Tamper Devices

Abstract

WordQI (1999) explained that the temper-resistant in the field of the computer security represents the idea of implementing a system hardware or subsystem that can be difficult to be modified or destabilized even with physical access to such system. A common feature of such system is to contain the sensitive information that can be hard to extract, and also be secured against any tempering since a various attempts of attack will be launched to gain access to the stored information. Some of the attacks on such electronic device will be in the following form:

  • Physical attack (e.g. files, drills).
  • Try to freeze the device.
  • Applying power surges or high voltage.
  • Creating software errors by using radiation.
  • Collecting information about the power required for certain operation.

To provide a secure computer system, any cryptographic keys should be accessed only by the intended user and for the intended motives, and as such; secured system should ensure that both conditions are valid. Storing such keys in the computer system can be vulnerable to any tampering by the unauthorized attackers, and as such; the right way of storing such information is to store them in a tamper-resistant hardware device. For the attackers to gain access to such system; the knowledge of a PIN or password used to secure the system is required. Also, with such devices, the exporting of the cryptographic keys is not allowed outside of the hardware, and also the device performs cryptographic functions for the protected keys. An example of such device is the smart card, where the smart card reader attached to the computer is used to read the card (Zhu, Y., 2008).

A Secured Mobile Access Scheme for SMS Message

The proposed temper-resistant device called PKI-SIM card that can store and secure critical data that can be used by any mobile phones. The proposed SIM card has an additional PKI and cryptographical functionality, and provides the normal functionality of SIM card that can be used to secure mobile business applications using SMS communication. Also, it is proposed a session key distribution protocol that can provide an end-to-end secure SMS (Short Message Services) message (Qin and He, 2008).       

Today’s mobile phones are equipped with the software and connection that can allow the SMS communication between different entities, and it becomes very attractive mobile applications for phones’ users. SMS technology was developed to allow short messages (160 characters) to be exchanged among data centric applications and mobile devices. Despite the fact that the public network traffic is encrypted, it doesn’t provide any protection for SMS messages while it’s waiting in a queue of the short message service center or in the memory of the handset device. For the above reason; protection is required to secure such messages during the communication (Qin and He, 2008).       

The basic requirements for mobile applications security are authentication and privacy. To prevent unauthorized access and forgery in network services, authentication is required, while privacy protects data against eavesdropping and modifying such data. The SIM (Subscriber Identity Module) card used in the mobile technology is the most convenient smart card with cost-efficient that can be used to implement authentication schemes. Recently SIM card were used over the mobile network where the asymmetric algorithm were used for protecting the SMS message. However, such mechanism imposes a long delay for each message exchange due to the need for the digital signature, decryption and intensive computation for public key that are performed in the SIM card. To prevent such delay such mechanism requires a trusted third party (server), and also requires that users trust the remote network entity. However, such solution can create security vulnerability if the trusted third party is compromised (Qin and He, 2008).       

Another proposed solution to protect the SMS over the mobile network is to use the wireless personal network like Bluetooth, and the mobile device instead of the smart card to perform cryptographic operations and store private information, and in such case the private key will be stored in the memory of the mobile device. Such solution exposes security vulnerability where such key can be replaced by malicious code, or infected by viruses. With the implementation of the PKI-SIM as a tamper-resistant device, it is used to store the private key, perform cryptographic operations without exposing the private key. Such card can be used with any mobile phone that supports the communication functionality of the regular SIM card. The proposed secure scheme consists of a certification authority (CA), the client device (e.g. mobile device with PKI-SIM card), Mobile Operator, and Secure Access Gateway (SAG). With such secure schema the PKI-SIM card acts as a cryptographic device and a tampered resistant device for the mobile device where users credential and private keys are stored in the card, and it performs the cryptographic operations without exposing the private key (Qin and He, 2008).       

