being utilised. capture Typically monitoring is done via the mirror port feature of ethernet switches. It copies all data from and/or to the to-be-monitored interface to a designated port. This designated port, the mirror port, connects to analyser equipment. In fact data duplication takes place ’somewhere’ in the ethernet switch. Any problem that arises after the duplication is not copied to the mirror port. Duplication also means that the bandwidth usage doubles, or in case of full duplex monitoring triples in one direction. Internal data paths might get saturated because of that fact. match memory filtered data data R/W addr. user defined functionality host interface CPLD Figure 8: User defined functionality With the description of signals skilled users, can program their own modules in Verilog [6]. That module connects to all the available signals. From there on it is up to the user how to use these signals. This user defined module gets compiled in the firmware instead of the MISD- The P10 is designed for permanent in-line use machine. But in practice, the MISD model is to protect networks. It does not have to depend followed in our own modules too. on a mirror port and that has its benefits. But putting the card in-between a to-be-monitered link requires an interruption of that link, which 6 Software is a real drawback. This work is conducted for the Amsterdam Internet Exchange (AMS-IX) [9] were all 10GE member connections are made via so-called photonic cross connects (PXCs) as shown in Figure 9a. These devices, made by Glimmerglass The user application has a curses interface to [10] connect the light out of one fiber into any show counters and to manage dynamic and static other fiber via moveable mirrors. The data does Snort rules 9 . For static Snort rules, the Xilinx not undergo any electrical conversion. ISE suite [8] is called to compile the bit code PXC devices are sort of remotely controllable for the back-end FPGA. patch panels. Changes take typically less than The software part can be divided in two pieces, the kernel modules that form the driver for the NIC and user software to manage rules. We use unmodified kernel modules. 9 20 ms plus the time connected devices require to recover from the short loss of light, which varies but is typically less than 1 second. Such Snort [7] is a software based IDS system. Its rulesyntax is used to define rules for this hardware based system. 6 21 23. Chaos Communication Congress 22 HACKING A Hacker’s Toolkit for RFID Emulation and Jamming http://events.ccc.de/congress/2006/Fahrplan/events/1597.en.html Radio Frequency Identification (RFID) tags are remotely-powered data carriers, that are often touted as a “computer of the future”, bringing intelligence to our homes and offices, optimizing our supply chains, and keeping a watchful eye on our pets, livestock, and kids. However, many RFID systems rely upon the integrity of RFID tag data for their correct functioning. It has never been so easy to interfere with RFID systems; we have built a handheld device that performs RFID tag emulation and selective RFID tag jamming (sortof like a personal RFID firewall). Our device is compatible with the ISO 15693/14443A (13.56 MHz) standards, and fits into a shirt pocket. This presentation will explain the “nuts and bolts” of how tag spoofing and selective RFID jamming work, and will conclude by demonstrating this functionality. Melanie Rieback is a Ph.D. student in Computer Systems at the Vrije Universiteit of Amsterdam, under the guidance of Andrew Tanenbaum. Most of her waking hours are spent inventing techniques that people can use to protect their privacy in an RFID-tagged world. Melanie’s research concerns the security and privacy of Radio Frequency Identification (RFID) technology, and she leads multidisciplinary research teams on RFID privacy management (RFID Guardian) and RFID security (RFID Malware) projects. Melanie’s recent work on RFID Malware has attracted worldwide attention, appearing in the New York Times, Washington Post, Reuters, UPI, de Volkskrant, Computable, Computerworld, Computer Weekly, CNN, BBC, Fox News, MSNBC, and many other print, broadcast, and online news outlets. Melanie has also served as an invited expert for RFID discussions involving both the American and Dutch governments. In a past life, Melanie also worked on the Human Genome Project at the MIT Center for Genome Research / Whitehead Institute. She was part of the public genome sequencing consortium, and is listed as a coauthor on the seminal paper ‘Initial sequencing and analysis of the human genome’, which appeared in the journal Nature. RFID Guardian Project http://www.rfidguardian.org/ ATTENTION: ALL RIGHTS OF THIS PAPER ARE RESERVED BY USENIX. THIS PAPER IS NOT LICENSED UNDER A CREATIVE COMMONS LICENSE! 23 23. Chaos Communication Congress A Platform for RFID Security and Privacy Administration Melanie R. Rieback Department of Computer Science Vrije Universiteit, Amsterdam Georgi N. Gaydadjiev Department of Computer Engineering Delft University of Technology melanie@cs.vu.nl georgi@dutepp0.et.tudelft.nl Bruno Crispo, Rutger F.H. Hofman, Andrew S. Tanenbaum Department of Computer Science Vrije Universiteit, Amsterdam {crispo, rutger, ast}@cs.vu.nl Abstract active tags contain auxiliary batteries on board. Passive LF tags (125-135 kHz) can be read up to 30 cm away, HF tags (13.56 MHz) up to 1 m away, UHF tags (2.45 GHz) up to 7 m away, and active tags up to 100 m away or more. This paper presents the design, implementation, and evaluation of the RFID Guardian, the first-ever unified platform for RFID security and privacy administration. The RFID Guardian resembles an “RFID firewall”, enabling individuals to monitor and control access to their RFID tags by combining a standard-issue RFID reader with unique RFID tag emulation capabilities. Our system provides a platform for coordinated usage of RFID security mechanisms, offering fine-grained control over RFID-based auditing, key management, access control, and authentication capabilities. We have prototyped the RFID Guardian using off-the-shelf components, and our experience has shown that active mobile devices are a valuable tool for managing the security of RFID tags in a variety of applications, including protecting low-cost tags that are unable to regulate their own usage. Figure 1: Philips I.Code RFID Tags 1 Introduction Radio Frequency Identification (RFID) tags are remotely-powered computer chips that augment everyday objects with computing capabilities. Corporate executives tout RFID technology as a technological means to achieve cost savings, efficiency gains, and unprecedented visibility into the supply chain. Scientific researchers consider RFID technology as nothing short than an embodiment of the paradigm shift towards low-cost ubiquitous computing. In both cases, RFID tags will blur the boundaries between the online and physical worlds, allowing individuals to manage hundreds of wirelessly interconnected real-world objects, like dendrites in a global digital nervous system. RFID tags may be the size of a grain of rice (or smaller), and have built-in logic (microcontroller or state machine), a coupling element (analog front end with antenna), and memory (pre-masked or EEPROM). Passive tags are powered entirely by their reading devices, while 1.1 RFID automation will bring an unfathomable barrage of new applications, forever banishing wires, grocery store cashiers, credit cards, and pocket change from our lives. RFID proponents extol its professional uses for real-time asset management and supply chain management. RFIDbased access passes help to police residential, commercial, and national borders; drivers have embraced RFIDbased retail systems like EZ-Pass, FastPass, IPass, PayPass, and SpeedPass. RFID-based “feel good” personal applications are also proliferating, from “smart” dishwashers, to interactive children’s toys, to domestic assistance facilities for the elderly. RFID tags identify lost housepets, and even keep tabs on people; the data carriers have assisted with surgeries, prevented the abduction of infants, and tracked teenagers on their way to school. Subdermal Verichips are hip accessories for patrons of 1 24 RFID Applications and Threats A Hacker’s Toolkit for RFID Emulation and Jamming 1.2 several European nightclubs, and have been less glamorously deployed for identifying deceased victims of hurricane Katrina[1]. RFID Guardian Design Goals Over the past months, we have designed and prototyped the RFID Guardian, a system that allows people to administer the security of their RFID tags. The design of the RFID Guardian was driven by the following goals, which follow from the nature of RFID applications and deployment considerations: RFID technology thus races on at a pace that surpasses our ability to control it. The same ease-of-use and pervasiveness that makes RFID technology so revolutionary offers less-then-ethical characters unprecedented opportunities for theft, covert tracking, and behavioral profiling. Without the appropriate controls, attackers can perform unauthorized tag reading and clandestine location tracking of people or objects (by correlating RFID tag “sightings”). Snooping is possible by eavesdropping on tag/reader communications. Criminals can also manipulate RFID-based systems (i.e. retail checkout systems) by either cloning RFID tags, modifying existing tag data, or by preventing RFID tags from being read in the first place. • Centralized use and management. Most existing RFID countermeasures distribute their security policies across RFID tags, which make them very hard to configure, manage, and use. To address this concern, we designed a single platform to leverage RFID countermeasures in a coordinated fashion. Personalized security policies are centrally enforced by utilizing novel RFID security features (auditing, automatic key managment, tag-reader mediation, off-tag authentication) together with existing ones (kill commands, sleep/wake modes, on-tag cryptography). Security and privacy researchers have proposed a wide array of countermeasures against these threats. The simplest solution is deactivating RFID tags; permanently (via “frying”[17], “clipping”[13], or “killing”[4]), or temporarily (using Faraday cages or sleep/wake modes[20]). Cryptographers have created new lowpower algorithms for RFID tags, including stream ciphers [6], block ciphers[5], public-key cryptographic primitives[9], and lightweight protocols for authentication [21]. Additionally, researchers have developed access control mechanisms that are located either on tag (hash locks[22] / pseudonyms[10]) or off (Blocker Tag[11], RFID Enhancer Proxy[12]). • Context-awareness. Different countermeasures have strengths and weaknesses in different application scenarios. Lowcost Electronic Product Code (EPC) tags require different access control mechanisms than expensive crypto-enabled contactless smart cards. Our system maintains both RFID-related context (i.e. RFID tags present, properties and security features, and their ownership status), as well as personal context (i.e. the user is in a non-hostile environment). Context is then used in conjunction with an Access Control List (ACL) to decide how to best protect the RFID tags in question. Despite this plethora of countermeasures, neither the threats nor the fears facing RFID have dissipated. The countermeasures have become somewhat of a band-aid that can be slapped onto RFID technology later. Some companies view these results as a desirable way to quiet down the privacy activists. Other companies in RFID standardization committees are actively fighting against adding security into RFID protocol design, because it will make their current commercial offerings obsolete. People need a solution that they can physically own and use, not one that relies upon the RFID companies to decide when privacy will become important. • Ease-of-use. People do not want to fuss with an RFID privacy device, so our system must be both physically and operationally unobtrusive. We envision that our system will be eventually integrated into a PDA or mobile phone, so users will not be burdened with carrying an extra physical device. Accordingly, the RFID Guardian uses an XScale processor and simple RFID HW (barely more complex than RFID HW already found in Nokia mobile phones). Also, system operation was designed to be non-interactive for default situations, and offers a user interface for the special cases that require on-site configuration. Another missing element is a means to coordinate the myriad of incompatible countermeasures as they trickle onto the market in a piecemeal fashion. Per-tag security policies combined with a lack of automation will form a management nightmare for people, who cannot be expected to know when or how to apply the appropriate countermeasures. There is no unified framework; no systematic means to leverage individual RFID countermeasures to achieve the most important goal of all – the protection of real people. • Real-world useability. It is essential that the RFID Guardian work with actual deployed RFID systems. We chose a single standard as a proof-of-concept, to prove the technical feasability our ideas. Our RFID Guardian implementation supports 13.56 MHz (HF) RFID, and 2 25 23. Chaos Communication Congress 2.1.1 is compatible with the ISO-15693[2] standard. This frequency and standard is used in a wide array of RFID applications, due to the availablity of relatively inexpensive commodity HW. The ideas in this paper can also be extended to other standards or frequencies, given some extra engineering effort. Scan logging audits RFID scans in the vicinity, which are either displayed (using an LCD or screen) or are logged for later retrieval. Tag emulation decodes the RFID reader queries prior to logging the 64-bit UID (tag ID), an 8-bit command code, and annotations (like a 32bit timestamp). Query data is logged by default, unless the flash memory is almost full. Audited RFID scans should be filtered to avoid overwhelming the user with uninteresting information. For example, the RFID Guardian might be configured to only log scans targeting tags “owned” by that individual (see next section). Repeatedly polled queries (like inventory queries, which ask tags in range to identify themselves) will also generate a lot of noise, so it is best to have the SW aggregate these queries (e.g. 1000x inventory query from time t1-t2). The remainder of this paper is organized as follows. Section 2 describes the RFID Guardian’s high-level functionality. Section 3 provides implementation details for our RFID Guardian prototype, and Section 4 provides a real-life case study, illustrating the operation of Selective RFID Jamming. Performance results are reported in Section 5. Section 6 presents a discussion of potential attacks, and Section 7 reviews some related work. Our discussion is then concluded in Section 8. 2 System functionality 2.1.2 The RFID Guardian (first introduced in [19]) is a portable battery-powered device that mediates interactions between RFID readers and RFID tags. The RFID Guardian leverages an on-board RFID reader combined with novel tag emulation capabilities to audit and control RFID activity, thus enforcing conformance to a centralized security policy. The vast majority of RFID readers will not explicitly interact with the RFID Guardian. Eavesdropping and clever tag emulation tactics are necessary to glean information from these readers. However, a small group of RFID readers will have special back-end SW installed, that provides them with an “awareness” of the Guardian.1 These RFID readers tend to be in familiar locations (i.e. at home, at the office), and they are intentionally granted more generous access permissions. These RFID readers may explicitly cooperate with the Guardian, sending data containing authentication messages, context updates, or secret keys. The rest of this section describes the design of the RFID Guardian, focusing on four fundamental issues: (i) auditing, (ii) key management, (iii) access control, and (iv) authentication. 