Вы находитесь на странице: 1из 15

Simab Chuhan

Course Work

ID-42903

y y y y

Critically evaluate Stream cipher system Develop a mechanism to calculate the time complexity of stream cipher. Evaluate DisFire tag Calculate the complexity of DesFire tag algorithm. BY Simab Chuhan Student Number: 42903 A paper in partial fulfillment of the requirements for the degree of the MSc Security Technology Course Module: Security Science British Institute of Technology & E-commerce

2011 Supervisor: Dr Ahmed Alnaemi

I am submitting cyber security course work as part of my MSc security technology module requirement; I declare that all I submitted my own work and I did use the references for avoiding any cited words to avoid plagiarism.

Signature (handwritten candidate number):

Date:

British Institute of Technology & E-commerce

Page 1

Simab Chuhan

Course Work

ID-42903

Table of Content

Table of Content
1. Acknowledgment..3 2. Introduction..4 3. Stream Cipher5 4. Type of Stream Cipher.5 5. Attack on Stream Cipher..6 6. Exhaustive key search...6 7. Introduction of Smart Card.7 8. Key Advantages of Smart Card...8 9. Mifare..8 10. Types of Mifare..9 11. MIFARE Classic....9 12. MIFARE Ultralight9 13. MIFARE DESFire..9 14. MIFARE Ultralight C10 15. MIFARE DESFire EV1.10 16. MIFARE Plus....11 17. MIFARE SAM AV2..11 18. Oyster Card12 19. Oyster Card Technology..12 20. Conclusion....11 21. Bibliography ...12

British Institute of Technology & E-commerce

Page 2

Simab Chuhan

Course Work

ID-42903

Acknowledgment: I found this subject very interesting and knowledgeable. During working on this project I learn many new things which related to the field of security technology. I found the detail history of cipher system and how its increase in real life beside how people were using this crypto system in ancient time where technology was not common but people was keen to hide their messages in different forms for confidentiality purpose. In the field of stream cipher I will discuss about cipher system and their mechanisms beside I will also discuss about how its work with smart cards such as UK oyster travel card. I would like to thanks my advisor Dr Ahmed Al-Naemi at British institute of technology and e-commerce for his help and support I am able to write this research work.

British Institute of Technology & E-commerce

Page 3

Simab Chuhan

Course Work

ID-42903

Introduction: cryptosystems is a science which known thousands of years ago, they have their history of building and to use for local government and other military purpose, in Indian history books there was a book named kamasutra which contain cipher art to understand for women. There are many books written in history about cryptosystem and cipher technology. The method imply on securing the messages in communication channel from one side to other. If person A and person B want to communicate it must be secure from person C, even if person C can have the message but he cannot understand the message or we can he cannot decrypt the message which send by person A to person B. cryptosystems dived in to two categories one is symmetric cryptography and another one is asymmetric cryptography. the difference between symmetric and asymmetric is where symmetric use the encryption and decryption key and asymmetric crypto system using the public and private key where anyone can encrypt the message but only the holder of decryption key can decrypt the message. a simple example of our debit card where we can use our private key to pin to access in our personal account. Now we come on stream cipher, stream cipher is a symmetric key because its use the plain text and combine with the random generating key cipher. Where each digit corresponding with plain text and key stream which give the cipher values simple example of stream cipher is vigenere cipher , where the loop hole of known key length and known plain text attack, it was difficult that time and need more mathematical work on this crypto system.

British Institute of Technology & E-commerce

Page 4

Simab Chuhan

Course Work

ID-42903

Stream Cipher: For designing any cipher system for real life we required to check their ability of performance and the nature of security plus we look for the how fast its work and what their power level required and the area of space required in memory. A5/1 and A5/2 is common use of todays GSM communication their speed is fast and stable in even 32 bit processing unit. in field of new cryptography there are no use of stream cipher instead of stream cipher we are using the method of block cipher where we place the key in block of data instead of bit by bit in stream cipher. Key generator is usually called from a number of memory registers steps. These steps are based each bit, bit by bit stream ciphers, or in a number of bits for stream ciphers. Normally word sizes are 16-bit and 32 bit. Types of Stream Cipher: There are two types of stream cipher one is synchronous stream cipher and another is self asynchronous stream cipher. In a synchronous stream cipher, a stream of pseudo-random numbers are independent of the plaintext and encrypted messages, generates and then to encrypt the plaintext or decrypt operation ciphertext.XOR was combined, in order to combine the plaintext and in terms of binary data quantified. If an attacker is able to change a digit in the cipher text, it may be able to delete predictable changes in the corresponding bit, for example by changing a bit in the cipher text could cause the value of the same plaintext bit. Its need perfect synchronization. The advantage of asynchronous encryption flow itself, where the receiver will automatically synchronize the generator key stream after receiving the cipher text N. its been easy to recover the entire digit during process in case of loss in stream cipher. Change can affect only one bit which can be modify in first step. An Example of asynchronous stream cipher is CFB mode block encryption method.

