La presentazione è in caricamento. Aspetta per favore

La presentazione è in caricamento. Aspetta per favore

C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica Biometry to enhance smart card security (MOC using TOC protocol) Università

Presentazioni simili


Presentazione sul tema: "C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica Biometry to enhance smart card security (MOC using TOC protocol) Università"— Transcript della presentazione:

1 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica Biometry to enhance smart card security (MOC using TOC protocol) Università degli Studi G. dAnnunzio Dipartimento di Scienze - Pescara Giampaolo Bella – Stefano Bistarelli – Fabio Martinelli

2 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica Overview Biometry and smart cards –TOC, MOC, SOC Procotols between application/hardware –A MOC protocol –A MOC via TOC protocol Towards a formal specification/analysis Discussion…

3 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica Biometry Acquisition of bio-features that almost uniquely identify entities From bio to digital world –Fingerprint: image acquisition from a scanner template acquisition from the imagine –The template stores the useful information obtained from the image match algorithms receive as inputs two templates and returns true iff the two templates are compatible –Bio-information is usually public in the sense that it can be ``easily acquired.

4 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica Smart cards Smart devices with computational and storage resources Criptoki (PKCS#11) is the interface smart-cards/applications Access to smart card functions through a PIN –We consider protocols that use also biometric authentication

5 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica Biometry and smart cards Applying biometric authentication to log on the smart card: –Template On Card (TOC): Only the template is stored on board Requires very cheap cards –Match On Card (MOC): The template is on the smart card, the match is performed on board, the live template acquisition is external Requires smart-cards with ``strong computational power –System On Card (SOC): Each phase is internally performed Requires currently expensive technology

6 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica Template on Card (TOC) Template on Card User Smart Card Biometric Template Grant Biometric Template Biometric Input

7 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica Smart Card Biometric Template Match on Card (MOC) Match on Card User CPU Grant Biometric Input

8 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica System on Card User Biometric Input Smart Card CPU Biometric Template Grant

9 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica A MOC protocol Goal: MOC + key establishment Correctness doesnt depend on biometry but on cryptography The live template is a fresh scanner acquisition The live template is kept secret for privacy reasons

10 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica A MOC using TOC protocol C M is the criptoki match module C M signs a hash of the pair of templates only if they match

11 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica Verification challenges? Biometry adds no problems ``Incremental protocols – the two are equivalent from the application viewpoint –Functional –Security

12 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica Formal specification Process algebra for functional and security aspects –Basic sending/receiving operations Basic operators as sequencing (.); parallel composiiton (|) We have 4 different players –Two specifications for the smart cards S MOC and S MT –The criptoki C and the match module M MOC protocol: S MOC | C MOC using TOC : S MT | M | C –The criptoki and the match module may be distinct processes (they share no knowledge)

13 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica Towards formal security analysis MOC is ``secure –Correspondence analysis: Control actions to express user beliefs –Smart cards issues Start(S,C,Tstored) –Criptoki issues End(C,S,Tlive) –For every enemy X, S MOC | C | X when restricted to control actions is trace equivalent to Start(S,C,Tstored).End(C,S,Tlive) and Tstored and Tlive match MOC using TOC is ``as secure as MOC –For every enemy X, S MT |C | M | X = control actions S MOC | C | X

14 C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica Questions?


Scaricare ppt "C Consiglio Nazionale delle Ricerche - Pisa Iit Istituto di Informatica e Telematica Biometry to enhance smart card security (MOC using TOC protocol) Università"

Presentazioni simili


Annunci Google