2.1 Tag logging The RFID Guardian tracks RFID tag ownership and alerts individuals of newly appearing (possibly clandestine) tags. Ownership of RFID tags can be transferred explicitly via the user interface or an authenticated RFID channel (i.e. while purchasing tagged items at an RFIDenabled checkout). Ownership of RFID tags can also be transferred implicitly (i.e. when handing an RFIDtagged book to a friend.) The RFID Guardian detects implicit tag acquisition by conducting periodic RFID scans, and then correlating the tags that remain constant across time. The frequency of RFID tag discovery is adjustable. Given that not all implicit tag acquisitions are desirable, the frequency of scanning/correlation/reporting presents a tradeoff between privacy, accuracy, and battery life. Our opinion is that infrequent correlation in a controlled environment is probably the most useful and least error prone option (i.e comparing RFID tags present at home at the beginning and end of the day). 2.2 Key Management Modern RFID tags have a variety of security functionality, ranging from tag deactivation commands, to password-protected memory, to industrial-grade cryptography. These security features often require the use of associated key values, which present logistical issues because the keys must be acquired, stored, and available for use at the appropriate times. The RFID Guardian is well suited to manage RFID tag keys due to its 2-way RFID communications abilities. Tag key transfer could occur by eavesdropping on the RFID channel when a reader (for example, an Auditing The RFID Guardian monitors RFID scans and tags in its vicinity, serving as a barometer of (unauthorized) RFID activity. RFID auditing is a prerequisite for the enforcement of RFID security policies, plus it furnishes individuals with both the awareness and proof needed to take legal recourse against perpetrators of RFID abuse. 1 Even these “Guardian aware” readers still use standard RFID hard- ware and air interfaces. 3 26 Scan logging A Hacker’s Toolkit for RFID Emulation and Jamming RFID tag “deactivation station”) issues a query containing the desired key information. Additionally, “Guardian aware” RFID readers can transfer key information explicitly over a secure channel, or key values can be manually entered via the user interface. The RFID Guardian is also an appropriate medium for periodically regenerating tag keys, re-encrypting tag data[8], and refreshing tag pseudonym lists[10]. 2.3 context information can be represented via “context updates”, which are arbitrary textual strings that represent some facet of the user’s situation. Context updates could report anything. For example, an RFID reader at the front door of a person’s home might inform the RFID Guardian that it is now leaving a protected area. Context updates are provided either by user (via the user interface), or by authenticated “Guardian aware” RFID readers. Access Control 2.3.3 RFID technologists and privacy activists propose deactivating RFID tags after sale as a means of protecting consumer privacy (and corporate liability). However, if you consider that RFID tags represent the future of computing technology, this proposal becomes as absurd as permanently deactivating desktop PCs to reduce the incidence of computer viruses and phishing. Perhaps RFID tags are in fact too much like modern computers – their default behavior is to indiscriminately transfer data to anyone with compatible equipment. The hope is that modern security technologies like firewalls and proxies can be adapted, to protect hapless RFID tags from themselves via central monitoring and managing of the communications medium. 2.3.1 The RFID Guardian acts as a mediator between RFID readers and RFID tags. Just like a packet filter, the Guardian uses Selective RFID Jamming[18] to enforce access control by controlling the communications mediation. The RFID Guardian can therefore control access for low-cost RFID tags that otherwise might not have any access control primitives available to them. The RFID Guardian’s selective jamming scheme is currently optimized for ISO-15693 tags, which use the Slotted Aloha anticollision scheme (as opposed to EPCglobal’s ’tree-walking’). Selective RFID Jamming uses tag emulation to decode the incoming RFID reader query, determines if the query is permitted (according to the ACL), and then sends a short jamming signal that precisely blocks the timeslot in which the “protected” RFID tag will give its response. Coordination of security primitives The RFID Guardian maintains a centralized security policy that dictates which RFID readers have access to which RFID tags in which situations. This security policy is implemented as an Access Control List (ACL). The ACL resembles one used by a standard packet filter, that allows or denies RFID traffic based upon the querying reader (if known), the targeted tag(s), the attempted command, and the context (if any). Permitted data types in the ACL are values (i.e. 123), text strings (i.e. ’at home’, ’in a paranoid mood’), groupings (i.e. assigned groups of tags/readers/context/commands), and wildcards (123*, *). The user configures the ACL, and constructs the groups via the user interface. 2.3.2 Tag-reader mediation Figure 2: Selectively Jamming Tag # 2 There are 16 timeslots after an inventory query, so during the first round of anticollision, the jamming has a 1 in 16 chance of accidentally interfering any other RFID tag present. During each subsequent round of anticollision, the reader issues another inventory query with a slightly modified mask value, that targets a slightly narrower range of RFID tags than before. Given enough rounds of anticollision, the mask value will exclude the RFID tag(s) that are being “protected”, allowing other tags in the vicinity to get their responses heard by the RFID reader. This means that in practice, our system has Context-awareness Different situations call for different countermeasures. For example, RFID tagged credit cards require less stringent security at home than at the shopping mall. The RFID Guardian therefore offers context awareness facilities that perceive an individual’s situation and then regulate tag access accordingly. Well defined context like dates and times are easy to infer, but are marginally useful for describing a person’s situation, moods, or desires. Alternately, more abstract 4 27 23. Chaos Communication Congress Figure 3: RFID Guardian Prototype our system against commonly used RFID equipment – the Philips MIFARE/I.Code Pagoda RFID Reader, with Philips I.Code SLI (ISO-15693) RFID tags. This section will introduce the hardware and software architecture that our prototype uses to monitor and protect the RFID infrastructure. a negligible chance of blocking the incorrect RFID tag responses. This makes the RFID Guardian’s manner of selectively jamming inventory queries far less-obtrusive than the Blocker Tag’s concept of “privacy zones”[11], which block entire ranges of tag identifiers (regardless of who owns the tag.) 2.4 Authentication 3.1 Some high-cost RFID tags can directly authenticate RFID readers, but the majority of RFID tags cannot due to application constraints (i.e. cost or power). The RFID Guardian thus authenticates “Guardian aware” RFID readers on behalf of low-cost RFID tags, adapting the subsequent access control decisions to reflect the permissions of the newly-identified reader. Prior to authentication, the RFID Guardian must also exchange authentication keys with RFID Readers, either ahead of time or using on-the-fly means (ex. user interface, PKI). After the successful authentication of a reader, the RFID Guardian faces a practical problem: for noncryptographic RFID tags there is no easy way to determine which RFID queries originate from which RFID reader. The best solution would be for RFID standardization committees to add space for authentication information to the RFID air interface. However, until that happens, we are using our own imperfect solution: in the last step of authentication an RFID reader announces which queries it’s going to perform, and these queries are noted as part of an “authenticated session” when they occur. 3 The RFID Guardian hardware architecture is presented in Figure 4. Figure 4: RFID Guardian HW Architecture Our first salient design decision was to make the RFID Guardian a full-fledged portable computer. We chose a “beast” of a microcontroller – the Intel XScale PXA270 processor, with 64 megabytes of SDRAM and 16 megabytes of Flash memory. We rationalized the use of the XScale by the strict ISO-15693 timing constraints combined with the computational load of authenticating RFID readers. (Section 5 analyzes the extent to which the PXA270 is overkill.) Another benefit of the XScale processor family is its wide deployment in handheld devices, which eases eventual integration of the RFID Guardian into PDAs and mobile phones. Implementation The RFID Guardian prototype, shown in Figure 3, is meant to help people solve their RFID privacy problems in a practical way. Therefore, we have tested 5 28 Hardware A Hacker’s Toolkit for RFID Emulation and Jamming Our prototype has a minimalist User Interface (UI) at the moment – a serial RS-232 interface to the PC host, which contains an attached keyboard and screen. While this is sufficient for our proof-of-concept, we plan to add a more portable UI to the next version of the RFID Guardian HW. 3.1.1 RF Design Overview The analog part of our prototype consists of an “RFID reader” front end that uses an RFID reader-on-a-chip, and an “RFID tag” front end which required building our own custom tag emulation HW. Our reader transmitter/receiver was implemented using an ISO-15693 compliant RFID reader IC from Melexis (MLX90121)[16] together with a power stage, based on the application note AN90121 1 [15], that increases the operating range to 30 cm. Our tag receiver is based on an SA605 IC from Philips. The IC is intended for a single chip FM radio, but we used it to implement a high sensitivity AM receiver. Because our receiver is battery powered (as opposed to passively-powered RFID tags), it receives RFID reader signals up to a half meter away. Our tag transmitter implements “active” tag spoofing using an RF power stage and a dedicated digital part that generates and mixes the required sideband frequencies, 13.56 MHz +/- 423 kHz. By actively generating the sideband frequencies, we can transmit fake tag responses up to a half meter. We also use our tag transmitter as the basic HW primitive to generate the RFID Guardian’s randomized jamming signal. (This is described further in the SW section.) 3.1.2 Figure 5: Normal RFID Tag Signal carrier frequency. The comparatively tiny sidebands have approximately 90 decibels less power than the reader-generated carrier signal, and this is the reason why RFID tag responses often have such a limited transmission range. The secret to creating fake tag responses is to generate the two sideband frequencies, and use them to send back properly-encoded responses, that are synchronized with the RFID reader’s clock signal. The simplest way to generate these sidebands is to imitate an RFID tag, by turning on and off a load resistor with the correct timing. The disadvantage of this approach is that passive modulation of the reader signal will saddle our fake tag response with identical range limitations as real RFID tags (˜10 cm for our test setup). A superior alternative is to use battery power to generate the two sideband frequencies. These super-powerful sidebands are detectable at far greater distances, thus increasing the transmission range of our fake tag response. Tag Spoofing Demystified RFID readers produce an electromagnetic field that powers up RFID tags, and provides them with a reference signal (e.g. 13.56 MHz) that they can use for internal timing purposes. Once an RFID tag decodes a query from an RFID reader (using its internal circuitry), it encodes its response by turning on and off a resistor in synchronization with the reader’s clock signal. This so-called “load modulation” of the carrier signal results in two sidebands, which are tiny peaks of radio energy, just higher and lower than the carrier frequency. Tag response information is transmitted solely in these sidebands2 , rather than in the carrier signal. Figure 5 (from the RFID Handbook[6]) illustrates how these sidebands look, in relation to the reader-generated 2 Sidebands are not just an RFID-specific phenomenon – they are also commonly used to transmit information in radio and television broadcasts, long-distance voice communications, and amateur radio. Figure 6: Spoofed RFID Tag Signal 6 29 23. Chaos Communication Congress The RFID Guardian prototype utilizes the “active” tag spoofing approach. Figure 6 shows the signal generated by our tag transmitter. The spoofed “sidebands” are transmitted at a power-level roughly equal to the reader’s carrier signal. This has increased the range of our fake tag responses – from 10 cm to a half meter away! 3.2 markers (EOF, SOF, JAM), and they can also provide timing information. eCos also conveniently provides device drivers for the RS-232 “user interface”, which facilitates a connection to the user’s keyboard and screen. Protocol Stack Once the device drivers decode bytes of raw RFID data, the RFID Guardian needs to make further sense out of it; e.g. was it an RFID tag replying to an inventory query, or an RFID reader attempting to read a data block? The ability to understand RFID communications protocols is a prerequisite for making meaningful high-level security decisions (e.g. was the reader’s read command authorized?) This is why the RFID Guardian contains an implementation of Part 2 (device drivers) and Part 3 (Communications protocol) of the ISO-15693 standard. Software The RFID Guardian is like a watchdog; it sits with a cocked-ear, waiting for danger to appear. It monitors real-world activity, from unexpected RFID scans to clandestinely located tags, and reacts in real-time lest these dangers remain undetected and undeterred. The RFID Guardian’s SW architecture reflects this event-driven reality. Besides its real-time core, the Guardian’s 12694 lines of code provide device drivers (for our RFID HW), a protocol stack (ISO-15693), data storage libraries, high-level system tasks, and application libraries. The result is 254728 bytes of cross-compiled functionality dedicated to RFID security and privacy protection. The RFID Guardian presents a holistic system to users, but lurking below the surface are time-critical SW routines that require central coordination. The e-Cos RealTime Operating System (RTOS) takes the place of taskmaster; it ensures fast and reliable execution, while simplifying developers’ lives by handling threads, basic common interrupt handling, and some device drivers (i.e. RS-232 driver). e-Cos was selected primarily for its availability for the PXA270 microcontroller, but it also proved an excellent choice because it is open-source, free of licensing costs, and has an active developer community. Data Storage Once RFID communications have been interpreted, the internal state of the RFID Guardian is updated by modifying the contents of one or more data structures. Generally, this data is stored in the volatile RAM, but “permanent” data structures are cached into Flash when the processor is idle. The Journaling Flash File System (v2) manages the RFID Guardian’s Flash memory, providing filesystem-style access, offline garbage collection, balanced erasing of blocks, and crash resistance. The data structures themselves collectively reflect the high-level functionality of the RFID Guardian. Transient data structures include the tag presence