• The Long and Winding Path to S...

*Result*: The Long and Winding Path to Secure Implementation of GlobalPlatform SCP10

Title:
The Long and Winding Path to Secure Implementation of GlobalPlatform SCP10
Authors:
de Almeida Braga, Daniel, Fouque, Pierre-Alain, Sabt, Mohamed
Contributors:
Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-IMT Atlantique (IMT Atlantique), Institut Mines-Télécom Paris (IMT)-Institut Mines-Télécom Paris (IMT), Embedded Security and Cryptography / Sécurité cryptographie embarquée (EMSEC), SYSTÈMES LARGE ÉCHELLE (IRISA-D1), Institut Mines-Télécom Paris (IMT)-Institut Mines-Télécom Paris (IMT)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut Mines-Télécom Paris (IMT)-Institut Mines-Télécom Paris (IMT)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Author funded by the Direction Générale de l'Armement (Pôle de Recherche CYBER)
Source:
ISSN: 2569-2925 ; IACR Transactions on Cryptographic Hardware and Embedded Systems ; https://hal.science/hal-02865304 ; IACR Transactions on Cryptographic Hardware and Embedded Systems, 2020, 2020 (3), pp.196-218.
Publisher Information:
CCSD
IACR
Publication Year:
2020
Subject Terms:
SCP10, Java card, Bleichenbacher, Coppersmith, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR]
Document Type:
*Academic Journal* article in journal/newspaper
Language:
English
Relation:
https://doi.org/10.13154/tches.v2020.i3.196-218
Availability:
https://hal.science/hal-02865304
https://hal.science/hal-02865304v1/document
https://hal.science/hal-02865304v1/file/article.pdf
Rights:
http://creativecommons.org/licenses/by/ ; info:eu-repo/semantics/OpenAccess
Accession Number:
edsbas.BEA2CBA1
Database:
BASE

*Further Information*

*International audience ; GlobalPlatform (GP) card specifications are defined for smart cards regarding rigorous security requirements. The increasingly more powerful cards within an open ecosystem of multiple players stipulate that asymmetric-key protocols become necessary. In this paper, we analyze SCP10, which is the Secure Channel Protocol (SCP) that relies on RSA for key exchange and authentication. Our findings are twofold. First, we demonstrate several flaws in the design of SCP10. We discuss the scope of the identified flaws by presenting several attack scenarios in which a malicious attacker can recover all the messages protected by SCP10. We provide a full implementation of these attacks. For instance, an attacker can get the freshly generated session keys in less than three hours. Second, we propose a secure implementation of SCP10 and discuss how it can mitigate the discovered flaws. Finally, we measure the overhead incurred by the implemented countermeasures.*