The Secure Remote Access Scheme in use

The SMS gateway (SAG) with the secure functionalities is part of the service provider infrastructure; it takes the responsibility for sending and receiving SMS messages, communicates SMCS (Short Message Service Center) via SMPP over the TCP/IP protocol, authenticate the user’s mobile, and establish a secure connection between SAG and PKI-SIM card. A separated PKI-based computing device is used to perform the cryptographic operations and storing the private keys without exposing them. Such device is a high performance PCI interface-based peripheral that contains algorithm, processor, and cryptographic material. The separated device co-operates with PKI-SIM to ensure security at the application level (e.g. confidentiality, integrity, non-repudiation, and authentication). With such mechanism, the main duty of the mobile operator is to provide the communication infrastructure to route the SMS messages to the destination, and be unable to read the SMS message contents since it is encrypted at the source (Qin and He, 2008).       

Secure Short Message Exchange Protocol

Qin and He (2008) explained that the secure SMS message is consists of two parts: The payload and the SMS header. The SMS header includes originating address, destination address, metadata, and the size of the user data field, while the payload contains the content of the message with maximum length of 160 characters. Also, the secure protocol used for securing the short message exchange by using session key distribution protocol for the SMS, and the PKI-based authentication. Such protocol is consists of three phases:

  • Registration phase – Where the PKI-SIM generates both private key and public key and requests secure communication to upload the public key to the CA where the PKI-SIM certificate is generated. The PKI-SIM stores the public key on the chip after it has been downloaded from the SAG’s public key from the CA, and the PKI-SIM will be issued to a user.
  • Authentication phase – Before the authentication, the user must become a registered user of the SAG by the server provider. Both SAG and PKI-SIM authenticate each other by the certificate and exchange the public key shared between them.
  • Session phase – Where PKI-SIM or the SAG will create a one-time session key used for protecting the SMS message during the session, and maintain the privacy required. PKI-SIM will randomly generates a session key, and then encrypt the message by the session key. To prevent tampering, a 4-byte Message Authentication Code (MAC) represents the first 4 bytes of the hash value of the message which is sent along the random number of session key.

 Security Analysis

Qin and He (2008) explained that the following examines the security of the above tamper-resistant device:

  • The storage of the private key is stored in a tamper-resistant device, and will never be exposed to a third party. Where all the cryptographic operations are performed in the PKI-SIM.
  • Replay attack is prevented since the messages are always verified, authenticated, and refreshed with different random session key.
  • Even if the session key is compromised, the attacker will fail since he/she needs to know the private key.
  • If an illegal user requested authentication, he/she has to know the private key of the legal user. However, the private key of the legal user is store in tamper-resistant device.
  • The above scheme can be also protected against the Man-in-the-Middle since the attacker can’t divert a legitimate signature to another user.

Conclusion

It’s imperative to have a secure computer system that can ensure that various cryptographic keys that can be accessed only by the intended users and such keys can be used for the intended purposes. One way to secure such keys is through tamper-resistant devices. Such devices offer the physical protection for the keys stored inside them where such keys can’t be maliciously modified or read. Also, the access to such device will be by a password or PIN number, and also such devices don’t allow such keys to be exported outside of the device. Smart-card reader is a good example of such devices (RSA Laboratories, 2010).

Finally, PKI-SIM card provides the solution for a tamper-resistant storage and provides the secure data for exchanging messages between mobile phones. Such card is a regular SIM card with PKI functionality and the functionality of cryptographic. The card can be used in any mobile phone that has the same SIM card communication functionality. Also with the proposed protocol, a secure SMS message can be transmitted between mobile phones with strong authentication, confidentiality, and non-repudiation. Also, the performance evaluation for such mechanism shows a delay of only 2 seconds from any unsecure SMS message which is suitable for security and speed (Qin and He, 2008).       

References

Qin, Z. & He, R. (2008) A Secured Mobile Access Scheme for SMS Message [Online]. Available from: http://scialert.net/fulltext/?doi=itj.2008.261.268 (Accessed: 04 December 2010).

RSA Laboratories (2010) What is tamper-resistant hardware? [Online]. Available from: http://www.rsa.com/rsalabs/node.asp?id=2357 (Accessed: 04 December 2010).

WordIQ.com (1999) Tamper resistant – Definition [Online]. Available from: http://www.wordiq.com/definition/Tamper_resistant (Accessed: 04 December 2010).

Zhu, Y. (2008) Tamper-Resistant Hardware or RMS [Online]. Available from: http://blogs.sun.com/yunpu/entry/tamper_resistant_hardware_or_rms (Accessed: 04 December 2010).

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: