Computer protection: electronic identification and authentication systems.
Computer protection: electronic identification and authentication systems
V. Shramko,
PhD in Engineering, e-mail vnshramko@infosec.ru .
PCWeek/RE No. 12, 2004
Source —Informzashita
AAA, or 3A (authentication, authorization, administration) tools designed to provide protection against unauthorized access (UA) to information resources maintain a stable position in the global information security market. This trend is reflected in analytical reviews and forecasts of leading consulting companies. For example, according to Infonetics Research (infonetics), the 3A tools sector will reach $9.5 billion by 2005, which will account for 67% of the entire information security market.
An important place in the 3A area is occupied by hardware and software identification and authentication systems (IAS), or devices for inputting identification features (the term corresponds to GOST R 51241-98), designed to ensure protection against unauthorized access to computers. When using IAS, the user's access to the computer is carried out only after the successful completion of the identification and authentication procedure. Identification consists of recognizing the user by his inherent or assigned identification feature. Verification of the user's belonging to the identification feature presented by him is carried out during the authentication process.
The IAS includes hardware identifiers, input/output devices (readers, contact devices, adapters, motherboard connectors, etc.) and the corresponding software. Identifiers are intended for storing unique identification features. In addition, they can store and process confidential data. Input/output devices and software exchange data between the identifier and the protected computer.
In our review «Hardware and software access control tools» (see PC Week/RE, No. 9/2003, p. 25), the IAS were classified, their operating principles were considered and products from leading developer companies were described.
This article focuses on the class of electronic IAS. This choice is based on the fact that today on the Russian computer security market these systems are the most attractive due to their high efficiency and reasonable price.
Classification of electronic identification and authentication systems
In electronic I&A, identification features are represented as a digital code stored in the identifier memory. According to the method of data exchange between the identifier and the input/output device, electronic I&A are divided (see Fig. 1) into contact and contactless. Contact reading implies direct contact of the identifier with the input/output device. Contactless (remote) exchange does not require precise positioning of the identifier and the input/output device. Reading or writing of data occurs when the identifier is brought to a certain distance from the input/output device.
Figure 1—Classification of electronic I&A
Modern electronic IAS are developed on the basis of the following identifiers (see Fig. 2):
- smart cards (smart card— intellectual card);
- radio-frequency, or RFID-identifiers (radio-frequency identification— radio-frequency identification);
- iButton identifiers (information button— information «tablet»);
- USB keys, or USB tokens (token— identification feature, marker).
Figure 2—Identifiers
Table 1 lists the world's leading suppliers of electronic IAS. Of course, this list is far from complete.
Table 1—Leading companies—developers of electronic IAS
Smart card and radio frequency identifier based SIAs can be classified as older generations, iButtons as middle generations, and USB keys as younger generations.
The first step in the creation of identification cards was made in Germany in 1968, when Jurgen Desloff and Helmut Grottruppe managed to place an integrated circuit in a piece of plastic. In 1974, the Frenchman Roland Moreno patented the idea of integrating a microcircuit into a plastic card. But it was not until the late 1980s that advances in microelectronics made it possible to implement this idea.
The history of the development of the SIA based on iButton products (ibutton.com) began in 1991 with the creation of the first Touch Memory identifiers (this was their initial name) by Dallas Semiconductor. Currently, Dallas Semiconductor is a subsidiary of Maxim Integrated Products (maxim-ic). The result of their joint activities is the release of more than 20 models of iButton identifiers. To protect computers from unauthorized access, the following identifiers are mainly used: DS 1963S, DS 1991, DS 1992L—DS 1996L, which differ in internal structure, functionality and price.
Identification and authentication systems based on USB keys appeared in the late 90s. Being the successor of smart card technologies and electronic key technologies used to protect software, USB keys quickly gained popularity. According to the IDC report (Identity Management in a Virtual World, C. J. Kolodgy, June 2003), in 2004, compared to 2003, an increase in USB token sales is expected by 161%.
In addition to the products of foreign companies, domestic products are widely represented in Russia. Our developers are traditionally strong in the field of radio frequency identification. The leading positions in the creation of RFID systems on the Russian computer security market are occupied by Angstrem OJSC (angstrem) and Parsec (parsec-tm).