list, partiallyopen authentication list, authenticated session list, context list, and timer activity list. Permanent data structures may also include the RFID scan log, access control list, reader authentication key list, tag ownership list, and tag key list. 3.2.2 3.2.3 3.2.1 Operating System Libraries A major portion of the RFID Guardian SW handles intermediate processing steps; e.g. tag spoofing requires ISO-compliant frame modulation and encoding, and scan logging requires a mechanism for caching data in the Flash memory. This section will describe the lowand medium-level libraries that support the main RFID Guardian functionality. The RFID Guardian’s high-level system tasks are little virtual pieces of functionality that take turns controlling the behavior of the system. Each task plays a different role: the tag task acts like a virtual RFID tag, and the reader task like a commodity RFID reader. The timer task is akin to a little alarm clock, that periodically goes off and spurs other system components into action. The user input task primarily relays input from the real-life user input devices to the appropriate SW handler. Each of these tasks uses a comparable software stack. A main loop at the top level waits for activity on any device, and an interrupt prompts the device driver to decode and store the frame(s). The task then invokes the appropriate high-level application routines. Device Drivers Device drivers are the steering software for the RFID Guardian’s HW. Driver pairs control the RFID tag device (tag transmitter/receiver), RFID reader device (reader transmitter/receiver), and the jamming signal (random noise generated by the tag transmitter). Device drivers can read/write bytes and RFID 7 30 Tasks A Hacker’s Toolkit for RFID Emulation and Jamming "UI" "Timer" "Tag" tag responses. This is commonly used for detecting (possibly covert) RFID tags, and activating on-tag security mechanisms, if any. "Reader" 3.2.4 Wait for tag activity Inter-Device Functionality Lots of high-level application functionality has been introduced in this paper, but little has been said about the RFID Guardian’s interactions with “Guardian aware” RFID infrastructure (introduced in section 2). RFID Guardian-Reader communications use a metalanguage that we call Guardian Language (GL), which is encapsulated in standard ISO-compliant ’read/write multiple blocks’ commands. GL uses an 8-bit Distinctive Starting Block, an 8-bit GL Command and a varying amount of Command Data. The theoretical length limit for command data is 8 kBytes, although the practical limit is 128 bytes, which is the capacity of our I.Code SLI tags. Here is how GL looks when encapsulated a ’read multiple block’ response: Read frame Receive bit pattern Parse bit pattern (i.e. ISO−15693) Activate high−level app. functionality Response: Nothing Send "tag" reply Send jamming signal Figure 7: “Tag” Task Functionality Timer Task The RFID Guardian needs to perform activities at specific times, either periodically (i.e. polling to populate the RFID tag presence list), or on a one-time basis (i.e. timing out a half-opened authentication attempt). The timer task is responsible for keeping track of scheduled activities, and multiplexing the XScale’s high-resolution timer interrupts with the corresponding actions that must occur at those times. SOF Flags DSB GLC Command Data CRC16 8 bits 8 bits 8 bits 256 bits − 64 kbits 16 bits EOF Here is a non-exhaustive list of GL commands: Initiate Authentication, Authentication Response, Key Update, Forward Query (proxy mode), Add Tag, Remove Tag, Add Reader, Remove Reader, and Context Update. GL also features non-standard configuration commands, that require some knowledge about the RFID Guardian internal setup. One caviat is that, because the RFID Guardian is emulating an RFID tag, Guardian-Reader communications are constrained by master-slave interactions. In other words, RFID readers must always initiate communications with the RFID Guardian. Designers must keep this in mind when creating interaction patterns for new RFID security and privacy functionality. User Input Task On rare occasions, users will want to explicitly interact with the RFID Guardian. They may want to configure the ACL, conduct an RFID scan, provide context data, or execute some other kind of system command. The user input task collects these commands from the cornucopia of available input devices, (i.e. RS232, keyboard/button/keypad/etc..), and reroutes them to the system components responsible for the desired highlevel functionality. Tag Task Tag emulation is one of the highlights of the RFID Guardian, being frequently used to achieve the RFID Guardian’s high-level goals – RFID scan logging, authenticating RFID readers, and spoofing one or several RFID tags. The tag task is the entity responsible for coordinating the RFID Guardian’s “tag-like” behavior. When activated by an interrupt from the tag receiver, the task calls the device driver to demodulate and decode the incoming RFID queries. This subsequently activates the aforementioned high-level functionality, if needed. 4 Case Study: Selective RFID Jamming This section will provide a step-by-step demonstration of how Selective RFID Jamming works. For demonstration purposes, we have given the RFID Guardian a minimal tag ownership list that contains only one tag (UID: 0xe0040100003b0cbd). A single entry in an equally minimal ACL prescribes blocking all tags in the ownership list: We now generate inventory queries with our Philips MIFARE/I.Code Pagoda RFID Reader, which is driven from a Windows PC interface. Initially the RFID Guardian is switched off, and the Philips Reader detects three tags in its vicinity: the one tag that is Reader Task The reader task, driven by SW requests from the timer and UI, coordinates use of the Guardian’s RFID reader-on-a-chip. The task performs specified queries, (i.e inventory, read/write data), and interprets the 8 31 23. Chaos Communication Congress Figure 8: Screenshot During Uninterrupted Query Figure 9: Screenshot During Selective RFID Jamming 9 32 A Hacker’s Toolkit for RFID Emulation and Jamming Tag ... Reader ... * Command ... * Context ... * tack modes. 5.1 Timing Constraints The RFID Guardian enforces access control decisions on the behalf of RFID tags, so real-time performance is rein our ownership list, and two unknown tags (UID: quired under both normal and hostile conditions. After 0xe0040100003b2252 and 0xe0040100003afab9). (See all, blocking a tag response after it has reached the atFigure 8 for a screenshot.) tacker is not very useful. When the RFID Guardian is enabled, the Philips In the upper time-line of Figure 10 we show the timing Reader’s inventory queries are immediately detected. constraints for an inventory request-response sequence These requests are decoded, and the RFID Guardian’s as specified by the ISO standard. Like every other internal logic determines that the query should be RFID message, the request is framed by a start-of-frame blocked. The Guardian then sends a short (ca. 350µsec) marker (SOF) and an end-of-frame marker (EOF). Bejamming signal at timeslot 13 of the inventory setween these markers, an inventory request carries bequence, since that slot corresponds to the protected tag: tween 40 (mask size is 0) and 104 (mask size is 64) data 0xe0040100003b0cbd. bits. After receiving the request EOF, the tag must wait Only the two unprotected tags are recognized by the for 320.9 µsec before starting its answer. This is the time Philips reader now, and the jamming caused a CRC error the RFID Guardian has to interpret reader requests and that is reported in the lower central pane of the reader’s respond to them. user interface (see Figure 9). The lower time-line of Figure 10 shows the measured Debug output from the RFID Guardian illustrates the performance of the RFID Guardian. After a complete processing steps, including the decision to jam at timesframe is received (SOF, data, and EOF), it needs 23 lot 13: µsec to wake up the thread that monitors the receiver 1 Request t_eof 76.877230 RFID_INVENTORY( and parses the request frame. Immediately before dis1a flags=RFID_FRAME_DATA_RATE_FLAG| patching the response frame, another 5 µsec of overhead 1b RFID_FRAME_INVENTORY_FLAG), 1c masklen=0x00,mask=0x0; is spent in firing up the transmitter. In between these 2 Inventory: t_eof 76.877230 s->SN 0 s->NbS 16 two events, the RFID Guardian has 320.9 - (23 + 5) = 3 Inventory: t_eof 76.882010 s->SN 1 s->NbS 16 4 Inventory: t_eof 76.886791 s->SN 2 s->NbS 16 292.9 µsec to consult its ACL (and supporting data struc5 Inventory: t_eof 76.888304 s->SN 3 s->NbS 16 tures) and decide whether or not to block the RFID tag 6 Inventory: t_eof 76.891568 s->SN 4 s->NbS 16 response. 7 Inventory: t_eof 76.896340 s->SN 5 s->NbS 16 How long this decision takes depends on how the 8 Inventory: t_eof 76.901120 s->SN 6 s->NbS 16 9 Inventory: t_eof 76.905893 s->SN 7 s->NbS 16 RFID Guardian’s ACL is organized. To find a coarse 10 Inventory: t_eof 76.910673 s->SN 8 s->NbS 16 upper bound on the ACL length that can be handled by 11 Inventory: t_eof 76.915446 s->SN 9 s->NbS 16 the Guardian prototype, we chose the slowest possible 12 Inventory: t_eof 76.920225 s->SN 10 s->NbS 16 implementation for the ACL: an unsorted array of UIDs 13 Inventory: t_eof 76.924999 s->SN 11 s->NbS 16 14 Inventory: t_eof 76.929778 s->SN 12 s->NbS 16 that can only be traversed sequentially to locate a specific 15 Inventory: t_eof 76.934552 s->SN 13 s->NbS 16 UID. An RFID request addressed to the last item in the 16 Inventory JAM t 76.934869 on s->SN 13 s->NbS 16 ACL was sent to the Guardian, forcing it to traverse the 16a mask len 0 mask 0x0 entire list. With 2600 entries, the Guardian was able to 17 Inventory: t_eof 76.939330 s->SN 14 s->NbS 16 18 Inventory: t_eof 76.944107 s->SN 15 s->NbS 16 respond in time. The Guardian prototype is equipped with a powerful Lines 1-1c report an Inventory request with a mask XScale processor at high clock speed, 520 MHz. To length 0, and flags indicating a 16-slot inventory sefind out if a Guardian with less processor power would quence. Lines 2 through 18 report End of Frame (EOF) still be feasible, we varied the clock speed of the XSpulses that mark the start of a new timeslot. (s->SN cale. The results are shown in Figure 11. The ACL indicates the current slot number.) Line 16-16a correlength that the Guardian could still cope with decreases sponds with timeslot 13, and it indicates the generation with clock speed, but much less than linearly. This is atof a jamming signal. tributed to two causes: memory speed goes down more slowly and in coarser steps than CPU speed; and parts of the device processing are independent of CPU speed. At 5 Performance Measurements 208 MHz, the Guardian prototype can process ACLs of This section will analyze the performance of the RFID length 1800, even with this suboptimal ACL implemenGuardian, under a variety of resource constraints and attation. 10 33 23. Chaos Communication Congress ISO 15693 time constraints RFID Guardian time constraints SOF Data EOF Waiting Time 75.52 1510.4 to 3927.04 37.76 320.9 Input Frame (SOF+Data+EOF) Overhead Max. Processing Time 1623.68 to 4040.32 23 292.9 Response SOF µs Overhead Response SOF 5 µs Figure 10: Timing constraints Of course, with a hash table instead of a linear list, vast numbers of ACLs can be searched in the available 292.9 µsec. In short, ACL length is not likely to be a problem even on a very slow XScale. would immediately alert the RFID Guardian and it would confuse the tags as well. Attacking between reader commands does not constitute a DoS vulnerability of the communication channel: it would be the same as a regular reader action. The attacker could jam the channel, of course, but then he could not read out any tags, which is the presumed reason he wants to cripple the RFID Guardian. The other potential vulnerability is the limited RFID Guardian flash memory. An attack on the flash memory may target any one of three data structures: the tag ownership list, the tag presence list, or the scan audit log. If an attacker with a battery-powered device simulated thousands of new tags in an attempt to fill up the ownership list or the current list, the RFID Guardian could warn the user about this abnormal activity. Alternatively, the DoS attacker could try to fill up the audit logs. This does not cause a loss in protection of the owner’s tags, but it certainly hampers the RFID Guardian’s auditing capabilities. The maximum rate at which requests can be launched is determined by the bandwidth of the radio channel and the minimum frame size, both of which are specified by the standard. The data rate is 26.48 kbps. The minimum frame is (SOF, 32 data bits, EOF) which takes 1.322 ms followed by a mandatory silence of 320.9 µs, which works out to a maximum of 613 requests/sec. An audit log entry contains the index of the tag being targeted, an index of the context, the command and a timestamp, which results in 2+2+1+4 = 9 bytes bytes. With 613 requests/sec, the attacker can fill up 5517 bytes of flash memory per second. The RFID Guardian prototype has 16MB of flash, of which 14MB is available for logging. Thus a maximum-speed attack would need 42 consecutive minutes of blasting away at full speed to fill the memory. Needless to say, the RFID Guardian should be sounding an alarm long before the memory begins to fill up, thus fulfilling its job of warning the user of an attack. Besides, flash memory is very cheap: another 16 MB might would add less than 2 dollars to the production cost. Max ACL size 3000 2500 2000 1500 150 300 450 CPU speed (MHz) 600 Figure 11: Maximum ACL size that can be processed at a given CPU speed 5.2 DoS Resistance Now let us consider how attackers will try to defeat the RFID Guardian. They may use malicious readers or fake tags that try to confuse or lock up the RFID Guardian, so that the tags it protects can be read anyway. The primary defense against well-known exploits like buffer overruns must be very careful programming of the RFID Guardian software, which is helped by its limited code size. Failing that, their next attack is likely to be a DoS (Denial-of-Service) attack to overload the RFID Guardian and prevent it from doing its job. Two RFID Guardian resources are obvious candidates for attack: its limited radio bandwidth and its limited memory. RFID communications always follow the master-slave pattern, where the tag (slave) must respond after a well-defined delay. Attacking during this delay is not feasible: it 11 34 A Hacker’s Toolkit for RFID Emulation and Jamming To summarize, the RFID Guardian seems immune to the DoS attacks that we can identify, either because they would also disturb regular RFID interaction, or because the RFID Guardian has enough resources to defend itself long enough to alarm its owner after the threat has continued for some while. 