全球平台SCP02兼容智能卡的填充 oracle 攻击研究

需积分: 9 89 浏览量更新于2024-07-17 1 收藏 591KB PDF 举报

本文主要探讨了针对全球平台SCP02合规智能卡的padding oracle攻击方法。SCP02是一种广泛应用于智能卡中的安全协议，被交通公司、银行系统以及移动网络运营商（如UICC/SIM卡）所采用，主要用于数据加密和管理。padding oracle攻击是一种密码分析技术，通过利用加密过程中填充模式的泄露来推断出明文信息，尤其是在对称加密算法中，由于填充错误可能导致加密结果的差异。 SCP02的具体实现意味着它在处理加密数据时可能具有特定的模式或响应时间特征，这为攻击者提供了可利用的侧信道。作者Gildas Avoine和Loïc Ferreira来自法国的Rennes大学、INSA Rennes、CNRS和IRISA，以及Institut Universitaire de France和Orange Labs的Applied Cryptography Group，他们合作进行了一系列实验，针对十种来自六个不同制造商的智能卡进行了实际攻击。他们的研究结果显示，在实验环境下，这种padding oracle攻击是切实可行的，能够在保护的数据字段中有效地恢复出明文字节。鉴于每年生产的SIM卡数量高达数十亿，尽管难以准确估计受影响卡片的数量，但潜在的风险不容忽视。据他们所知，这是首次成功针对SCP02协议的此类攻击。关键词：安全协议、padding oracle攻击、GlobalPlatform、智能卡、时间侧信道。文章的核心内容涉及了以下几点： 1. 背景：介绍了SCP02在全球智能卡安全中的重要性和广泛应用，以及其在加密过程中的基本原理。 2. 攻击原理：详细阐述了padding oracle攻击的概念，如何通过观察加密结果的模式变化来推断明文信息。 3. 实验方法：研究人员对多种智能卡的实验设计，包括选择的卡类型、测试环境和攻击策略。 4. 实验结果：展示了攻击的有效性，证明在实际场景中，攻击者可以利用此漏洞获取敏感信息。 5. 影响与意义：强调了此次攻击的潜在威胁，以及对智能卡和相关行业的安全启示。对于智能卡和SCP02的使用者来说，这项研究强调了加强安全措施和定期评估加密算法的安全性的重要性，同时也提示了厂商和监管机构应密切关注此类新兴的威胁，以保护用户的隐私和金融安全。

Gildas Avoine and Loïc Ferreira 153

many null bytes as necessary (possibly none) are added in order to get a string which

length is a multiple of a DES block [ISO17].

The 8-byte

MAC

tag is computed on the command header, the plaintext, and a padding

data.

The ISO 9797-1 MAC algorithm 3, also known as “retail

MAC

”, is used [

ISO11

]. In

addition, an IV is involved in the

MAC

computation. The value of the ﬁrst IV is usually

. The IV used for the next command is equal to the

MAC

tag computed on the previous

command. The ciphertext and the

MAC

tag become then the data ﬁeld of the server’s

command.

Figure 1 depicts the data encryption and MAC computation of a command.

4 Description of the regular padding oracle attack

The padding oracle attack is based on the fact that a device behaves diﬀerently depending

on the correctness of the (encryption) padding data. From that diﬀerentiated behaviour,

the attacker tries to get some information (e.g., some bits or bytes of plaintext). That

diﬀerence may be based on the nature of the response (presence or absence of the response,

type: e.g., “regular” or error message, value, etc.) or on the duration of the operations

performed (or not) by the device. Regarding the symmetric-key encryption case, the

whole decryption procedure usually includes (among other possible operations) the

MAC

veriﬁcation, and the padding extraction and veriﬁcation. It is commonly recommended to

provide data authenticity and conﬁdentiality by applying the so-called Encrypt-then-MAC

(EtM) paradigm [

Kra01

BN08

Nonetheless some cryptographic mechanisms apply

other methods (e.g., MAC-then-Encrypt in TLS 1.2 [

DR08

], Encrypt-and-MAC (E&M) in

SSH [YL06c, YL06a, YL06d, YL06b]).

Therefore, if a padding data is used during the encryption process, and the padding

data must be, during the decryption procedure, veriﬁed prior to the

MAC

computation,

then it may be possible to perform an attack aiming at retrieving sensitive data. If one

follows the MtE or the E&M method (as in SCP02), the whole decryption procedure

involves (usually) three main steps:

1. the evaluation of the decryption function on the encrypted data,

2. the extraction and veriﬁcation of the padding data,

3. the computation of the MAC tag on the remaining decrypted data.

Once the ciphertext is decrypted, either the padding data is valid and can be removed,

and the

MAC

computation can be done, or the padding data is invalid and the

MAC

tag

cannot be computed (at least on the genuine data).

Let us illustrate the attack with an example. For the sake of clarity, we use the speciﬁcs

of SCP02, namely the encryption function (and the corresponding block size), and the

padding scheme. Let

be the last encrypted block carried in a protected command,

and let

be the block used as IV during the encryption operation that yields

(

denotes either the null IV if the command carries one encrypted block only, or the previous

encrypted block if the command carries two or more encrypted blocks). Let

| · · · |b

the plaintext data corresponding to

. In SCP02, the encryption is done with

3DES

CBC

mode. Since the plaintext length is less than 8 bytes a padding data is appended,

and this yields B = b

| · · · |b

|80|00. The encryption process outputs

C = ENC(V ⊕ B)

= ENC((v

⊕ b

)| · · · |(v

⊕ b

)|(v

⊕ 80)|(v

⊕ 00))

The genuine header HDR can be retrieved from the header HDR’ of the encrypted command.

Note that some encryption modes (e.g., [

Dwo04

]), coupled with a security proof [

Jon03

], correspond

to the MAC-then-Encrypt (MtE) paradigm.

剩余21页未读，继续阅读

It小蜂

粉丝: 679
资源: 4

全球平台SCP02兼容智能卡的填充 oracle 攻击研究

Global Platform card specification v2.3.1

GP卡 SCP02安全通道 更新

GlobalPlatform卡片规范(中文翻译版)

1. 如何在Lua中检测国际象棋的“将军”状态？

用python编写一个卡牌战斗小游戏，附上代码

python模拟足球_python 足球模拟

unity敌人自动巡逻攻击

最新资源

GP卡 SCP02安全通道更新