droidcon2013 key2 share_dmitrienko_fraunhofer

Key2Share: NFC-enabled Smartphone-based Access Control

Alexandra Dmitrienko Cyberphysical Mobile Systems Security Group

Fraunhofer Institute for Secure Information Technology, Darmstadt

Motivation

Mobile phones are increasingly used in our daily life

Hundred thousands of apps on app markets

New interfaces like NFC open new application fields

Payments, ticketing

2

mPayments mTicketing

A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin

+ NFC =

Why not Using a Smartphone as a Key?

A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin 3

Smartphone as a Door Key

Access control by enterprises to their facilities

Access to hotel rooms

Access control in private sector (houses, garages)

4 A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin

Smartphone as a Key for Storage Facilities

Access to safes in hotel rooms

Lockers in luggage storage at train stations/airports

DHL Packing stations

5

DHL packing stations


Smartphone as a Car Key Fleet management by enterprises

Car sharing by rental/car sharing companies

Or just share your car with family members or friends


Advantages of Electronic Keys

7

Usual Keys SmartCards Key2Share

Distribution Requires physical

access

Requires physical

access

Remote

Revocation Requires physical

access or replacement

of the lock

Remote

Remote

Delegation Not possible Not possible Possible

Context-aware

access (e.g.,

time frame)

Not possible Possible Possible


Requirements and Challenges

8

Security

Protection of electronic keys in transit and on the platform

Performance in face of limited NFC bandwidth (~ 10 kbps)

Only symmetric-based key crypto for authentication

Offline authentication

Addressed by protocol design


Key2Share: System Model

9

Issuer

Key2Share web-service

Resources

1. Employ the employee/sell the car Users

Delegated users

5. S

har

e ke

y

3. Electronic key issued

4. User Authentication with the issued key

6. User Authentication with the shared key

2. One-time registration


Key2Share Security

Platform Security

10

Secure communication protocols


Platform Security Architecture

11

Untrusted host

Trusted Execution Environment

NFC Chip

Key2Share Secure App Key2Share App

WiFi

TrEE Service

TrEE Mgr

Secure Storage

User Interface

Secure UI


Possible TrEE Instantiations

In software

Full virtualization (e.g., based on OKL4

hypervisor)

Kernel-level Virtualization (e.g.,

vServer)

OS-level isolation (e.g., BizzTrust)

CPU extensions

(ARM TrustZone)

12

Secure Element (SE) on SIM card

SE on microSD card

Embedded SE (eSE) on NFC chip

In hardware


TrEE in Hardware

13

CPU Extensions (e.g., ARM TrustZone)

• Controlled by device manufacturers

•No APIs are exposed to apps to access it

Secure Element (SE) on SIM Card

• Controlled by network operators

SE on SD Card

• Freely programmable

embedded SE (eSE) on NFC Chip

• Controlled by device manufacturers

• has pre-installed Mifare Classic applet


APIs for Accessing Secure Elements SE on SD Card can be accessed via Open Mobile API

However, access is disabled in stock Android images

eSE can be accessed via Open Mobile API and NFC Private API

NFC Private API can be used only by Google-signed apps Only white-listed apps can communicate with eSE via Open Mobile API,

root access is required to add an app to the white list

App layer

OS

App

NFC Private API

Open Mobile API (SEEK-for-Android)

HW SE on SD Card

App App

eSE on NFC Chip


The Best Candidate: SE on SD Card

We used Giesecke & Devrient Mobile Security Card

can be attached to the phone via the microSD slot

It is a stanrdard Java Card and can run applets

Implementation of Key2Share Secure as a Java applet

15 15 A. Dmitrienko, Fraunhofer SIT Droidcon 2013, Berlin

TrEE in Software

• We leveraged a security architecture which provides lightweight domain isolation for Android

• The architecture is initially was intended to allow usage of a single device for business and private needs

• http://www.bizztrust.de/


http://www.bizztrust.de/

BizzTrust: Dual Persona Phone

Colors corporate and private apps with green and red

Prohibits communication between apps with different colors

Application layer

Middleware layer

Kernel layer

AppB

IPC MAC

File System Linux DAC

Network Sockets

MAC

MAC

MAC

AppA


Access control of Android

Added by BizzTrust

Linux DAC

BizzTrust-based TrEE Create blue domain isolated from red and green

Execute security sensitive code in blue domain

BizzTrust allows only Key2Share app to communicate with the code from blue domain

18

Software isolation layer: Hardened Android OS (BizzTrust)

Trusted Execution Environment (TrEE)

Domain BLUE

Key2Share Secure

Private Domain RED

Corporate Domain GREEN

Red App

Key2Share


Protocol Security

19

Well-established cryptographic primitives (AES, SHA-1, RSA)

Formal security proof of the protocols

Formal tool-aided verification of protocols


Implementation in 3 Versions

1. Hardware-based TrEE based on Mobile Security Card

2. Software-based TrEE based on BizzTrust

3. Key2Share Secure as a separate Android application


Authentication Performance 20 rounds

Transmission time for authentication protocol messages (with 95% confidence interval)

92 bytes to be transferred for the user

140 bytes to be transferred for the delegated user

The door locks open within a half a second

21

User Type Connection Establishment, ms

Overall session Time, ms

User 245.17± 0.54 441.80 ± 0.54

Delegated user 245.17± 0.54 473.55 ± 0.54


Work in Progress and Challenges

Backward compatibility to existing access control solutions

Compatibility to MiFare (standard for wireless cards)

Integration into smartcard-based access control solutions (Matrix of Bosch)

Smartphone in card emulation mode (does not require power for authentication)

Challenges are related to missing support of card emulation mode in Android

Other platforms (e.g., Nokia, Blackberry) support card emulation


Thank you [email protected]