British Institute of Technology & E-commerce

Page 5

Simab Chuhan

Course Work

ID-42903

Attack on Stream Cipher: There are many attacks on stream ciphers such as known plain text attack, exhaustive key search, time complexity, data complexity, memory complexity, mathematical algebraic attack, guess attacks, side channel attacks etc. Exhaustive key search: The most powerful attack on stream cipher is exhaustive key search which filters the stream generator. If we can store 2k bit of key stream and load every key in LFSR and follow the clock same as 2k times. So we can get the comparison of stored 2k bits. For example if we can find the word a, that will search the character a, and find the all possible correct keys. [1] Bruteforce.docx Modern symmetric algorithms typically use calculations over 128 - to 256-bits. The table below shows how much more complex, a 128bit key as a 56-bit key. If a device existed, Brute-Force, a 56-bit key in a second, the unit should be 149.7 trillion years to brute force a 128-bit key. Symmetric with respect to the length of brute force key size in bits combinations Key check permutations Brute-Force-time to a device 256 permutations per second

Key size bit - permutations time 256 permutation per second device. 08 40 56 64 128 256 28 240 256 264 2128
2256

0 milliseconds 0.015 milliseconds 1 second 4 minutes 16 seconds 149,745,258,842,898 years


50,955,671,114,250,100,000,000,000,000,000,000,000,000,000,000,000,000 years

British Institute of Technology & E-commerce

Page 6

Simab Chuhan

Course Work

ID-42903

Introduction of Smart Card: The nature of smart card technology brings comfortable environment for human kind. From previous years we saw the changes happened in human life in very fast growing success of smart card. their usage in health, transport, communications , financial and other government ids, its made easy for our life.[3] In 1950 diners club produce plastic cards for their member names to pay off.[4] The advance technology of smart card carried out in 1968 by German scientist Jorgen Dethloff and Helmut Grottrup after 19970 Dr.Kunitaka Armura belonging to Japan create the patent of smart card concepts some advancement techniques carried out by French Scientist Moreno in 1974 who build the original form of patent in IC cards which named "smart card". The Mass Transit Railway (MTR), one of Hong Kong railway company has a system to recycle plastic magnetic cards as tickets, when it began operating in 1979. Another area is the railways, the railways Kowloon-Canton (KCR) has the same magnetic cards in 1984, and the version stored value has been renamed Common Stored Value Ticket. In 1989, the common system of stored value ticket to Kowloon Motor Bus (KMB) buses offer a shuttle service to the MTR and KCR stations and Citybus has been expanded and extended to a limited number of non-transport applications, such as B. Payments photo booths and fast-food good. In 1998 London TFL and Transys connected with the EDS cubic transport systems 100 million of deal sign with EDS to provide smart card service their contract lenght of 17 year which suppose to end in 2015 but for security purpose TFL challange to break the contract in 2010 five year early because of some security failures and cost savings.[5] in november 2008 new contract was signed by TFL and cubic, EDS which provide two shareholders running this system till 2013.

Fig1[2]: ISO ID 1Card

British Institute of Technology & E-commerce

Page 7

Simab Chuhan

Course Work

ID-42903

Key Advantages of Smart Card:


Contact-less smartcard technology was recognised as the most appropriate application for the next generation system and its offer many key advantages some of them are below:
y y y y y y y y

Reduce the maintenance cost Reduced the capital cost of replacement No card recirculation cost Reduce the usage of cash handling Fare price policy and flexibility Limit the transaction times Fraud prevention Marketing opportunities etc.

Mifare: NXP Semiconductors by Philips is one of the largest companies in the world who provide Contactless chips. Philips own Mifare who claims to dominate the three quarter of the market share. Mifare is the IC technology. It confirms to the ISO/IEC 14443-A Type A 13.56 MHz standard. Mifare Standard first launched in 1995.
NXP Mifare DES Fire EV1 4k PVC Card (ISO Standard CR80)

Fig 2[6]: NXP EV1 Mifare Card

Big breakthrough was as Mifare cards, Oyster in London. Mifare offers a wide range of integrated circuits, SmartX last Triple-interface and operating system. Mifare is a proprietary technology.

