Presentazione sul tema: "Biometry to enhance smart card security (MOC using TOC protocol)"— Transcript della presentazione:
1 Biometry to enhance smart card security (MOC using TOC protocol) Giampaolo Bella – Stefano Bistarelli – Fabio MartinelliUniversità degli Studi “G. d’Annunzio”Dipartimento di Scienze - Pescara
2 Overview Biometry and smart cards TOC, MOC, SOCProcotols between application/hardwareA MOC protocolA MOC via TOC protocolTowards a formal specification/analysisDiscussion…
3 BiometryAcquisition of bio-features that almost uniquely identify entitiesFrom bio to digital worldFingerprint:image acquisition from a scannertemplate acquisition from the imagineThe template stores the useful information obtained from the imagematch algorithms receive as inputs two templates and returns true iff the two templates are compatibleBio-information is usually public in the sense that it can be ``easily’’ acquired.
4 Smart cards Smart devices with computational and storage resources Criptoki (PKCS#11) is the interface smart-cards/applicationsAccess to smart card functions through a PINWe consider protocols that use also biometric authentication
5 Biometry and smart cards Applying biometric authentication to log on the smart card:Template On Card (TOC): Only the template is stored on boardRequires very cheap cardsMatch On Card (MOC): The template is on the smart card, the match is performed on board, the live template acquisition is externalRequires smart-cards with ``strong’’ computational powerSystem On Card (SOC): Each phase is internally performedRequires currently expensive technology
6 Template on Card (TOC) Template on Card Biometric Template Biometric InputSmart CardBiometric TemplateBiometric TemplateUserGrant
7 Match on Card (MOC) Match on Card Biometric Input CPU User Grant Smart CardBiometric TemplateCPUUserGrant
8 System on Card System on Card Biometric Input Grant User CPU Smart CardCPUBiometric TemplateUserGrant
9 A MOC protocol Goal: MOC + key establishment Correctness doesn’t depend on biometry but on cryptographyThe live template is a fresh scanner acquisitionThe live template is kept secret for privacy reasons
10 A MOC using TOC protocol CM is the criptoki match moduleCM signs a hash of the pair of templates only if they match
11 Verification challenges? Biometry adds no problems``Incremental’’ protocols – the two are equivalent from the application viewpointFunctionalSecurity
12 Formal specificationProcess algebra for functional and security aspectsBasic sending/receiving operationsBasic operators as sequencing (.); parallel composiiton (|)We have 4 different playersTwo specifications for the smart cardsSMOC and SMTThe criptoki C and the match module MMOC protocol: SMOC | CMOC using TOC : SMT | M | CThe criptoki and the match module may be distinct processes (they share no knowledge)
13 Towards formal security analysis MOC is ``secure’’Correspondence analysis:Control actions to express user’ beliefsSmart cards issues Start(S,C,Tstored)Criptoki issues End(C,S,Tlive)For every enemy X,SMOC | C | X when restricted to control actions is trace equivalent to Start(S,C,Tstored).End(C,S,Tlive) and Tstored and Tlive matchMOC using TOC is ``as secure as’’ MOCSMT |C | M | X =control actions SMOC | C | X
Your consent to our cookies if you continue to use this website.