In 1998, the joint efforts of the enterprises «Angstrem», «Program Systems and Technologies» and the Scientific and Technical Center «Atlas» (stcnet) with the direct participation of FAPSI, released the first Russian intellectual card RIC, which implemented a domestic cryptographic algorithm in accordance with GOST 28147-89. This microprocessor card was developed in compliance with international standards ISO 7816 and is compatible with EMV recommendations.
The desire to implement the GOST 28147-89 algorithm at the hardware level in USB keys led to the appearance of ruToken (rutoken) and eToken RIC (aladdin. ru) products on the Russian market. The identification and authentication system based on ruToken is a joint development of the companies «Aktiv» and ANKAD (ancud.ru), and the IAS based on eToken RIC is a development of Aladdin Software Security R.D.
Today there are quite a few offers for protecting computers from unauthorized access using electronic IAS. All that remains is to choose the right one.
Key parameters of identification and authentication systems
It is advisable to select the IAS by comparing the most important characteristics of the products. The following characteristics are proposed as such (see Fig. 3):
- identifier structure;
- structure and composition of the input-output device;
- product reliability;
- integration with electronic locks (EL) and information security systems (ISS);
- product cost.
Figure 3— Factors Affecting the Choice of SIA
This list is not exhaustive. But, in our opinion, the analysis of the proposed characteristics is sufficient to make a choice in favor of one or another SIA.
In terms of cost, the most preferable SIAs on the Russian market are those based on USB keys and iButtons, which do not include expensive readers.
Approximate prices of SIA are given in Table 2 and depend on the type of products, the size of the purchased lot, the seller and other factors. But even these values allow for a comparative analysis of the cost of SIA hardware components.
Table 2—Approximate prices of SIA
Identifiers
Contact identifiers are divided into iButton identifiers, smart cards and USB keys.
The iButton identifier is a microcircuit (chip) built into a sealed steel case, powered by a miniature lithium battery. The chip (Fig. 4) is based on a multiplexer and memory. In addition, some types of identifiers contain additional components. For example, the DS1963S identifier contains a microcontroller designed to calculate a 160-bit message authentication code in accordance with the SHA-1 standard and generate access keys for memory pages, and the DS1994L identifier has a real-time clock built into the case.
Fig. 4. iButton structure
The iButton identifier memory consists of the following components:
- ROM read-only memory;
- nonvolatile (NV) random access memory;
- scratchpad memory (SM), or notepad memory.
Table 3 presents the main characteristics of the iButton identifier memory used to protect computers from unauthorized access.
Table 3—iButton identifiers
The ROM stores a 64-bit code consisting of a 48-bit unique serial number (identification feature), an eight-bit identifier type code, and an eight-bit checksum. NV RAM memory can be used to store both publicly available and confidential information (cryptographic keys, access passwords, and other data). SM memory is a buffer and functions as a notepad memory.
Contact smart cards are usually divided into processor cards and memory cards. They are usually issued in the form of plastic cards.
The security market was first hit by cards with open memory, then by cards with protected memory, and finally by processor smart cards. The physical, electrical, mechanical, and software interfaces of smart cards are defined by the basic standard ISO 7816 (parts 1-10).
The basis of the internal structure of a modern processor smart card is a chip, which includes a processor (or several processors), RAM, ROM, and PROM (Fig. 5).
Figure 5—Structure of a contact processor smart card
RAM is used for temporary storage of data, such as the results of calculations performed by the processor. The memory capacity is several kilobytes.
The ROM (usually masked) permanent memory stores commands executed by the processor and other unchangeable data. Information in the ROM is written during the card manufacturing process. The memory capacity can be tens of kilobytes.
There are two types of PROM memory used in smart cards: one-time programmable EPROM and the more common multiple programmable EEPROM. It stores user data that can be read, written and modified, and confidential data (for example, cryptographic keys) that are inaccessible to application programs. The memory capacity is tens and hundreds of kilobytes.
The central processor of the smart card (usually a RISC processor) ensures the implementation of various data processing procedures, memory access control and control of the computing process.
A specialized processor is responsible for the implementation of various procedures necessary to increase the security of the SIA, including:
- generation of cryptographic keys;
- implementation of cryptographic algorithms (GOST 28147-89, DES, 3DES, RSA, SHA-1);
- performing operations with electronic digital signature (generation and verification);
- performing operations with PIN code.