British Institute of Technology & E-commerce

Page 8

Simab Chuhan

Course Work

ID-42903

Types of MIFARE: There are different types of embodied cards and readers technology modules which is suitable to use in different aspects. Such as MIFARE Classic, MIFARE Ultralight, MIFARE Ultralight C, MIFARE DESFire, MIFARE DESFire EV1, MIFARE Plus and MIFARE SAM AV2. MIFARE Classic: The MIFARE Classic is basically storage device where the memory of segments and size of blocks with normal standard security mechanisms for access control is split. They are based on ASCII and its limit the computing power. Each of Mifare Classic 1k offers 1024 bytes of data store capacity is divided into 16 sectors, every sector being protects by two different keys, such as A and B. NXP semiconductor by Philip MIFARE Classic 4k offers 4096 bytes divided into 40 sectors, which 32 sectors are the same size as 1K with over eight, four times the size of conventional sectors. MIFARE with ISO / IEC 14443-3 Type A match. MIFARE Ultralight: MIFARE Classic also same as MIFARE Ultralight but there ICs cost is low, same protocol but there are no same security function and using different commands. The MIFARE Ultralight has got only about 512 bits of memory, without cryptographic security. The Sixteen pages of memory provide 4 bytes. Those cards are not much expensive can be used for disposable fair ticket such as small events where gathered people just for limited time period. MIFARE DESFire: This smart card according to ISO / IEC 14443-4 Type A match with an embedded ROM Operating System. It comes with preprogrammed MIFARE DESFire operating system with normal situation that provides a standard directory structure and standard files system. This structure based on an 8051 processor with AES based crypto accelerator, which results in very fast transactions possible. The MIFARE DESFire is similar to a core SmartMX. The AES variants based security features. The additional maximums reading and writing length between card and reader is about only 10 cm, and its actual reading ability depends on reader power and size of antenna. If the power level of reader is low and antenna size is different it will reduce the length of reading tag. In early 2011 we heard that the MIFARE DESFire security had already broken. [7]According the article, "NXP Semiconductors, the Mifare, has put out an alert to warn customers that the security of the MIFARE DESFire (MF3ICD40) Smart Card had been cracked, but to say this model would be completed by the end of the year and encourage customers to upgrade to the EV1, the version of the card.
British Institute of Technology & E-commerce Page 9

Simab Chuhan

Course Work

ID-42903

MIFARE Ultralight C: This is the first card which introduces the algorithms of 3DES. The integrity of 3DES algorithms provides effective countermeasure against the copying smart cards. It complies with ISO/IEC 14443, 192 bytes. EEPROM memory had been protecting by 3DES authentication. Sixteen bit one way function and their unique series of seven bytes been used UID. MIFARE DESFire EV1: This type of card used the AES Algorithms. MIFARE DESFire EV1 support for ID random, support for AES 128-bit encryption methods and their hardware and operating system is certified according to Common Criteria EAL fourth MIFARE DESFire EV1 is based on global standards for the air interface and cryptographic methods. Provide In combination with security and reliability. MIFARE DESFire EV1 is the perfect balance of speed, performance and development costs for efficiency. New base provides MIFARE DESFire, largely compatible. It is Available with 2K, 4K and 8K NV-Memory. MIFARE DESFire EV1 was publicly announced in November 2006.It is consistent with all four levels of the ISO / IEC 14443A and uses optional ISO / IEC 7816-4 commands. Because its automatic anti-wear mechanism for all types of files which ensuring the integrity of transactionsoriented data. With MIFARE DESFire EV1, reaches transfer speeds up to 848 Kbit / s can be achieved, resulting in faster data processing possible. MIFARE DESFire EV1 with 3DES encryption engine equipment for transmission encryption data. Its open concept enables the seamless integration of future ticketing other media such as electronic paper tickets, key fobs and mobile ticketing based on Near Field Communication (NFC) technology.

Table 1 [8] DESFire EV1 table from NXP

British Institute of Technology & E-commerce

Page 10

Simab Chuhan

Course Work

ID-42903

MIFARE Plus: After discontinue of MIFARE Classic its replace with MIFARE Plus with AES 128 kb based on the function. One most powerful feature its provide upgrading on current structure, high security can use 2 or 4 Kbytes of memory. Data management is supposed to be identical to the MIFARE Classic, but the security management requires change in the basic model of criteria. Its Common drive EAL 4 + certified. MIFARE Plus, at start previous reader at travel stations was not supporting AES Encryptions method there for there was still its leave many back door holes stay open for attacks. That will be help to prevent the risk of attack that the Crypto-1 Algorithms has taken the pseudorandom number to generate lower, which helps brute force attacks and provides optional support cryptanalytic attacks. It AES authentication in the security it is not been possible any more to attach previous method of brute force attack, but provides mutual authentication between the reader and the card through secure communication to prove who the card belongs to the system, and it is not true . MIFARE SAM AV2: The NXP MIFARE SAM AV2 is ideal for reader devices which provide additional security. Support AES and RSA capabilities its also offer security of storage. It based on communication security infrastructures. The X feature in MIFARE SAM AV2 boost the reader its module performance with faster communication flow. The X system is new in SAM system with SAM microcontroller and IC.SAM reader based on symmetric cryptography TDEA and AES. This protocol ensures the data confidentiality and integrity. Its also support MIFARE 1, 4 and EV1. Providing security storage and updating the key usage counters. 128 bit key entries for symmetric cryptosystem. There are no needs for online active connectivity it can be connect in offline cryptography. It can support simultaneously multiple cards up to for logical channels. Session key generated for authentication purpose. At back end symmetric communication SAM connect with secure host. Required three pass authentication for integrity and confidentiality beside its also support ISO/IEC 7816.

British Institute of Technology & E-commerce

Page 11

Simab Chuhan

Course Work

ID-42903

Oyster Card: Oyster card is a form of smart card which use for electronic ticketing in London for local public transportation. Oyster can be use for London underground, buses, boats and Docklands light Railway (DLR) service some of e-ticketing can be use for national rail service within the London region. it is contact less smart card where customer has to touch to the reader at every station for inn and out from any station. This card can be rechargeable from any point such as local store from station or online. Its offer user to buy cheaper fare as compare to buy normal ticket from the station. This card was first introduce in 2003 but its popularity become widely acceptance in 2010 where most of the Londoners using this e-ticketing card for their local journeys.

Fig3 [9] Oyster card Oyster Card Technology: [10]in 26th June, theguardian , Charles Arthur discuss about Rebound University in Nijmegen, Holland, have been playing with Philips's Mifare RFID cards ,Bart Jacobs, professor of computer security at the university and one of the team who did the work, told us it takes "a few seconds" to crack any Oyster card's encryption. "We need to eavesdrop on the communication between a card and a card reader. From that communication we can deduce secret cryptographic keys that are used to protect the contents of the card. Once we have the keys we 'own' the card and can manipulate it as we like." The requirement tools is just reader and card was required for cracking the oyster card some of software application was been use in Linux application such as proxmark3 and crypto1. now its no more easy to crack oyster card as we discuss that Mifare DESFire card been used which using the 128 bit AES key encryption methods beside there is also availability for updating to 256 bit key which required brute force to crack about 2 200 operation possible keys as we know that brute force had
British Institute of Technology & E-commerce Page 12

Simab Chuhan

Course Work

ID-42903

been successfully attack on 2 64 bit key size on block ciphers. Its still take ages to crack the 128 bit key size. Alex Biryukov and Dmitry Khovratovich Cryptanalysis discussed in Cryptology e-Print Archive: Report 2009/317 that they did successfully recover the first key of 2 99.5 using the boomerang attacks which give them to switching techniques of gaining access in middle of the rounds.

Fig4[13]

British Institute of Technology & E-commerce

Page 13

Simab Chuhan

Course Work

ID-42903

Conclusion: The Contactless smart cards are widely accepted in world because of its flexibility and popularity which provide in different platform. We saw Different smart cards providing different level of security which comply with ISO standards. I did discuss best of my knowledge about the stream cipher and their critical points and security issues. I also discuss about the smart card technology and how its widely become popular in human kind. Furthermore I did discuss about the Mifare DESFire card and their technology, what kind of algorithms been used and what current market standard for smart cards. At last I did discuss about London underground oyster e-ticketing service, about the security of oyster card and its ISO standards. As we know security is not perfect every time, challenges are keep coming as time to time , it will more increase as soon as technology increase. Data security is much more important and needs updates as time go.

British Institute of Technology & E-commerce

Page 14

Simab Chuhan Bibliography

Course Work

ID-42903

1. room30atsomerville2011.wikispaces.com/file/view/Bruteforcce.docx 2. Fig 1 taken from http://www.idedge.com/index.cfm/fuseaction/category.display/category_id/91/Contactles s_smart_cards.htm 3. Communications Surveys & Tutorials, IEEE
Issue Date: 3rd Quarter 2009

4. Johni douglas discuss in his report. http://www.scribd.com/doc/54220739/TCC-ProjetoJohni-Douglas-Marangon 5. http://www.zdnet.co.uk/news/systems-management/2008/11/19/tfl-salvages-oysterbrand-in-deal-with-eds-cubic-39556611/ 6. Fig 2 taken from http://www.diytrade.com/china/4/products/6701330/NXP_Mifare_DES_Fire_EV1_4k_P VC_Card_ISO_Standard_CR80.html 7. http://mifare.net/links/news/update-on-mifare-desfire-mf3icd40/ 8. http://www.nxp.com/documents/leaflet/75015782.pdf 9. Fig 3 taken from http://www.tfl.gov.uk/tickets/14836.aspx 10. Theguardian 26th June 2008 Charles Arthur http://www.guardian.co.uk/technology/2008/jun/26/hitechcrime.oystercards 11. Fig 4 taken from Related-key Cryptanalysis of the Full AES-192 and AES-256 Alex Biryukov and Dmitry Khovratovich University of Luxembourg.

British Institute of Technology & E-commerce

Page 15