6 ers. However, the REP has some key differences from the RFID Guardian. The most important differences are as follows. First, the REP explicitly ”acquires” and ”releases” RFID tag activity, which the Guardian does not require. Second, the REP’s two-way communications channel is ”out-of-band,” which requires extra infrastructure. Third, the ”tag relabeling” mechanism requires RFID tags to generate random numbers (or have a sleep mode), which many of them cannot do (or do not have). Fourth, the REP is purely theoretical; in contrast the RFID Guardian has been implemented and tested. RFID tag auditing (and cloning) are supported by several devices. FoeBuD’s Data Privatizer[7] will detect RFID scans, find and read RFID tags, and copy data read to new tags. The Mark II ProxCard Cloner, by Jonathan Westhues[23] is a more general-purpose proximity-card cloner, that supports the emulation of several RFID frequencies and standards (the HW is elegant, but the SW is pending). Neither of these perform all the auditing, key management, access control, and authentication functions that the RFID Guardian does. A less sophisticated approach to privacy protection is to block scans irrespectively of their originating reader. The Blocker Tag (Juels)[11] originated the concept of ’RFID blocking’ as a form of off-tag access control. It is designed to abuse the tree-walk anticollision protocol, and RFID readers are forced to traverse the entire id namespace when trying to locate RFID tags. This approach does not analyze incoming scans, look up information in an access control list, and depending on what it finds, take action as the RFID Guardian does. Also, it has not been implemented. (A purely SW-based “soft” blocker tag has been implemented, but it expects RFID readers to self-regulate their behavior.) An active device that can detect RFID scans is the M.I.T. RFID Field Probe[14]. It is a portable device, created by Rich Redemske at MIT Auto-ID Center, that integrates an RFID tag emulator and sensor probe. The HW consists of a semi-passive tag, a power level detector, and a helper battery. The RFID field probe gives audio and visual representations of the field signal strength and signal quality. However, its function is not to protect its owner’s privacy, but as a tool to help vendors determine where on their pallets to attach the RFID tag to maximize signal strength for supply-chain management applications. Consequently, it does not have anything like our software, which is the heart of the RFID Guardian’s privacy defense. Several other RFID-based technologies support the concept of two-way RFID communications. Near Field Communications[3] is a peer-to-peer RFID-related communications technology. NFC devices can query RFID tags, and can also communicate with other NFC-enabled devices. However, NFC devices cannot talk with non- Discussion In contrast to the aforementioned Denial of Service attacks, there are a number of attacks that are successful against the RFID Guardian. The RFID Guardian faces the ’hidden station’ problem, which is a geometric problem that depends entirely upon radio ranges. However, we assume that an attacker wouldn’t be able to maintain this for long, so we only deal with the “single reader” problem in this paper. RFID readers could potentially trace the collision space, using collisions to resolve the IDs of RFID Guardian-protected protected RFID tags. We can improve this situation by adding some extra collisions, which will cause the algorithm to traverse a greater part of the ID space, making it look like more than one protected tag is present. Another weakness of the RFID Guardian is its inability to jam reader queries. Selective RFID jamming only jams tag responses – not queries. However, queries can modify an RFID tag in unauthorized ways, like performing unauthorized data writes, or tag “killing”. Other mechanisms can protect RFID tags from this, like temporary tag dectivation PETs (i.e. sleep/wake modes). However, this remains problematic for low cost RFID tags that might not support these other modes. Finally, attackers can evade RFID Guardian protection by tracking people using tags with pseudonyms. If the RFID Guardian has the pseudonym list (or PRNG seed), it can correlate the IDs, remaining aware that it is dealing with only one tag. If the RFID Guardian doesn’t have the list (or seed), it will think that it is dealing with multiple tags that are only observed once. The RFID Guardian also has trouble dealing with tags working with unknown standards/frequencies. 7 Related Work Given how great the threat of RFID technology is to privacy, it is not surprising that other researchers are also thinking about privacy defenders. Probably the closest work to ours is the RFID Enhancer Proxy[12], which shares some similarities with the RFID Guardian. The REP, too, is an active mobile device that performs RFID tag security managment, using a two-way communications channel between the REP and RFID Read12 35 23. Chaos Communication Congress Tool Name NFC Data Privatizer Blocker Tag Field Probe ProxCard Cloner RFID Enhancer Proxy RFID Guardian Tag emulation (SW)        Tag emulation (HW) Scan auditing Access control          Authentication     Implementation       Table 1: RFID Tag Emulators for Security/Privacy Tombeur, Eduard Stikvoort, and Koen Langendoen for their friendly advice and help. This work was supported by the Nederlandse Organisatie voor Wetenschappelijk Onderzoek (NWO), as project #600.065.120.03N17. More information is available at the RFID Guardian project homepage at: NFC enabled RFID readers and do not do privacy protection. Finally, the RFID countermeasures described in Section 1.1 are all complimentary to the RFID Guardian, in the sense that the RFID Guardian could leverage them as part of its framework, for helping to provide personalized access control. However, none of them are discrete devices that protect privacy. http://www.rfidguardian.org/ 8 Conclusion References If we are ever immersed in a sea of RFID chips, the RFID Guardian may provide a life raft. This battery-powered device, which could easily be integrated into a cell phone or PDA, can monitor scans and tags in its vicinity, warning the owner of active and passive snooping. It can also do key management, handle access control, and authenticate nearby RFID readers automatically, taking its context and location into account, for example, acting differently at home and on the street. Furthermore, it can manage access to tags with sensitive content using Selective Jamming. No other device in existence or proposed has all of these capabilities. The RFID Guardian thus represents a major step that will allow people to recapture some of their privacy that RFID technology is threatening to take away. However, what we have described here is only one step. We intend to further develop and improve the RFID Guardian by giving the prototype more capabilities. These capabilities include support for more frequencies and standards, improving the communication range, and simplifying the HW design. We also intend to further develop the security protocols that are needed for the authentication and key management facilities, thinking particularly about interaction requirements with the surrounding RFID infrastructure. 8.1 [1] Hold off on that chip, says thompson, http://worldnetdaily.com/news/ article.asp?ARTICLE ID=47853. [2] ISO/IEC FDIS 15693, Identification cards – contactless integrated circuit(s) cards – vicinity cards, 2001. [3] ECMA-340, Near field communication interface and protocol (nfcip-1), Dec 2004. [4] EPCglobal, 13.56 MHz ISM band class 1 radio frequency (RF) identification tag interface specification. [5] Martin Feldhofer, Sandra Dominikus, and Johannes Wolkerstorfer, Strong authentication for RFID systems using the AES algorithm, Workshop on Cryptographic Hardware and Embedded Systems, LNCS, vol. 3156, Aug 2004, pp. 357–370. [6] Klaus Finkenzeller, RFID Handbook: Fundamentals and applications in contactless smart cards and identification, John Wiley & Sons, Ltd., 2003. [7] FoeBuD, Data privatizer, Jul 2005, https: //shop.foebud.org/product info. php/cPath/30/products id/88. Acknowledgments The authors would like to thank Serge Keijser, Tim Velzeboer, Dimitris Stafylarakis, and Chen Zhang for their technical contributions. We also thank Anton [8] P. Golle, M. Jakobsson, A. Juels, and P. Syverson, Universal re-encryption for mixnets, Proceedings of the 2004 RSA Conference, 2004. 13 36 A Hacker’s Toolkit for RFID Emulation and Jamming [9] Johann Großschädle and Stefan Tillich, Design of instruction set extensions and functional units for energy-efficient public-key cryptography, Workshop on RFID and Lightweight Crypto, Jul 2005. [21] István Vajda and Levente Buttyán, Lightweight authentication protocols for low-cost RFID tags, 2nd Workshop on Security in Ubiquitous Computing, Oct 2003. [10] Ari Juels, Minimalist cryptography for low-cost RFID tags, The Fourth International Conf. on Security in Communication Networks, LNCS, SpringerVerlag, September 2004. [22] Stephen Weis, Sanjay Sarma, Ronald Rivest, and Daniel Engels, Security and privacy aspects of lowcost radio frequency identification systems, Security in Pervasive Computing, LNCS, vol. 2802, 2004, pp. 201–212. [11] Ari Juels, Ronald L. Rivest, and Michael Szydlo, The blocker tag: Selective blocking of RFID tags for consumer privacy, Proceedings of the 10th ACM Conference on Computer and Communications Security, ACM Press, 2003. [23] Jonathan Westhues, For anything: proxmarkii, Dec 2005, http://cq.cx/proxmarkii.pl. [12] Ari Juels, Paul Syverson, and Dan Bailey, Highpower proxies for enhancing RFID privacy and utility, Proc. of the 5th Workshop on Privacy Enhancing Technologies, 2005. [13] Günter Karjoth and Paul Moskowitz, Disabling RFID tags with visible confirmation: Clipped tags are silenced, Workshop on Privacy in the Electronic Society, Nov 2005. [14] Rick Lingle, MIT’s economical RFID field probe, Packaging World (2005). [15] Melexis, Application Note: A power booster for MLX90121, 001 ed., Apr 2004, http://www. melexis.com. [16] Melexis, MLX90121: 13.56MHz RFID transceiver, 006 ed., Dec 2005, http://www.melexis. com. [17] Minime and Mahajivana, RFID Zapper, 22nd Chaos Communication Congress (22C3), Dec 2005. [18] Melanie R. Rieback, Bruno Crispo, and Andrew S. Tanenbaum, Keep on blockin’ in the free world: Personal access control for low-cost RFID tags, Proc. 13th Cambridge Workshop on Security Protocols, Apr 2005. [19] , RFID guardian: A battery-powered mobile device for RFID privacy management, Proc. 10th Australasian Conf. on Information Security and Privacy (ACISP 2005), LNCS, vol. 3574, Springer-Verlag, July 2005, pp. 184–194. [20] Sarah Spiekermann and Oliver Berthold, Maintaining privacy in RFID enabled environments – proposal for a disable-model, Workshop on Security and Privacy, Conf. on Pervasive Computing, Apr 2004. 14 37 HACKING An Introduction to Traffic Analysis ATTACKS, DEFENCES AND PUBLIC POLICY ISSUES ... http://events.ccc.de/congress/2006/Fahrplan/events/1478.en.html This talk will present an overview of traffic analysis techniques, and how they can be used to extract data from ‘secure’ systems. We will consider both state of the art attacks in the academic literature, but also practical attacks against fielded systems. A lot of traditional computer security has focused on protecting the content of communications by insuring confidentiality, integrity or availability. Yet the meta data associated with it - the sender, the receiver, the time and length of messages - also contains important information in itself. It can also be used to quickly select targets for further surveillance, and extract information about communications content. Such traffic analysis techniques have been used in the closed military communities for a while but their systematic study is an emerging field in the open security community. George Danezis, B.A, M.A (Cantab), Ph.D, is a anonymity designer, and traffic analysis enthusiast. He is post-doctoral visiting fellow at the Cosic group, K.U.Leuven, in Flanders, Belgium. He has been researching anonymous communications, privacy enhancing technologies, and traffic analysis for the last 6 years, at K.U.Leuven and the University of Cambridge, where he completed his doctoral dissertation. His theoretical contributions to the PET field include the established information theoretic metric for anonymity and the study of statistical attacks against mix systems. On the practical side he is one of the lead designers of Mixminion, the next generation remailer, and has worked on the traffic analysis of deployed protocols such as SSL and Tor. He was the co-chair of the Privacy Enhancing Technologies Workshop in 2005 and 2006, he serves on the PET workshop board and has participated in multiple conference and workshop program committees in the privacy and security field. 39 23. Chaos Communication Congress Introducing Traffic Analysis Attacks, Defences and Public Policy Issues. . . (Invited Talk) George Danezis K.U. Leuven, ESAT/COSIC, Kasteelpark Arenberg 10, B-3001 Leuven-Heverlee, Belgium. George.Danezis@esat.kuleuven.be Abstract. A lot of traditional computer security has focused on protecting the content of communications by insuring confidentiality, integrity or availability. Yet the meta data associated with it – the sender, the receiver, the time and length of messages – also contains important information in itself. It can also be used to quickly select targets for further surveillance, and extract information about communications content. Such traffic analysis techniques have been used in the closed military communities for a while but their systematic study is an emerging field in the open security community. This talk will present an overview of traffic analysis techniques, and how they can be used to extract data from ‘secure’ systems. “Traffic analysis, not cryptanalysis, is the backbone of communications intelligence.” — Susan Landau and Whitfield Diffie. 1 Introduction The field of computer security was first studied, often in secretive organizations, to guarantee properties of interest to the military. Since then the open research community has made astounding advances, focusing more and more on the security needs of commercial circles and, since the advent of computers and networks in the home, private individuals and civil society. Still, there is a field, or better described as a set of tools and techniques that are largely underrepresented in the open security research community: the field of traffic analysis. While a rich literature exists about securing the confidentiality, integrity and availability of communication content, very little has been done to look at the information leaked, and minimizing this leak, from communication traffic data. Traffic data comprises the time and duration of a communication, the detailed shape of the communication streams, the identities of the parties communicating, and their location. The knowledge of what ‘typical’ communication patterns might look like can also be used to infer information about an observed communication. 