0 Preface
Today, smart card applications are becoming more and more widely used, and the security issues of smart card applications are very important. It is generally believed that the smart card itself has high security, but with the emergence and development of some special attack technologies, the smart card also presents its security vulnerability, which leads to the security of the entire application system. It is of great significance to analyze the security attacks faced by smart cards and study the corresponding defense measures to ensure the security of the entire smart card application system. This paper first analyzes the current major smart card attack technologies, and proposes corresponding security design strategies in a targeted manner.
1 Smart Card Design Brief
A smart card is a card made by embedding an integrated circuit chip with storage, encryption and data processing capabilities on a plastic substrate. The hardware of the smart card mainly includes a microprocessor and a memory. The logical structure is shown in FIG.
The microprocessor inside the smart card generally uses a central processor with an 8-bit word length. Of course, higher-level microprocessors are also starting to be applied. The main function of the microprocessor is to accept commands sent by external devices, analyze them, and control access to the memory as needed. When accessed, the microprocessor provides the memory with the address of the data unit to be accessed and the necessary parameters. The memory transfers the corresponding data to the microprocessor based on the address, and the microprocessor then processes the data. In addition, various operations performed by the smart card (such as encryption operations) are also performed by the microprocessor. The control and implementation of the above process is the operating system COS of the smart card. The memory capacity of the card is generally not very large, and the memory is usually composed of a read only memory ROM, a random access memory RAM, and an electrically erased programmable memory EEPROM. Among them, the operating system code is solidified in the ROM, and its capacity depends on the microprocessor used; the RAM is used to store operational data, and the capacity usually does not exceed 1 KB; the EEPROM stores various information of the smart card, such as encrypted data and Application files, etc., usually between 2KB and 32KB, which is available for users to develop and utilize.
.jpg)
Figure 1 Hardware structure of the smart card
2 Smart Card Attack Technology Analysis
There are various potential threats in the design phase, production environment, production process and use of the smart card. Attackers may take various detection methods to obtain hardware security mechanisms, access control mechanisms, authentication mechanisms, data protection systems, storage partitions, design details of cryptographic module programs, and sensitive data such as initialization data, private data, passwords, or cryptographic keys. And may illegally obtain the right to use the smart card by modifying the important security data on the smart card. These attacks pose a great threat to the security of smart cards.
Attacks on smart cards can be divided into three basic types:
(1) Logical attack: inserting bugs in the execution of the software
(2) Physical attacks: analyzing or changing smart card hardware (3) Edge-frequency attacks: Using physical phenomena to analyze and change the behavior of smart cards
2.1 Analysis of logical attack technology
There are potential logical flaws in many areas:
(1) Unspoken orders:
(2) Bad parameters and buffer overflow (3) File access (4) Malicious process applet?
(5) Communication protocol (6) Encryption protocol, design and implementation process
2.2 Physical Attack
Multiple methods and tools are available for physical attacks
(1) Chemical solvents, etching and coloring materials (2) Microscope (3) Probe station (4) FIB polyion beam?
Security measures for physical attacks are improved in the following areas:
(1) Body size (2) Multilayer (3) Protective layer (4) Sensor (5) Irregular bus?
(6) Sealing? logic
2.3 Edge frequency attack
1) Differential Energy Analysis (DPA)
Differential energy analysis (DPA) attacks are known by detecting the energy consumption of an electronic device with an oscilloscope. The attacker only needs to know the plaintext (input) or ciphertext (output) of the algorithm, and the encryption key can be reproduced by analyzing and comparing a series of energy trajectories.
The basis of a DPA attack is to assume that there is a connection between the processed data and the energy consumption. In other words, it is assumed that processing 0 to 1 uses less energy (and vice versa). Then the two energy traces that perform the same algorithm on two different data will make a slight difference due to the difference in the input data. The differential trajectory is obtained by calculating the difference between the two trajectories by the computer strictly according to the clock. The moment at which the peak appears in the differential trajectory is the clock period in which the input data is different. By examining all the inputs of the encryption algorithm and the differential traces produced by each pair of 0's and 1's, you can identify the exact time they appear in the program code to obtain the encryption key.