USB keys are designed to work with a computer USB port. Structurally, they are made in the form of key fobs, to which it is quite possible to attach a bunch of keys. Key fobs are produced in colored cases and have light indicators of operation. Each identifier has a unique 32/64-bit serial number stitched during production.
As noted above, USB keys are the successors of contact smart cards. Therefore, the structures of USB keys and smart cards are almost identical. The volumes of similar storage devices also correspond to each other. USB keys may include:
- processor— data management and processing;
- cryptographic processor— implementation of GOST 28147-89, DES, 3DES, RSA, DSA, MD5, SHA-1 and other cryptographic transformations;
- USB controller—provides an interface with the computer's USB port;
- RAM random access memory—storage of variable data;
- EEPROM secure memory—storage of encryption keys, passwords, certificates, and other important data;
- ROM read-only memory—storage of commands and constants.
Contactless identifiers are divided into proximity identifiers (from the English proximity — closeness, neighborhood) and smart cards. Structurally, they are made in the form of plastic cards, key fobs, tokens, disks, tags, etc. The main components of the identifiers are the chip and the antenna. Each identifier has a unique 32/64-bit serial number. Table 4 presents the main characteristics of contactless identifiers.
Table 4 — Contactless identifiers
Proximity identifiers operate at a frequency of 125 kHz. The chip includes a memory chip (or a chip with «hard» logic) with auxiliary units: a programming module, a modulator, a control unit and other modules. The memory capacity is from 8 to 256 bytes. Proximity mainly uses a one-time programmable EPROM, but there is also a rewritable EEPROM. The memory contains a unique identifier number, a device code and service information (parity bits, bits of the beginning and end of code transmission, etc.).
Proximity identifiers are usually passive and do not contain a chemical power source — a lithium battery. In this case, the chip is powered by an electromagnetic field emitted by the reader. Data is read by a reader at a speed of 4 kbps at a distance of up to 1 m.
Proximity-based identification and authentication systems are not cryptographically protected (except for custom systems).
Contactless smart cards operate at a frequency of 13.56 MHz and are divided into two classes, which are based on the international standards ISO/IEC 14443 and ISO/IEC 15693.
The ISO/IEC 14443 standard was developed from 1994 to 2001. It includes versions A and B, which differ in the modulation methods of the transmitted radio signal, and supports the exchange (reading/writing) of data at a speed of 106 kbps (it is possible to increase to 212, 424 and 848 kbps), the reading distance is up to 10 cm.
To implement encryption and authentication functions in ISO/IEC 14443 identifiers, three types of chips can be used: a chip with MIFARE «hard» logic, a processor, and a cryptographic processor. MIFARE technology is a development of Philips Electronics and is an extension of ISO/IEC 14443 (version A).
The ISO/IEC 15693 standard was developed to increase the range of contactless identifiers to 1 m. At this distance, data exchange occurs at a rate of 26.6 kbps.
Input/output device
The choice of I/O device may depend on the structure and composition of the input/output device that ensures data exchange between the identifier and the protected computer.
Data exchange is most easily accomplished in I/O devices based on USB keys. In these systems, there is no hardware input/output device: the identifier is connected to the USB port of a workstation, laptop, keyboard or monitor directly or using an extension cable.
In the iButton-based SIA, information is exchanged with the computer in accordance with the 1-Wire single-wire interface protocol via serial, parallel, and USB ports, as well as an additional expansion board. Data is written to the identifier and read from it by touching the iButton body to the contact device built into the adapter of the corresponding port, or to the contact device with an extension cable connected to the adapter. The guaranteed number of iButton contacts is several million connections.
The 1-Wire interface ensures data exchange in half-duplex mode at speeds of 16 and 142 kbps (accelerated exchange option). Interaction of devices via a single-wire interface is organized according to the «master-slave» principle. In this case, the contact device is always the master, and one or more iButton identifiers are slaves.
The composition of the SIA based on smart cards (contact and contactless) and RFID identifiers includes expensive reading devices (readers, readers), which are connected to parallel, serial, USB ports, an additional expansion board of the computer, to the PC Card of a laptop. In relation to the computer case, the readers can be external and internal. Readers are powered from various sources — the computer power supply, an external power source or standard batteries.