40 An Introduction to Traffic Analysis The civilian infrastructures, on which state and economic actors are increasingly reliant, is more and more vulnerable to such attacks: wireless and GSM telephony are replacing traditional systems, routing is transparent and protocols are overlayed over others – giving the attackers plenty of opportunity to observe, and take advantage of such traffic data. Concretely attackers can make use of this information to gather strategic intelligence, or to attack particular security protocols, and violate traditional security properties. In this short introduction we shall highlight the key issues around traffic analysis. We shall start with its military roots and present defenses the military have used against it. Then we shall provide an overview of the research literature on attacks and defenses in contemporary networks. Finally we shall discuss some policy issues relating to the retention of traffic data. 2 Military Roots Traffic analysis is a key part of signal intelligence and electronic warfare. Michael Hermann, who has served as chair of the UK Joint Intelligence Committee, in his book ‘Intelligence Power in Peace and War’ [16] describes the value of extracting data from non-textual (to be understood as ‘not content’) sources: These non-textual techniques can establish targets’ locations, orderof-battle and movement. Even when messages are not being deciphered, traffic analysis of the target’s C3I system and its patterns of behavior provides indications of his intentions and states of mind, in rather the same way as a neurologist develops insights about a silent patient by studying EEG traces from the brain. Traffic analysis was used in military circles even before the invention of wireless communications. Anderson in his book [3] mentions that in the trench warfare of World War I, the earth returns of the telegraph communication of the enemy was used to extract information up to a few hundred yards away from the transmitting station. Traffic analysis though became an extremely potent source of intelligence when wireless communication became popular, particularly in naval and air operations. Ships at see had to balance the value of communicating against the threat of being detected via direction finding if they transmit. When transmitting strict standards, governing call-signs and communication, had to be adhered too in order to minimize the information that traffic analysis could provide. Another example of traffic analysis providing valuable intelligence (by Herman [16]) is the reconstruction of the structure of the network structure of the German Air Force radio in 1941 by the British, confirming that a unit was composed of nine and not twelve planes. This allowed a more accurate estimate of the total strength of their opponent. Identification of radio equipment can also be used to detect accurate movements of units: each transmitter has characteristics such as the unintentional frequency modulations, the shape of the transmitter turn-on signal transient, the precise center of frequency modulation, etc that 41 23. Chaos Communication Congress provide a fingerprint, that can be detected and used to track the device (Similar techniques can be used to identify GSM phones [3]). Back in World War Two radio operators became vary skilled at recognizing the ‘hand’ of other operators, i.e. the characteristic way in which they type Morse code, which in turn was used as a crude unit identification method (until operators are swapped around!). Why is traffic analysis so valuable? It provides lower quality information compared with cryptanalysis, but it is both easier and cheaper to extract and process. It is easier because ciphers need considerable effort to break (when they break at all). It is cheaper because traffic data can be automatically collected and processed to provide high level intelligence. Computers can clear traffic data and map out structures and locations, while a skilled human operator needs to listen to every radio transmission (often in a foreign language) to extract intelligence. For this reason traffic analysis is often used to perform ‘target selection’ for further intelligence gathering (such as more intensive and expensive surveillance), jamming or destruction. Given the enormous amount of communication and information in public networks we can expect these ‘economics of surveillance’ to be ever more relevant and applicable. Sigint is an arms race, and many low probability of intercept and position fix communication methods have been devised by the military to minimize exposure to traffic analysis and jamming (a key reference here is Anderson [3]).Their principles are rather simple: scanning many frequencies can only be done at some maximal rate and a lot of power is necessary to jam a wide part of the frequency spectrum. Therefore the first technique used to evade interception, and foil jamming was frequency hopping, now also used in commercial GSM communications. Alice and Bob share a key that determines for each time period the frequency at which they will transmit. Eve on the other hand does not know the key and has to observe or jam the whole chunk of the frequency spectrum that may be used. In practice hopping is cheap and easy to implement, makes it difficult to jam the signal (given that the hop frequency if high enough), but is not very good at hiding the fact that communication is taking place. It is used for tactical battlefield communications, where the adversary is unlikely to have very large jammers at hand. Direct sequence spread spectrum transforms a high power low bandwidth signal into a high bandwidth low power signal, using a key that has to be shared between Alice and Bob. It is easy for them to extract the signal back, using their key, but an adversary will have to try to extract it from the noise, a difficult task given its low power (that is often under the noise floor). DSSS has also inspired commercial communications and is now used in ADSL and cable modems as CDMA. Its key problem is synchronization, and the availability of a reference signal (like GPS) is of great help when implementing such systems. The final technique in the arsenal against interception is burst communication. The key idea behind these is that the communication is done in a very short burst to minimize the probability the adversary is looking at the particular frequency at the time. A cute variant of this is meteor scatter communications, that use the ionization trail of small meteorites hitting the atmosphere to bounce 42 An Introduction to Traffic Analysis transmission between special forces troops in the field and a base station. Meteor scatter can also be used in civilian life when low bandwidth, high latency but very low cost and high availability communications are required. 3 Contemporary Computer and Communications Security The Internet is no open war, yet there is a lot of potential for conflict in it. We shall see how traffic analysis techniques can be used to attack secured systems, extract potentially useful information, and be used to censor (the equivalent of jamming) or abuse and spam (the equivalent of deception) systems. We shall also outline the key defense strategies one can use on the Internet to foil these attacks – and draw the parallels but also differences with the military world. The key difference to keep in mind when studying civilian traffic analysis research is that the attackers have fewer means. It is not military powers, with large budgets and the ability to intercept most communications that worry us, but it is commercial entities, local governments, law enforcement, criminal organizations but also terrorist networks that have become the adversary. For that reason research has focused on attacks and solutions that can be deployed at low cost, and provide tangible tactical benefits (a pass phrase, a record of web accesses, . . . ). Yet lately some work is developing on how traffic analysis can be of use to law enforcement, but also how one can evade from routine surveillance, which integrate a more strategic outlook. So what can we do if we are not allowed to look at the plaintext contents? 3.1 The Traffic Analysis of SSH The secure shell protocol allows users to log in remote terminals in a secure fashion. It does this by performing authentication using a pass-phrase and a public keyring, and subsequently encrypts all information transmitted or received, guaranteeing its confidentiality and integrity. One would think that any subsequent password entry (that might be required to log in to further remote services), over an SSH connection, should be safe. Song et al. [29] show that there is a lot of information still leaking. In interactive mode SSH transmits every key stroke as a packet. The timing between the key strokes can be used to trivially reveal information about the password lengths. More advanced techniques, using hidden Markov models, can be used to extract further information from inter-packet timing and lower the entropy of the passwords, to make guessing them easier. Some further details include the extraction of a user’s password using another user to build a profile, showing that there are similarities that can be exploited between users. The information one can extract using another user’s profile link in with Monrose and Rubin’s [23] research on identifying and authenticating users using keystroke dynamics. Although their focus was more on biometrics and authentication their results have a clear relevance to the traffic analysis of SSH. They 43 23. Chaos Communication Congress show that there is enough variability in typing patterns between users to be able to identity them, particularly after a long sequence has been observed. As a result not only the content of your communications may be leaked but also your identity despite using SSH. 3.2 The Traffic Analysis of SSL The Secure Socket Layer (SSL, also known as TLS for Transport Layer Security) was introduced primarily to provide private web access. HTTP requests and replies are encrypted and authenticated between clients and servers, to prevent information from leaking out. Yet there is plenty of research [9, 6, 31, 2, 17] to suggest that information is leaking out of this shell. The key weaknesses come down to the shape of traffic that is inadequately padded and concealed. Browsers request resources, often HTML pages, that are also associated with additional resources (images, stylesheets, . . . ). These are downloaded through an encrypted link, yet their size is apparent to an observer, and can be used to infer which pages are accessed (the difference between accessing a report on two different companies might leak information if you work in an investment bank). There are many variants of this attack: some attempt to build a profile of the web-site pages and guess for that which pages are being accessed while others use these techniques to beat naive anonymizing SSL proxies. In the later case the attacker has access to the cleartext input streams and he tries to match them to encrypted connections made to the proxy. Note that latent structure and contextual knowledge are again of great use to extract information from traffic analysis: in Danezis [9] it is assumed that users will mostly follow links between different web resources. A hidden Markov model is then used to trace the most likely browsing paths a user may have taken given only the lengths of the resources that can be observed. This provides much faster and more reliable results than considering users that browse at random, or web-sites that have no structure at all. 3.3 Web Privacy Can a remote web server, you are accessing, tell if you have also been browsing another site? If you were looking at a competitor maybe giving you a better price might be in order! Felten et al. [13] show that it is possible to use the caching features of modern web browsers to infer information about the web-sites that they have been previously browsing. The key intuition is that recently accessed resources are cached, and therefore will load much more quickly than if they had to be downloaded from the remote site. Therefore by embedding in a served page some foreign resources, the attacker’s web-server can perform some timing measurements, and infer your previous browsing patterns. Note that this attack can be performed even if the communication medium is anonymous and unlinkable. Most anonymization techniques work at the network layer, making it difficult to observe network identities, but perform only minimal 44 An Introduction to Traffic Analysis filtering in higher layers. Being forced to do away with caching would also be a major problem for anonymous communication designers since any efficiency improvement has to be used to make the, already slow, browsing more usable. 3.4 Network Device Identification and Mapping Can you tell if two different addresses on the Internet are in fact the same physical computer? Kohno et al. at CAIDA [20] have devised a technique that allows an attacker to determine if two apparently different machines are the same device. They note that the clock skew, the amount by which the clock drifts per unit of time, is characteristic of the hardware, and the physical conditions in which the crystal is maintained (heat, light, etc). Therefore if the clock drift of the remote machines seems to match for a long time, it is very likely that the machine is in fact the same. The technique they use is resistant to latency, and can be applied remotely if the target machine implements NTP, SNMP or a web server that echos the time. The technique can be used in forensics to detect target machines, but it can also be used by hackers to detect if they are in a vitalized honey-pot machine, and to determine if two web-sites are hosted on the same consolidated server. The opposite question is often of interest. Given two connection originating from the same network address, have they actually been initiated by one or multiple machines? This is of particular relevance to count the number of machines behind NAT (Network Address Translation) gateways and firewalls. Bellovin [4] noted that the TCP/IP stack of many operating systems provides a host specific signature that can be detected, and used to estimate the number of hosts behind a gateway. To be exact the IPID field, used as a unique number for each IP packet, is in the windows operating system a simple counter that is incremented every time a packet is transmitted. By plotting the IPID packets over time, and fitting lines through the graph, one can estimate the number of unique Windows hosts. Finally a lot of network mapping techniques have been introduced in the applied security world, and included in tools such as nmap [14]. The key operation that such tools perform is scanning for network hosts, open network ports on hosts, and identifying the operating systems and services running on them to assess whether they might be vulnerable to attack. The degree of sophistication of these tools has increased as more and more people started using network intrusion detection tools, such as the open source snort [32], to detect them. Nmap now can be configured to detect hosts and open ports using a variety of techniques including straight forward ping, TCP connect, TCP syn packet, but also indirect scans. For example the FTP protocol allows the client to specify to the server that it should connect to a third machine. The client can therefore use this feature to scan a third host by requesting the server the open connections to the remote ports, and observing the type of failure that occurs. The full nmap documentation is well worth a read [15]. 45 23. Chaos Communication Congress 3.5 Detecting Stepping Stones A lot of work has been done by the intrusion detection community to establish if a host is being used as an attack platform [34, 7]. The usual scenario involves a firewall that sees incoming and outgoing connection, and tries to establish if a pair of them may be carrying the same stream. This might mean that the internal machine is compromised and used to attack another host, i.e. it is a stepping stone for the attacker to hide their identity. The two main classes of techniques for detecting stepping stones are passive, where the firewall only observes the streams, and active, where the stream of data is modulated (often called watermarked). Since an adversary is controlling the content of the stream, and maybe encrypting it, both types of detection rely on traffic data, usually the correlation between packet inter arrival times, to match incoming and outgoing streams. The family of traffic analysis techniques that arise are similar with those used to attack anonymous communication channels. The key result in this area is that if the maximum latency of the communication is bounded there is no way of escaping detection in the long run. This result is of course tied to a particular model (the adversary can match packet for packet, which is not obvious if the streams are encrypted under different keys or mixed with other streams), and cover channels out of its scope may prove it wrong and escape detection. Note that arbitrary active detectors are extremely difficult (maybe even impossible) to defeat. 4 Exploiting Location Data Wireless communication equipment is often leaking location data to third parties, or wireless operators. The extent to which these can be used to degrade security properties is still to be seen but some experiments have already been performed, and their results may be a precursor to a rich set of attacks to come. Escudero-Pascual [26] describes an experiment he set up at the ‘Hacker’s at Large’ (HAL) summer camp. The camp had multiple wireless LAN access points, that recoded the wireless MAC address of users that were using them. This provided a time-map of user’s movements throughout the event, including clues about which talks they were attending (the access points were related to the venues). Even more striking were the inferences that could be drawn about the relationship between users: random pairs of users would expect to have a low probability of using the same access point at any time. Furthermore access point usage between them over time should be uncorrelated. As a result any correlation between two users that is above average, is indicative of a relationship between the users, i.e. they are consistently moving together at the same time around the camp. Intel research at Cambridge, also designed a similar experiment. Members of staff were issued with bluetooth devices that would record when another transmitting bluetooth device was in range. The idea was to measure the ambient bluetooth activity, to tune ad-hoc routing protocols for real world conditions, but 46 An Introduction to Traffic Analysis also to establish how often a random pair of devices meet to establish how the adhoc communication infrastructure could be used for two way communications. To the surprise of the researchers analyzing the data, the devices of two members of staff were found to be meeting each other rather often at night – which led them to draw conclusions about their, otherwise undisclosed, relationship. This is well in line with evidence gathered by the MIT reality mining project [1]. The project distributed about a hundred mobile phones to students and staff of the Media Lab, under the condition that all their traffic data (GSM, bluetooth and location data) would be used for analysis. The users were also asked to fill in forms about themselves and who they consider to be their friends or colleagues. The traffic data and questionnaires were then used to build classifiers: it tuned out that calling or being with someone at 8pm on a Saturday night is a very good indicator of friendship. They also uncovered location signatures that could differentiate a student from a member of staff. What is even more impressive is that they did not use the physical locations to draw inferences, but instead the frequency at which they are at places designated as ‘work’ or ‘home’. Students tended to have a more uncertain schedule, while members of staff were much more predictable in their habits. This of course led to research about the amount on entropy that location data provides, and as expected for some individuals given a set of locations they are at some moment it is possible to predict with high probability their next moves and locations. So the evidence from these preliminary studies is suggesting that whatever the wireless medium used, mobile phone, wireless LAN or bluetooth, sensitive information about your identity, your relations to others and your intentions can be inferred merely though traffic analysis. 5 Extracting High Level Intelligence Contemporary sociology models groups of individuals, not as a mass or a fluid, but in terms of their positions within a ‘social network’. The controversial basis for a lot of this research is that the position of an agent in the social network is in many ways more characteristic of them than any of their individual attributes. This position determines their status, but also their capacity to mobilize social resources and act (social capital). This position can also be determined via traffic analysis, yielding a map of the social network, and the position of each actor within it! Social network Analysis [35], and experimental studies, has recently gained popularity and led to interesting results, that are of use to traffic analysis, but also more generally network engineering. It was first noted by Milgram [33] that typical social networks present a ‘small world’ property, in that they have a low diameter (experimentally determined to be about 6 hops between any two members) and to be efficiently navigable. In other words there are short paths, i.e. intermediaries between you an anyone else in the world, and you can find them efficiently (think of using hints from location and profession). This work has 47 23. Chaos Communication Congress been used to build efficient peer-to-peer networks, but so far has been underused in security and trust analysis. Another key finding is that ‘weak links’ – people you do not know all that well – are instrumental in helping you with activities that are not common but still very important. A well studied example is finding a job, where people using ‘far links’ are on average more successful, than those who limit themselves to their local contacts. The first mathematical studies [27] of social networks, or power law networks as they were described because of the degree distribution of their edges, tell us a lot about their resilience to failure. It turns out that they are extremely resistant to random node failures, meaning that they stay connected and maintain a low diameter even when many random nodes have been removed. On the other hand such networks are very sensitive to the targeted removal of the nodes with high degree. After a few nodes have been removed the network will become disconnected, and the diameter increases substantially well before that. An equally effective attack is for an adversary to remove nodes according to their ‘betweeness’, i.e. how many other nodes in the network they connect. Traffic analysis can be used to select the appropriate targets to maximize communication degradation and disruption. Recent research by Nagaraja et al. [24] tries to find strategies for a peer-topeer network of nodes to resist such node deletion attacks. The intuition behind their strategies is that nodes connect to other random nodes in order to get resilience, while connecting according to a power law strategy to get efficient routing. When under attack the network regenerates links to maximize fault tolerance. When things are calm it reconfigures itself to be efficient. Social network analysis starts being used for criminal intelligence [30, 19]. Investigators try to map, often using traffic analysis techniques on telephone or network traffic and location data, criminal organizations. This can be done to select targets for more intensive surveillance, but also to select appropriate targets for arrest and prosecution. Often these arrests are aim to maximally disrupt the organization targeted. In this case it is not always appropriate to arrest the most central, or the most well connected member – this often merely serves as a promotion opportunity for smaller crooks to take up the position. It was found to be more effective to instead arrest the ‘specialists’, i.e. those people in the organization that have a unique position or skills, that others would find difficult to fill. Examples include those who can forge papers, or crooked customs officials. On the other hand traffic analysis inspired techniques can be used to protect systems and build trust. Advogato [21] is a social network based system, that provides a community for free software developers. The fact that they introduce each other allows the system to establish whether an author is likely to be a spammer, and filter their messages out. Similarly google’s PageRank [25] uses techniques that are very similar to web-page and social network profiling – in that it considers pages that are more central in the network (with more links pointing to them) as more authoritative. Techniques have also been devised [18] 48 An Introduction to Traffic Analysis to automatically detect and extract web communities. Their results can be used both to assist or attack users. 6 Resisting Traffic Analysis on the Internet A relatively old, but only recently mainstream, sub-area of computer security research is concerned with ‘anonymous communications’ and more generally communications that do not leak any residual information from their meta data. The field was started by David Chaum [8], introducing the mix as a basic building block for anonymity, and has continued since, adapting the techniques to provide private email communications and more recently web-browsing. A thorough overview of the field and key results is available in [10, 28]. Fielded anonymous communication systems, that are the direct products of 20 years of research, include Mixmaster [22] and Mixminion [11] for email, and JAP [5] and Tor [12] for web-browsing. They all increase the latency of communication and its cost in terms of traffic volumes. A range of traffic analysis attacks have been used to degrade the security of anonymous communications networks. Long term intersection attacks (also referred to as disclosure attacks) reply on long term observations of input and output messages to detect communicating parties. Stream traffic analysis has been used to trace web requests and replies through low-latency networks. Finally the attacker can infiltrate the network or try to influence the way in which honest nodes chose paths to anonymize their traffic. Lately attacks have focused on weaker adversaries, and it has been shown that some forms of traffic analysis can be performed even without any access to the actual data streams to be traced. So little importance has been payed to securing public networks against traffic analysis that the information leaked can be detected and abused even far away from its source. . . 7 Instead of Conclusions. . . Our understanding of the threat that traffic analysis attacks represent on public networks is still fragmented, and research in this growing field is still very active. The results we have presented should act as a warning call against ignoring this threat: traffic analysis not only can be used to collect more information in general but can also be used to bypass security mechanisms in place. Our study of these techniques should also have some impact on public policy matters. The most relevant of these is the current debate on traffic data retention in the E.U. – plans to store all traffic data for a long time to facilitate law-enforcement investigations. Policy makers must be informed of the wealth of information that could be extracted from such data about every aspect of the networked society. Storing these, in an easily accessible manner, represents a systemic vulnerability that cannot be overstated enough. Allowing even anonymized profiles to be extracted from such data would greatly facilitate privacy violations and routine surveillance. Traffic analysis resistance is a public good – the more an 49 23. Chaos Communication Congress attacker knows about the habits of your neigbours the more they can tell about you! Similarly our study of jamming resistant communications can shed light on potential means by which criminals might communicate, ‘under the radar’ of law enforcement. References 1. Mit media lab: Reality mining. Massachusetts Institute of Technology Media Lab. 2. Heyning Cheng And. Traffic analysis of ssl encrypted web browsing. 3. Ross Anderson. Security engineering. Wiley, 2001. 4. Steven M. Bellovin. A technique for counting natted hosts. In Internet Measurement Workshop, pages 267–272. ACM, 2002. 5. Oliver Berthold, Hannes Federrath, and Stefan Köpsell. Web MIXes: A system for anonymous and unobservable Internet access. In H. Federrath, editor, Designing Privacy Enhancing Technologies, volume 2009 of LNCS, pages 115–129. SpringerVerlag, July 2000. 6. George Dean Bissias, Marc Liberatore, , and Brian Neil Levine. Privacy vulnerabilities in encrypted HTTP streams. In 5th Workshop on Privacy Enhancing Technologies (PET2005), 2005. 7. Avrim Blum, Dawn Xiaodong Song, and Shobha Venkataraman. Detection of interactive stepping stones: Algorithms and confidence bounds. In Erland Jonsson, Alfonso Valdes, and Magnus Almgren, editors, RAID, volume 3224 of Lecture Notes in Computer Science, pages 258–277. Springer, 2004. 8. David Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2):84–88, February 1981. 9. George danezis. Traffic analysis of the http protocol over tls. http://www.cl.cam. ac.uk/∼gd216/TLSanon.pdf. 10. George Danezis. Better Anonymous Communications. PhD thesis, University of Cambridge, 2004. 11. George Danezis, Roger Dingledine, and Nick Mathewson. Mixminion: Design of a Type III Anonymous Remailer Protocol. In IEEE Symposium on Security and Privacy, Berkeley, CA, 11-14 May 2003. 12. Roger Dingledine, Nick Mathewson, and Paul Syverson. Tor: The secondgeneration onion router. In Proceedings of the 13th USENIX Security Symposium, August 2004. 13. Edward W. Felten and Michael A. Schneider. Timing attacks on web privacy. In ACM Conference on Computer and Communications Security, pages 25–32, 2000. 14. Fyodor. Nmap – free security scanner for network exploitation and security audit. http://www.insecure.org/nmap/. 15. Fyodor. Nmap manual. http://www.insecure.org/nmap/man/. 16. Michael Herman. Intelligence Power in Peace and War. Cambridge University Press, 1996. 17. Andrew Hintz. Fingerprinting websites using traffic analysis. In Roger Dingledine and Paul F. Syverson, editors, Privacy Enhancing Technologies, volume 2482 of Lecture Notes in Computer Science, pages 171–178. Springer, 2002. 18. Jon M. Kleinberg. Hubs, authorities, and communities. ACM Comput. Surv., 31(4es):5, 1999. 19. Peter Klerks. The network paradigm applied to criminal organisations. In Connections 24(3), 2001. 50 An Introduction to Traffic Analysis 20. Tadayoshi Kohno, Andre Broido, and Kimberly C. Claffy. Remote physical device fingerprinting. In IEEE Symposium on Security and Privacy, pages 211–225. IEEE Computer Society, 2005. 21. Raphael L. Levien. Attack resistant trust metrics. PhD thesis, University of California at Berkeley, 1995. Draft Thesis. 22. U. Moeller, L. Cottrell, P. Palfrader, and L. Sassaman. Mixmaster protocol version 2. Technical report, Network Working Group, May 25 2004. Internet-Draft. 23. Fabian Monrose, Michael K. Reiter, and Susanne Wetzel. Password hardening based on keystroke dynamics. In ACM Conference on Computer and Communications Security, pages 73–82, 1999. 24. Shishir Nagaraja and Ross Anderson. The topology of covert conflict. Technical report, University of Cambridge, Computer laboratory, 2005. 25. Lawrence Page, Sergey Brin, Rajeev Motwani, and Terry Winograd. The pagerank citation ranking: Bringing order to the web. Technical report, Stanford Digital Library Technologies Project, 1998. 26. Alberto Escudero Pascual. Anonymous Untraceable Communications: Location privacy in mobile internetworking. PhD thesis, Royal Institute of Technology KTH / IMIT, 2001. 27. William J. Reed. A brief introduction to scale-free networks. Technical report, Department of Mathematics and Statistics, University of Victoria, 2004. 28. Andrei Serjantov. On the anonymity of anonymity systems. PhD thesis, University of Cambridge, 2004. 29. Dawn Xiaodong Song, David Wagner, and Xuqing Tian. Timing analysis of keystrokes and timing attacks on SSH. In Tenth USENIX Security Symposium, 2001. 30. Malcom K Sparrow. The application of network analysis to criminal intelligence: An assessment of the prospects. In Social Networks (13), 1991. 31. Qixiang Sun, Daniel R. Simon, Yi-Min Wang, Wilf Russell, Venkata N. Padmanabhan, and Lili Qiu. Statistical identification of encrypted web browsing traffic. In IEEE Symposium on Security and Privacy, pages 19–30, 2002. 32. Snort team. Snort. http://www.snort.org/. 33. J. Travers and S. Milgram. An experimental study of the small world problem. Sociometry, 32(425), 1969. 34. Xinyuan Wang and Douglas S. Reeves. Robust correlation of encrypted attack traffic through stepping stones by manipulation of interpacket delays. In Sushil Jajodia, Vijayalakshmi Atluri, and Trent Jaeger, editors, ACM Conference on Computer and Communications Security, pages 20–29. ACM, 2003. 