2) Energy short pulse interference
The microprocessor requires operation at a stable voltage, and the interruption of the energy supply is like a sudden impact on the program operation or reset circuit. However, a short and ingenious pulse can cause a single-step program error and the microprocessor can continue to execute the program. For example, the CPU reads the contents of the memory cell and the transistor uses a threshold to detect the value of the memory cell to determine if it is a logic 0 or 1. Sudden bursts of energy have an effect on both stored and logical values. Different internal capacities can affect stored values ​​differently, potentially causing real values ​​to be distorted. As shown in FIG. 3, the low level corresponding to logic 0 may be below the threshold level under normal operating conditions, however due to the energy downforce of the short pulse may cause it to be above the threshold level. Many encryption algorithms are susceptible to this type of fault injection. Differential Fault Analysis (DFA) technology is used to compare the correct and incorrect cryptographic codes to isolate secret keys.
.jpg)
Figure 3 Energy short pulse interference when reading memory
The second attack method for short-pulse interference is to turn the PIN check failure into success to trick the processor. A more rigorous way is to completely turn off the power when the processor is about to write a verification failure to the memory, thus avoiding a PIN check failure counter overflow.
A third application of short burst interference is to attack the transmit limit counter, causing the entire memory contents to be output to the serial interface.
3 Smart card security design strategy
Designers of security applications use smart cards and ignore many of their vulnerabilities (attack points?), and alternative solutions have their own security vulnerabilities and are even less secure. This section provides designers with some application techniques to achieve an appropriate level of security.
3.1 The business situation of the attacker
Most serious threats come from attackers seeking economic benefits. This type of attacker will carefully consider the balance between cost and revenue. The tricks of preventive measures are mostly to increase the difficulty and cost of successful attacks.
3.2 Design steps
Are designers of smart card applications using off-the-shelf? Smart card products to design systems, software and protocols to implement system applications. Despite the threat, he still needs to deliver a system that is sufficiently secure.
Here are the steps you need to take to achieve this goal:
(1) Determine the degree of security and special safety requirements required for the application system. There is also a need to take into account the potential security costs of technical, commercial, and public relations (brand value).
(2) Conduct risk analysis and assess security threats.
(3) Analyze the business situation of the attacker, considering various types of attackers, from bona fide hackers to criminal organizations.
(4) Select a smart card solution that meets the required security level.
3.1 Security Strategy for Logical Attacks
Security countermeasures for logical attacks
(1) Structured design (2) Formal verification (3) Testing (4) Standardization of interfaces and applications (5) Concentration? Application JAVA card operating system (6) Universal Evaluation Lab
3.2 Security Strategies for Physical Attacks
Security measures for physical attacks are improved in the following areas:
(7) Body size (8) Multilayer (9) Protective layer (10) Sensor (11) Irregular bus?
(12) Sealing? logic
3.3 Security Design Strategy
In the face of the above various attack methods, the smart card should adopt the response security design strategy according to the required security level. The basic idea is to increase the complexity of the integrated circuit on the chip, improve the anti-interference ability of the circuit, and increase the noise to cover up the real The power consumption of the power supply; the control function for abnormal signals and the like. The specific preventive measures are as follows:
(1) Limit program counter technology In the short pulse attack described above, since the attacker can use the program counter to increase access to the memory data, it is necessary to limit the use of the program counter in the smart card programming to avoid being attacked. Used.
(2) Random clock signal Many logic and edge-frequency attack techniques are the exact time for an attacker to anticipate the execution of an instruction. If the processor executes the same instruction after each reset, it is easily detected by the attacker. It is speculated that the behavior of the processor can also simplify the analysis of the protocol. Therefore, the precaution is to insert a random clock between observable and critical operations, which can effectively prevent such attacks.
(3) Low-frequency sensor When the smart card chip is driven by a low-frequency clock circuit, the technique of observing the bus by electronic flow test is increasingly simple. Therefore, the designer of the chip should alert the behavior below a certain clock frequency to prevent this behavior from occurring. A circuit should be designed such that the external reset signal cannot be directly applied to the internal reset line, and only an external frequency divider can be caused to reduce the frequency of the clock signal to excite the low frequency detector, which in turn can activate the internal reset line. The divider is stopped and the processor passes the sensor test and begins normal operation. A processor of this design will not operate without a normal internal reset after power-up. Other sensors that protect against non-intrusive attacks are also embedded in the normal operation of the processor, otherwise they can be bypassed by breaking the circuit.
In order to increase the difficulty of the attacker, the circuit can be designed as multiple circuit layers. The use of microprobe technology is limited, thus ensuring a certain degree of security. But it also increases the complexity of the circuit design and increases the manufacturing cost.
(5) Sensor network on the top layer Adding a layer of grid on the surface of the chip can effectively prevent laser cutting and probe detection technology. This technique also effectively prevents further detection of low-level circuits. This sensor network is associated with the flag of a register. When an intrusion occurs, the register bit changes and the contents of the memory are cleared.
(6) Self-destruction technology A thin metal film is deposited on the outermost layer of the chip, and the voltage of UZ can be applied to it, and then encapsulated in plastic on the outermost surface. In this way, the chip is like wearing a layer of conductive clothing. If an attacker inserts a precision mechanical probe into the chip to attempt to detect the password inside, it will cause a short circuit and burn the chip.
(7) Anti-electromagnetic detection cryptography Technology uses balanced circuits to reduce signal energy and set metal protection to suppress electromagnetic emissions. The conductive clothes have a certain shielding or attenuating effect on the electromagnetic radiation emitted from the chip, so that the electromagnetic waves radiated therefrom are weakened. Therefore, a random number generator can be added to the chip, and as a result, the radiated electromagnetic wave is more confusing, and even a sensitive electromagnetic probe can not analyze the real key therein by measuring its electromagnetic radiation.
(8) Latch circuit The latch bit is set in the processor of the smart card. When an abnormal situation occurs, such as temperature, pressure, voltage, current, etc., which is unsafe and threatens sensitive data in the chip, it will issue an unlock level and immediately remove sensitive data from the chip & pay attention to this function. The setting is related to the security policy adopted by the user, otherwise it is easy to cause user dissatisfaction.
(9) Random multi-threading Designing a multi-threaded processor structure, the hardware controls the processor, and there are randomly N or more threads executing in each instruction group. Such a processor consists of multiple sets of registers, program counters, instruction registers, etc., and the combinational logic takes a random change.
(10) Destruction test circuit: When the smart card is produced, the test circuit is generally reserved to test whether the smart card is qualified, and some smart cards still retain these test circuits at the time of issuance, thereby providing great convenience to the attacker. After the smart card is tested, these circuits should be destroyed.
4 Conclusion
The smart card application system is a system with a complex security environment. This paper provides an idea for analyzing the security attacks faced by this system and provides a basis for the system security design. The next step is to quantify each security design strategy and explore ways to find the best balance between reducing security threats and increasing security costs.
The Adjustable Height Table Base is a versatile and practical solution for any workspace or office setting. With its adjustable height feature, it allows users to easily customize the table's height to their preferred level, providing optimal comfort and ergonomics.
This table base is built with high-quality materials, ensuring durability and stability. The sturdy construction can support heavy loads and withstand daily wear and tear, making it suitable for long-term use in busy environments.
The adjustable height mechanism is easy to operate, allowing users to effortlessly raise or lower the table to their desired height. This feature is particularly beneficial for individuals who require different working positions throughout the day, such as those who alternate between sitting and standing.
The table base's design is sleek and modern, adding a touch of sophistication to any workspace. Its neutral color and clean lines make it easy to integrate into various office aesthetics and interior designs.
Installation of the Adjustable Height Table Base is straightforward and hassle-free. The base comes with all the necessary hardware and instructions, making it easy for users to assemble and set up the table in no time.
Furthermore, this table base is compatible with a wide range of tabletop sizes and materials. Whether you prefer a smaller desk for personal use or a larger conference table for collaborative work, this adjustable base can accommodate different dimensions and styles.
In conclusion, the Adjustable Height Table Base is an excellent choice for those seeking a versatile, durable, and aesthetically pleasing solution for their workspace. Its adjustable height feature, sturdy construction, and compatibility with various tabletops make it a practical and long-lasting investment. Improve your productivity and comfort with this adjustable table base.
electric lifting table leg,cross table legs,electric adjustable table one leg,furniture leg riser
Guangdong Metagarden Trading Co.,Ltd , https://www.gdmenapparel.com