Reliability
When discussing the reliability of the SIA, the most important and at the same time the weakest link of the system is usually considered — the identifier. In turn, the reliability of identifiers is associated with the degree of their protection from mechanical impacts, the influence of temperature, external electromagnetic fields, aggressive environments, dust, moisture, as well as from attacks aimed at opening chips storing secret data.
The developers of iButton identifiers ensure that the characteristics of their products are preserved under a mechanical impact of 500g, a fall from a height of 1.5 m onto a concrete floor, an operating temperature range from -40 to 70 ° C, exposure to electromagnetic fields and the atmosphere. This is facilitated by the hermetic steel case of the identifier, which retains its strength with a million contacts with the input-output device. The memory of some identifiers (DS1991, DS1963S) is protected from access. The service life of the iButton identifier is 10 years.
The disadvantages of the SIA based on iButton include the lack of cryptographic tools built into the identifiers that implement data encryption during storage and transmission to the computer. Therefore, iButton is usually used together with other systems that are assigned encryption functions.
Of course, in terms of mechanical reliability, radio frequency identifiers, smart cards and USB keys are inferior to iButton. It is difficult for plastic to compete with steel. Card failure due to mechanical damage is not such a rare event. Ten-year studies of 22 million cards conducted during the implementation of the French GIE Carte Bancaire project showed that the probability of their failure for a number of reasons (which also include mechanical damage) is 0.022.
The «bottleneck» of USB keys is also the resource of their USB connectors. The developers of these identifiers even include this indicator in the technical specifications of the products. For example, for identifiers of the eToken (ealaddin) family, the guaranteed number of connections is at least 5000 times.
The advantage of radio frequency identifiers, smart cards and USB keys is that they include secure non-volatile memory and a cryptographic processor, which allows for an increased level of protection for devices. However, the attacking side is not asleep, inventing various ways to reveal secret information.
There are many published papers describing various attacks on ID chips. These studies are both theoretical and practical. Theoretical methods of cracking include, in particular, Bellcore attacks, differential distortion analysis (DFA) and power supply (DPA). Practical methods include glitching and physical attacks aimed at unpacking the chip and extracting the necessary information.
Developers of cryptographic processors strive to adequately respond to attacks as much as possible using a variety of external and internal protection mechanisms. External protection mechanisms include installing sensors (capacitive or optical sensor), covering the chip with a metal layer, special adhesives, etc., while internal mechanisms include bus encryption, random clocking, repetitive calculations, and noise generation.
Integration with electronic locks and information security systems
An important criterion for selecting a SIA is its use in other 3A means—electronic locks (see PC Week/RE, No. 9/2003, p. 25) and systems for protecting against unauthorized access to computer information resources. The following certified products using electronic SIA are present on the Russian computer security market:
Electronic locks:
- Sobol-PCI hardware and software complex—developed by Informzashita Research and Production Association (infosec.ru);
- Akkord-AMDZ trusted boot hardware module—developed by OKB SAPR (okbsapr.ru);
- KRIPTON-Zamok/PCI trusted boot hardware and software module—developed by ANKAD;
— systems for protecting against unauthorized access to computer information resources:
- Secret Net family information security system—developed by the Scientific and Research Institute «Informzashita»;
- Guard NT information security system (version 2.0)—developed by the Research Institute for Problems of Control, Informatization and Modeling of the Academy of Military Sciences;
- Akkord family information security system—developed by OKB SAPR;
- Dallas Lock family information security system—developed by the Confident company (confident.ru).
Table 5 presents information on the implementation of various types of electronic IAS in the above-mentioned products.
Table 5—Integration of IAS with EZ and SZI
The table shows that the most popular IAS among developers is based on iButton.
Conclusion
Protecting computers from unauthorized access by intruders is an integral part of a comprehensive approach to organizing corporate information security. There are many proposals in this area in Russia, among which an important place is occupied by electronic identification and authentication systems discussed in the article. The decision on the necessity and choice of a particular system (based on iButton, smart cards, radio frequency identifiers or USB keys) remains with the company's manager. The author hopes that this publication will provide all possible assistance in this matter.