35. Stanley Wasserman, Katherine Faust, Dawn Iacobucci, and Mark Granovetter. Social Network Analysis : Methods and Applications (Structural Analysis in the Social Sciences). Cambridge University Press, 1994. 51 HACKING A not so smart card HOW BAD SECURITY DECISIONS CAN RUIN A DEBIT CARD DESIGN http://events.ccc.de/congress/2006/Fahrplan/events/1449.en.html This lecture will introduce you to the Postcard, a widely used debit card issued by FostFinance in Switzerland. As other debit cards like the “EC” card it is used for shopping payments at POS terminals or to draw money from ATMs in Switzerland and many other countries. It’s widely used by its 2’000’000 users, producing a total transaction volume of around 8’000’000’000 Swiss Francs a year. All security features of the card are described and their ineffectivness is demonstrated. It is shown how even outsiders can get access to the secret key of the card issuer, allowing them to create new, valid debit cards on their own or to clone existing card without any physical access to the original. If the phrase “Your key is way too short” could embarass IT security officers as much as if we are referring to their private (male) body part - security would be much better off in some cases - at least in this one ... Bernd R. Fix 53 23. Chaos Communication Congress                 !" # $ %&''##%# (#' ##%)*%   + & ,   ' #     %  - # #./0 ! ,   1 #'#. %  # # . #!% '  #' . '1     $2      %!23443&  ! ! %.  ## -2/52 ! $6    34789!## .  -/5$6!  %  ,-: /   34;89!" #      &  #  ##!      ..#  %    %  :$ 2<  $ #  5    ' ,#9   %  )=###!" # ' '% #% 1.1 ' ##! !7>>##    1# . . %      &##   . % '! ! ! 2 . % '  #. 2$# .  2 -.##/ !  1 !%'2 . !   #  $%%% !" #  !#0 ! ' ',#(0-##.!?/ ,2. #& #%% ##  #''  #.. 2 -1   / #'  .   ' #. #. .     !#% ' #1# '11#1 !'  !  !" # @  A,! . '  +!      #   ###   #    B %  .##%!###,#.. 1 C % .% %' .  ,D!'.   #%#.  1'$2 ! . ## 28+!#' %C! .    3474! 1  &<783;#!.  #    %   - /  +, .-  /.  ,   E!,&<783; 5#,->/   .  9 ! 54 A not so smart card 6% %.  ' +% % A&.% A1# # %#' !   15  #% !#.#''  9%  ##%,<#%#,%!#%'#   #,% + !B'#'  # ##% 0 Bull CP8 “BC B0” <1 %.  #'%.  !  http://www.parodie.com/monetique % 1 . 'C  !  ' ! ,   #%  .%F, % #1 0  # ##. !1  #,'. +       $!    . '@# ' .  !! #  1 ' .  ,' -  #/5 # 9  ## 28. . % .! ,& 3448 ! # .##% !,. , ! #  #'!  . F # . %.% !(#% ' .    '!%     #!% (!% #!  %  # ,!. !      #%  .   ,'  %$..  (  ,348*C #%.#     3488 !# 344)+## ,'  ##!# %,'  .   )>>31  % ## ##'      & A ,   %         .    ,'    ! 2 +!1'# %'  . 2  ##   ,' ? ##%%.##! # !  %+ ##! ,. ! 2 F     .  #"' 5 1 .%'9 # . 1 %  -G 2 # 1  !,?/%, !## 1 % .. #.  %#'! !      ,  .!%  '  ,  #1  !  ..   0 -$' / -H ' / #% -B  / HA 1# # !0I%! ' 348* ! ' # '  5## .#9#"'%:$ 2< #, 1'  ##   #  #  !    ,    %  .    !  #%  !.# 55 23. Chaos Communication Congress ,'    ##.  '..#  $ '#%. . . '#'  1 ..#$  # J,% C #,%   ##  #  1,%  -'/   !    %.!  0  $ .  #,  .  #,     1#  .    #       , # 5  %  &&9  $   #,. . # % 5' 9!  1,%.  5 9 G '..#  #     #,.    #   #,%.    %  #,&,.  % .   ## C.   E%!,0-I 2&%1 ?/ $#02& ##%   $##  1'%. . #  K##%&1  '!" # ! %-%/. '# #! ' 2& 2&. 2 #.,0$2& "!  # % .  %''0$A #'! . ''$  # #'    .  2&.  "&.A ! #' %    5A!%-.##/   #9       %!!,!!#' 0J #   . ' 5% A 2& K9 #  52& 9 1#, #2  <. % '!  # %2&1#.  "<    !           ##  -E  /      %  -E     2&    / ' #.!%% !!#'  !## 1%#  1 !  '!-/ ? $! % #.%#% '0 1,%.#'  + ' #   ! C(!##  &'#%!%'  1,%. "J #.,%  $ ##%F -'/0 "'# '    ##% ##% + # '5 ###%9. "  #.! '  7;8 5## ##   9 !. " !LA>>> .!!,$ .  #' .3>)= .  #!#   1' < . F   1 #$ ##%  #  #- #/ 56 A not so smart card .    ..  #,%.'  ' #. C   . %'#,+F,% $ #,% #  #  ###%1# # '%1 #  #,%.% #  . !2  #% #.C### (!##.  ! <%1  #%    !    #0 #'. #F*)>  %   %' %,!!  #% ' %.J 3>)= % C#,'  %.J *)>!.+ #%, )>>)    ,       )=       . "     #         2  '    " (=# < #. " % 1,%.      ' !-/ $    %## #C%##., <. % , .'  !##C&!###   #,+ A ' .     $ , .    #,! , !##%1 %% 0 .##  1 . #,!%1#1   B'  ! 2 !     + ##  . !  #  F %# 5A #9 # .#% !  '!' ,'..#     .2  $             #%    #,       #    #    #      # ###%  #  # &.%  .2  (2 %' #%  # '5-$ .M/9 ,'2&   '1' % ' #,&. 5  %# !%. % 9%   #'# 0 E1  1 %.##% #' -$ .M/  A#%  #  <       2    #    -   %/          #%  #.%1!  !% 2&5 #% 9 '1  2& ###%' ##% %'=> ;>N . 5  '% # #%  %9 %1'  %!##,%.  #'# $  '   .     #'  1# +  .    %       .           '! '.  #!%#C##% ,!    1# %  5A' . 9 I#2..#! # !! '%# 1,!. 57 23. Chaos Communication Congress % %! (#,1. %( 'CF! !  #,  , !. #'# '  ( . ! . ' #%.  <      !#  1      .     :D  5-: 'O  ,,/9    ##' %. ! ,5  , '!" # 9+ 2 #  ,F%##! - #!%/$% ## ##  % '1 5#% .  # .  #%9  #' MP:D5-M!#P , : ' D,/9     %6 "H  '  $ # 1  .!" # +#'# !  !.     ##  .#'2!##'  !(%  & #%    #!!## 1  .  (  !% 1 .   % ! $  % !%! ! ,'##%!%! #  )>>)6. 1' !#.C 2 #% . .. .!'&    '!#! ,'  #F.  ..&, .  .!2 .  0  &! ,!! !' #. % G % '!5 #%9:6P  #?G % ',%#'5A!   9?G %#'   ,%? &  !        .     #  +      !   %  $  1 %  .   #% ! '  ' +1   ,%   # 6% .  '  !0  I  !   (  '  !    .#'        #  !    !##  1  % 2     $ '. 0-6% #! # /#'  #.%' ## ( &    2..#!%#, '   '1 :$ 2<  # .  1   +     ,      %        1   J<&  &!### #  .  ..  #+A#  ! '$ 06%#,#%   . ##!# ' !>3N >*N.% #%  15  '  #9C '% #% #1   # ##,' .%  &.% '%   ,&!##%  ,  58 A not so smart card  # . %%   #%A1. #>3N.  1+ A ## ,%&. '%.#% #  %# 1 !##  % #. ##+A!!##, &       #1    !  #  1     - /  .  +    #    !" # 0  & %   !  #5!. ,!  ## -#  #/9 -  /#%  1#  I!##.! 1 %.2  %'#    # #?        !##       1 '  +    #  .    %    !##  2       #?I%   -'/ '#, #%1 % %   %    - #/ '#   . ' (   2 ..# #%,! 59 SCIENCE A Probabilistic Trust Model for GnuPG A NEW WAY OF EVALUATING A PGP WEB OF TRUST BY USING A PROBABILISTIC TRUST METRIC http://events.ccc.de/congress/2006/Fahrplan/events/1607.en.html Trust networks are possible solutions for the key authenticity problem in a decentralized public-key infrastructure. A particular trust model, the so-called Web of Trust, has been proposed for and is implemented in the popular e-mail encryption software PGP and its open source derivatives like GnuPG. Some drawbacks and weaknesses of the current PGP and GnuPG trust model are investigated, and a new approach to handle trust and key validity in a more sophisticated is proposed. A prototype of our solution has been implemented and tested with the current GnuPG release. Distributed trust models allow any user in the network to issue certificates for any other user. The issuers of such certificates are called introducers, who can make them publicly available, typically by uploading them to key servers, from which they are accessible to other users. Someone’s personal collection of certificates is called key ring. In this way, responsibility for validating public keys is delegated to people you trust. In comparison with a centralized PKI, this scheme is much more flexible and leaves trust decisions in the hands of individual users. These trust decisions are finally decisive for a user to validate public keys (i.e. to accept them as authentic on the basis of the given local key ring. First we will give a short overview of the web of trust and the PGP trust model. The main goal is to point out some of its inherent weaknesses and deficiencies. To overcome these difficulties, we will then propose a more flexible PGP trust model, in which we propose to see the key validation problem as a two-terminal network reliability problem in a corresponding stochastic graph. In a last part, we will describe the prototype implementation of this model in GnuPG. Jacek Jonczy is a PhD student at the University of Bern with interests, among others, in cryptology and in the area of trust and reputation systems. He is a member of the RUN group of the University of Bern since January 2005, where he is currently working on his PhD. His interests include cryptology, trust metrics, trust and reputation systems, web of trust, PKI, etc. Recently he was keeping a closer eye on the free encryption software GnuPG. 61 23. Chaos Communication Congress A Probabilistic Trust Model for GnuPG Jacek Jonczy, Markus Wüthrich, and Rolf Haenni Institute of Computer Science and Applied Mathematics University of Berne, Switzerland jonczy@iam.unibe.ch Abstract Trust networks are possible solutions for the key authenticity problem in a decentralized public-key infrastructure. A particular trust model, the so-called Web of Trust, has been proposed for and is implemented in the popular e-mail encryption software PGP and its open source derivatives like GnuPG. In this paper, we investigate the drawbacks and weaknesses of the current PGP and GnuPG trust model, and we propose a new approach to handle trust and key validity in a more sophisticated way. A prototype of our solution has been implemented and tested with the current GnuPG release.1 1 Introduction Due to the rapid emergence and constant evolution of various distributed systems and applications in large, inherently insecure networks, methods and techniques to establish information security play an increasingly crucial role. One of the most fundamental challenges is the problem of establishing a secured channel between two users of the network. For this, classical single-key cryptography requires the two users to previously exchange a common secret key over a secure channel, which is impracticable for large or even global networks. With the advent of public-key cryptography, the keys to exchange are public, i.e. the channel used for the exchange is no longer required to be secure. At first sight, this seems to be an ideal solution for the key exchange problem, but an important subproblem remains, namely to ensure that a public key actually belongs to its supposed owner. We will refer to it as the key validation problem. Note that spoofing another’s identity is easily possible in any of several ways, i.e. the key validation problem is anything but trivial, particularly when the two users involved have never met and know nothing about each other. As a solution for the key validation problem, public-key infrastructures (PKI) have been proposed and implemented in many different ways. One type of PKI requires one or several central authorities responsible for issuing digital certificates for public keys. Such a certificate is an unforgeable warranty for the binding between the involved public key and 1 This research is supported by the Hasler Foundation, project no. 2042, and the Swiss National Science Foundation, project no. PP002–102652. 62 its owner.2 It is of crucial importance for the reliable operation of such a centralized PKI that the certificate authorities are fully trustworthy. At the other end of the conceptual range are PKIs, which avoid central certificate authorities entirely. The most prominent example of such a decentralized PKI is a distributed trust model called Web of Trust. It is used in PGP, GnuPG, and other OpenPGP-compatible systems. The basic concept of this particular model goes back to Zimmermann’s first PGP release in the early 90ies, and since then it has not changed much [13, 16]. In this paper, we will refer to it as the PGP trust model, as suggested in [1]. Distributed trust models allow any user in the network to issue certificates for any other user.3 The issuers of such certificates are called introducers, who can make them publicly available, typically by uploading them to key servers, from which they are accessible to other users. Someone’s personal collection of certificates is called key ring. In this way, responsibility for validating public keys is delegated to people you trust. In comparison with a centralized PKI, this scheme is much more flexible and leaves trust decisions in the hands of individual users. These trust decisions are finally decisive for a user to validate public keys (i.e. to accept them as authentic) on the basis of the given local key ring. In this paper, we will first give a short overview of the PGP trust model. The main goal is to point out some of its inherent weaknesses and deficiencies. To overcome these difficulties, we will then propose a more flexible PGP trust model, in which we propose to see the key validation problem as a two-terminal network reliability problem in a corresponding stochastic graph [11]. This view is similar to the one proposed in [6], but it requires less theoretical background knowledge. In the last part of this paper, we describe the prototype implementation of this model in GnuPG. 2 The PGP Trust Model The PGP trust model has some particular characteristics. First of all, (only) three levels of trust are supported: com2 Strictly speaking, a certificate is a warranty for the binding between the involved public key and a description of the owner [9]. Such a description can consist of a single attribute (name, first name, birth date, e-mail address, etc.) or a combination thereof. In the PGP context, this description is called user ID and typically consists of an e-mail address. 3 In the PGP jargon, issuing a certificate is called signing a key, and certificates are therefore called signed public keys or simply signatures. A Probabilistic Trust Model for GnuPG 63 23. Chaos Communication Congress 64 A Probabilistic Trust Model for GnuPG public key, we have to compute the probability of the set minpathsK . The probability of a single path is simply the product of its (stochastically independent) trust values, and for the overall probability of the set minpathsK , we can apply the so-called inclusion-exclusion formula: P (minpathsK ) = P ({B, F }) + P ({B, G}) + P ({C, G}) − P ({B, F, G}) − P ({B, F, C, G}) − P ({B, C, G}) + P ({B, F, C, G}) = 0.581. This result is the probabilistic measure we propose for the validity of K’s public key. Depending on A’s own validation policy, e.g. by specifying a validity threshold λ ∈ [0, 1], the key may be accepted as valid or not. This result is very different from the PGP scenario in Fig. 1, where K’s public key is considered invalid (except for C = 1 and M = 1). Our proposal for a probabilistic evaluation of trust networks solves some of the deficiencies of the PGP trust model mentioned in Section 2. First of all, it eliminates the limited levels of trust and validity, which leads to an increased overall flexibility. At the same time, it solves the problem of counter-intuitive conclusions in situations like the one shown in Fig. 2. This improves both the robustness and the coherence of the results. Other Network Reliability Methods. Applying the inclusion-exclusion formula to a set of minimal paths is an exact, but not a very efficient solution for the s,tconnectedness or other network reliability problems. Reliability theory provides a variety of other techniques, with a general distinction between exact and approximate methods. Most exact methods start by either enumerating complete states, pathsets, or cutsets. These enumeration methods are often combined with reduction techniques (e.g. series and parallel reductions), decomposition techniques (e.g. Shannon’s decomposition, BDDs, d-DNNFs, cd-PDAGs), or socalled sum-of-disjoint-products algorithms. Note that all exact methods inherently suffer from an exponential worst-case complexity. Approximate methods are either lower and upper bound estimations or sampling algorithms (e.g. Monte-Carlo, importance sampling). The method implemented in GnuPG is a Monte-Carlo sampling algorithm. For a complete and detailed discussion of network reliability techniques, we refer to the literature [2, 4]. 4 Implementation This section is devoted to the implementation of the probabilistic trust model in GnuPG.13 We will give an overview of the most important changes as well as a brief description of the implemented algorithms. Furthermore, we will show by an example how to use GnuPG with its new functionality. All affected source files can be found within the g10 folder of the GPG source archive. The following list shows all modified or extendend files with a brief description of their functionalities. For more details, we refer to [15]. gpg.c : main function and parsing of arguments passed on the command line. options.h : data structures to store the options passed on the command line. tdbio.c, tdbio.h : definition of a trust database file structure as well as all input/output related functions. trustdb.c, trustdb.h : algorithms for public key validation. pkclist.c : functions related to primary keys. tdbdump.c : implementation of commands for the import and export of owner trust values. keyedit.c : implementation of the --edit-key command. The most important changes affect the trustdb.c source file. It contains now the algorithms of our probabilistic key validation method and is the main entry point for updating the trust database. There are two major extensions: (1) an algorithm for the computation of minimal certificate paths, and (2) an algorithm for the computation of the key validity based on these paths. The first algorithm is implemented as a breath-first search (BFS) in the certificate graph. After the entire graph has been searched, all minimal certificate paths are stored for each key. The choice of a BFS algorithm has two reasons. First, the key validation according to the original PGP trust model is also implemented as a BFS, which allows to reuse some code for the new algorithm. Second, by performing a BFS (instead of a depth-first search), we avoid the production of many non-minimal paths. For further information about this procedure, we refer to [15]. To overcome the problem of the exponential worst-case complexity of exact methods, we implemented the second algorithm as a Monte-Carlo sampling process, from which we obtain approximate solutions. The main advantage of this method is that it performs well and is easy to implement, see [15] for details. Another possible implementation is described in [8]. Example Usage. Consider again the example in Fig. 3. A’s key ring contains public keys of B, C, F , G, and K. Our goal now is to validate these keys using the extended GnuPG implementation. We will illustrate the necessary steps in form of respective GnuPG command line instructions. Let us first have a look at the generic command for executing the GnuPG program. For general information about the possible parameters options, command, and args, we refer to the GNU Privacy Handbook [5] or to the gpg man page.15 gpg [options] command [args] Modification of the GnuPG Source. For the implementation of the new trust model, we have used GnuPG v.1.4.5.14 13 All project related information, including download and installation instructions can be found under http://leeloo.unibe.ch/∼mwuethrich/bachelor. 14 This is the most recent stable version on September 15th, 2006. In order to switch to the probabilistic key validation model, the option --trust-model must be set at the beginning. Note that this option is only necessary the first time gpg is 15 http://www.gnupg.org/(en)/documentation/manpage.en.html 65 23. Chaos Communication Congress called within a session. gpg --trust-model probabilistic [options] command [args] The command --edit-key allows us to edit key information. For example, by supplying a user’s email address as identifier, we can specify trust levels: gpg --edit-key K@foo.bar trust As a result of this command, the following dialog to enter a trust value between 0 and 1 shows up. A precision up to six decimal places is taken into account, i.e. more exact values are rounded. [...] Please decide how far you trust this user to correctly verify other user’s keys (by looking at passports, checking fingerprints from different sources, etc.) Enter a number between 0.0 and 1.0 0.0 means you don’t trust this person at all 1.0 means you fully trust this person m = back to the main menu Your decision? 0.75 After this, the key ring is reevaluated and the corresponding key validities in the trust database are updated. With the following command, the trust database can also be updated manually: gpg --update-trustdb For our sample key ring, the output looks as follows: gpg: sampling trials set to 2000, validity threshold set to 0.6, probabilistic trust model E53E6AC8:A trust:1.000 valid:1.000 ok 7866C82B:C trust:0.600 valid:1.000 ok 85ADC1BB:B trust:0.100 valid:1.000 ok 8694CBC0:F trust:0.500 valid:0.586 not ok D6BAAD0F:G trust:0.900 valid:0.640 ok 36A66930:K trust:0.000 valid:0.581 not ok gpg: next trustdb check due at 2006-09-15 Two supplementary options are available for the new trust model, namely: --sampling-trials This option specifies the number of tri- als within the sampling algorithm used for computing the key validity. The default value is set to 1000. A higher value means more accurate results, but also increased efficiency. --validity-threshold This option replaces the original skepticism parameters used in GnuPG. Any key whose validity is equal or higher than the specified threshold will be accepted as valid (marked with ok). Note that a key with a value below the threshold may still be authentic, but the given key ring does allow us to prove it. The default value of the threshold is 0.5. For the above trust database output, we used 2000 sampling trials and a validity threshold of 0.6. 5 Conclusion The main contribution of this paper is the proposal for a probabilistic trust model for GnuPG. The key validation problem has been transformed into a directed two-terminal network reliability problem. As a result, several weaknesses of PGP’s trust model are eliminated. The most important 66 improvement comes from the gradual trust values, which then result in gradual levels of validity. Our new model also avoids counter-intuitive scenarios like the one shown in Fig. 2. To conclude, we think that the proposed key validation method is a reasonable, flexible, and useful enhancement of the existing GnuPG functionality. At the moment, it is not officially included in the GnuPG software, but we hope it will at some future time. References [1] A. Abdul-Rahman. The PGP trust model. EDI-Forum: the Journal of Electronic Commerce, 10(3):27–31, 1997. [2] M. O. Ball, C. J. Colbourn, and J. S. Provan. Network reliability. In M. O. Ball, T. L. Magnanti, C. L. Monma, and G. L. Nemhauser, editors, Network Models, volume 7 of Handbooks in Operations Research and Management Science, pages 673– 762. Elsevier, 1995. [3] J. Callas, L. Donnerhacke, H. Finney, and R. Thayer. RFC 2440: OpenPGP Message Format. IETF Network Working Group, 1998. [4] C. J. Colbourn. The Combinatorics of Network Reliability. Oxford University Press, New York, USA, 1987. [5] M. Copeland, J. Grahn, and D. A. Wheeler. The GNU Privacy Handbook. The Free Software Foundation, 1999. [6] R. Haenni. Using probabilistic argumentation for key validation in public-key cryptography. International Journal of Approximate Reasoning, 38(3):355–376, 2005. [7] J. Jonczy and R. Haenni. Credential networks: a general model for distributed trust and authenticity management. In A. Ghorbani and S. Marsh, editors, PST’05: 3rd Annual Conference on Privacy, Security and Trust, pages 101–112, St. Andrews, Canada, 2005. [8] J. Jonczy and R. Haenni. Implementing credential networks. In K. Stølen, W. H. Winsborough, F. Martinelli, and F. Massacci, editors, iTrust’06, 4rd International Conference on Trust Management, LNCS 3986, pages 164–178, Pisa, Italy, 2006. [9] R. Kohlas, J. Jonczy, and R. Haenni. Towards precise semantics for authenticity and trust. In PST’06, 4th Annual Conference on Privacy, Security and Trust, Toronto, Canada, 2006. [10] R. Kohlas and U. Maurer. Confidence valuation in a publickey infrastructure based on uncertain evidence. In H. Imai and Y. Zheng, editors, PKC’2000, Third International Workshop on Practice and Theory in Public Key Cryptography, LNCS 1751, pages 93–112, Melbourne, Australia, 2000. Springer. [11] G. Mahoney, W. Myrvold, and G. C. Shoja. Generic reliability trust model. In A. Ghorbani and S. Marsh, editors, PST’05: 3rd Annual Conference on Privacy, Security and Trust, pages 113–120, St. Andrews, Canada, 2005. [12] U. Maurer. Modelling a public-key infrastructure. In E. Bertino, H. Kurth, G. Martella, and E. Montolivo, editors, ESORICS, European Symposium on Research in Computer Security, LNCS 1146, pages 324–350. Springer, 1996. [13] W. Stallings. Protect Your Privacy, a Guide for PGP Users. Prentice Hall, 1995. [14] W. Stallings. Cryptography and Network Security: Principles and Practice. Prentice Hall, 3rd edition, 2003. [15] M. Wüthrich. GnuPG and probabilistic key validation. Bachelor thesis, IAM, University of Berne, Switzerland, 2006. [16] P. R. Zimmermann. The Official PGP User’s Guide. MIT Press, 1994. HACKING Building an Open Source PKI using OpenXPKI TAKE A LOT OF PERL, ADD SOME OPENSSL, SPRINKLE IT WITH A FEW HSMS, STIR, SEASON TO TASTE, ENJOY! http://events.ccc.de/congress/2006/Fahrplan/events/1596.en.html OpenXPKI is an open source trust center software, written by the OpenXPKI Project, which aims to create an enterprise-scale PKI solution. You can see what OpenXPKI is all about, what you can do with it out-of-the-box and how you can hack it to your liking. In this talk, the open source trust center software OpenXPKI will be presented. OpenXPKI aims at creating an enterprise-scale PKI/trust center software supporting well established infrastructure components like RDBMS and Hardware Security Modules (HSMs). It is the successor of OpenCA, and builds on the experience gained while developing it. Currently still under heavy development, OpenXPKI aims to be used in production by mid-October. Thus, a working release will be present before the congress. Alexander “alech” Klink has studied mathematics and computer science. Interested in IT security for quite a while, congress visitor since 19C3. Currently works for Cynops GmbH, mostly hacking OpenXPKI. Born in 1979, alech started his life with computers with the good old C64. An Amiga and finally a PC followed. DOS and Windows were not good enough pretty soon, so he switched to Linux in ‘95. While studying mathematics, he was known for being a TeX-addict. Did the Congress Fahrplan for 21C3 in PDF (guess using what), research on PDF tracking possibilities in 2005 (see www.pdftracker.de), dabbled with biometrics while working for Fraunhofer IGD. Thesis on cryptographic voting protocols including a prototype implementation under a BSD license. Now happily developing open source software and getting paid for it. Quickly becoming more of a Perl hacker and lover. Michael Bell studied computer science and works since about eight years in the area of security systems. His focus is on infrastructure services like firewalls, IDS and PKI. His actual themes are PKI and identity management. OpenXPKI architecture whitepaper http://www.openxpki.org/docs/OpenXPKI-Architecture-Overview.pdf Slides of the OpenXPKI lightning talk at mrmcd101b http://www.alech.de/openxpki_mrmcd101b.pdf The OpenXPKI project website http://www.openxpki.org/ 67 23. Chaos Communication Congress %XLOGLQJ DQ 2SHQ 6RXUFH 3XEOLF .H\ ,QIUDVWUXFWXUH XVLQJ 2SHQ;3., $OH[DQGHU .OLQN &\QRSV *PE+ DNOLQN#F\QRSVGH 0DUWLQ %DUWRVFK &\QRSV *PE+ PEDUWRVFK#F\QRSVGH 0LFKDHO %HOO +8 %HUOLQ PLFKDHOEHOO#FPVKXEHUOLQGH ,QWURGXFWLRQ 2SHQ;3., LV DQ RSHQ VRXUFH WUXVW FHQWHU VROXWLRQ GHYHORSHG E\ WKH 2SHQ;3., 3URMHFW ,W DLPV DW FUHDWLQJ DQ HQWHUSULVHVFDOH 3.,WUXVW FHQWHU VRIWZDUH UXQQLQJ RQ 8QL[EDVHG V\VWHPV VXSSRUWLQJ ZHOOHVWDEOLVKHG LQIUDVWUXFWXUH FRPSRQHQWV VXFK DV 5'%06 DQG +DUGZDUH 6HFXULW\ 0RGXOHV ,W LV WKH VXFFHVVRU RI 2SHQ&$ DQG EXLOGV RQ WKH H[SHULHQFH JDLQHG ZKLOH GHYHORSLQJ LW 1RWH WKDW ZKHQ ZH VD\ HQWHUSULVHVFDOH ZH DFWXDOO\ PHDQ LW 2SHQ;3., LV QRW \HW DQRWKHU RQH RI WKRVH SURMHFWV IRU VHWWLQJ XS WKH VHOIVLJQHG &$ RI WKH JHHN QH[W GRRU 1RW WKDW 2SHQ;3., PLJKW QRW DSSHDO WR JHHNV EXW LW DLPV WR SURYLGH D GLIIHUHQW FODVV RI &HUWLILFDWH $XWKRULW\ 5HDO RSHQ VRXUFH FRPSHWLWLRQ LV QRW YLVLEOH RQ WKH PDUNHW ZKHUHDV FRPPHUFLDO 3., VROXWLRQV XVXDOO\ FRVW D IRUWXQH DQG RIIHU OHVV IOH[LELOLW\ 7KHVH DUH VRPH RI WKH UHDVRQV ZK\ D ODUJH ILQDQFLDO FRUSRUDWLRQ SODQV WR XVH 2SHQ;3., LQ SURGXFWLRQ vSUHWW\ VRRQ QRZu :ULWWHQ LQ REMHFWRULHQWHG 3HUO LW KDV TXLWH D IOH[LEOH DUFKLWHFWXUH ZKLFK PDNHV KDFNLQJ LW WR \RXU OLNLQJ SUHWW\ HDV\ DQG IXQ )HDWXUHV 2SHQ;3., KDV TXLWH DQ DGYDQFHG IHDWXUH VHW VXSSRUWLQJ DOO RI WKH EDVLF RSHUDWLRQV D 3XEOLF .H\ ,QIUDVWUXFWXUH KDV WR RIIHU LQFOXGLQJ PRGXODU DXWKHQWLFDWLRQ D XVHU LQWHUIDFH $3, DQG LV GHVLJQHG IRU VFDODELOLW\ %XW WKHUH DUH VRPH PRUH IHDWXUHV ZKLFK ZH EHOLHYH GLVWLQJXLVK RXUVHOI IURP WKH FRPSHWLWLRQ :RUNIORZ HQJLQH :H XVH WKH :RUNIORZSP PRGXOH IURP &3$1 DV D ZRUNIORZ HQJLQH ZKLFK DOORZV XV WR FUHDWH PXFK PRUH IOH[LEOH FRGH DQG FRQILJXUDWLRQ %DVLFDOO\ WKH ZRUNIORZ HQJLQH SURYLGHV D VWDWH PDFKLQH z D ZRUNIORZ FDQ EH LQ D FHUWDLQ VWDWH IURP ZKLFK LW FDQ FKDQJH LQWR D GLIIHUHQW VWDWH XVLQJ DQ DFWLYLW\ 68 Building an Open Source PKI using OpenXPKI 69 23. Chaos Communication Congress 3., 5HDOPV DXWRPDWLF &$ UROORYHU 0RVW FRPPHUFLDO 3., VROXWLRQ YHQGRUV ZLOO ZDQW WR VHOO \RX D QHZ SLHFH RI VRIWZDUH IRU D QHZ &HUWLILFDWH $XWKRULW\ &RQWUDU\ WR WKDW 2SHQ;3., RIIHUV WR UXQ VHYHUDO FRPSOHWHO\ LQGHSHQGHQW &$V ZLWKLQ WKH VDPH LQVWDOODWLRQ 7KLV OHDGV WR ZKDW ZH FDOO v3., 5HDOPVu ZKLFK JURXSV WRJHWKHU &$V ZLWK WKH VDPH WDVN z \RX PLJKW KDYH D 3., UHDOP IRU \RXU HPSOR\HHV RQH IRU \RXU VHUYHUV DQG RQH IRU \RXU FXVWRPHUV IRU H[DPSOH :LWKLQ WKHVH UHDOPV \RX FDQ GHILQH &$V ZKLFK PLJKW HYHQ EH YDOLG DW WKH VDPH WLPH )LJXUH  2SHQ;3., VWUXFWXUH 3., 5HDOPV 0D\EH \RX DUH ZRQGHULQJ ZK\ \RX ZRXOG ZDQW WR KDYH &$V WKDW DUH YDOLG DW WKH VDPH WLPH :H LPSOHPHQWHG WKLV WR VROYH RQH RI WKH SUREOHPV PRVW 3., VROXWLRQV KDYH z WKH H[SLU\ RI WKH &$ FHUWLILFDWH )LJXUH  $XWRPDWLF &$ UROORYHU 6D\ \RX KDYH D &$ FHUWLILFDWH ZLWK D OLIHWLPH RI WZR \HDUV 1RZ RQH \HDU DQG D GD\ KDV JRQH E\ DIWHU WKH FUHDWLRQ RI WKH &$ FHUWLILFDWH *LYHQ D UHTXHVW IRU DQ HQGHQWLW\ (( FHUWLILFDWH ZLWK D 70 Building an Open Source PKI using OpenXPKI OLIHWLPH RI RQH \HDU DQG \RXU EHOLHI LQ WKH OD\HUEDVHG FHUWLILFDWH YDOLGLW\ YDOLGDWLRQ PRGHO  \RX DUH LQ D ELW RI WURXEOH \RXU &$ FHUWLILFDWH LV VWLOO YDOLG EXW \RX FDQ QRW DFFRPRGDWH WKH UHTXHVW DV WKH HQGHQWLW\ FHUWLILFDWH ZRXOG QRW EH YDOLG IRU D ZKROH \HDU 2SHQ;3., RIIHUV WKH DXWRPDWLF &$ UROORYHU IHDWXUH ZKHUH PRUH WKDQ RQH YDOLG &$ FHUWLILFDWH FDQ EH LQ RSHUDWLRQ DW DQ\ WLPH 7KH 3., WKHQ GHFLGHV DW WKH WLPH RI WKH UHTXHVW ZKLFK &$ FHUWLILFDWH WR XVH IRU LVVXLQJ WKH HQGHQWLW\ FHUWLILFDWH +HQFH VHWWLQJ XS D QHZ &$ FHUWLILFDWH FDQ EH GRQH DW DQ\ WLPH DQG GRHV QRW QHHG D FRPSOHWH KRWVZDSSLQJ UHGHSOR\PHQW +DUGZDUH 6HFXULW\ 0RGXOHV 2SHQ;3., KDV VXSSRUW IRU VRPH ZHOONQRZQ +DUGZDUH 6HFXULW\ 0RGXOHV +60V  VXFK DV WKH Q&LSKHU Q6KLHOG RU WKH &KU\VDOLV,76 /XQD &$ +DUGZDUH 6HFXULW\ 0RGXOHV DUH SUHWW\ LQWHUHVWLQJ SLHFHV RI KDUGZDUH z WKH\ SURYLGH D VHFXUH H[WHUQDO VWRUDJH IRU FU\SWRJUDSKLF NH\V DQG FDQ SHU IRUP WKH FU\SWRJUDSKLF RSHUDWLRQV LQ D SURWHFWHG HQYLURQPHQW 7KLQN RI LW DV D JLDQW VPDUWFDUG LI \RX OLNH WKRXJK VRPH +60V DFWXDOO\ XVH VPDUWFDUGV IRU DXWKHQWLFDWLRQ DV ZHOO VR \RXG UDWKHU KDYH WR WKLQN RI LW DV D VPDUWFDUG ZLWK D VPDUWFDUG VORW  8QOXFNLO\ +60V DUH QRW VRPHWKLQJ \RX DGG WR \RXU JHHN KDUGZDUH FROOHFWLRQ DW FKULVWPDV z DF WXDOO\ WKH\ DUH TXLWH H[SHQVLYH 7KLV LV ZK\ ZH DUH ORRNLQJ LQWR D SUHWW\ LQWHUHVWLQJ VROXWLRQ ZKLFK SURYLGHV DGHTXDWH VHFXULW\ DV ZHOO DQG LV PXFK PRUH FRVWHIIHFWLYH ,I +60V DUH RXW RI \RXU UHDFK ZH SURYLGH WKH LQWHUHVWLQJ SRVVLELOLW\ WR VSOLW WKH SDVVZRUG IRU \RXU HQFU\SWHG VRIWZDUH NH\ LQWR SLHFHV XVLQJ 6KDPLUV VHFUHW VSOLWWLQJ DOJRULWKP ,Q WKDW ZD\ \RX FDQ VWLOO XVH WKH GXDO FRQWURO SULQFLSOH WR VHFXUH DFFHVV WR \RXU &$ NH\ ZLWKRXW GHGLFDWHG KDUGZDUH 6HOI6HUYLFH 6PDUWFDUG 6ROXWLRQ ,PDJLQH \RX KDYH D EDWFK RI VHYHUDO WKRXVDQG VPDUWFDUGV O\LQJ DURXQG \RXU RIILFH IRU \RXU FRP SDQ\V HPSOR\HHV :RXOG \RX UDWKHU JHQHUDWH DQG LQVWDOO WKH FHUWLILFDWHV IRU DOO RI WKHP RU ZRXOGQW LW EH QLFH WR MXVW JLYH WKHP RXW DQG SRLQW SHRSOH WR D ZHEVLWH ZKHUH WKH\ FRXOG GR WKHVH LQLWLDO VWHSV WKHPVHOI"