[ale] Smart cards

Michael H. Warfield mhw at WittsEnd.com
Fri Oct 7 10:47:58 EDT 2011


Crap...

Typing too fast.  Too early.  On a Friday.  Caffeine level suboptimal.

All the bullshit typos aside that most of you will not see and others
will see and ignore (with thanks from me) there was one serious error
due to typing faster than I was thinking.

On Fri, 2011-10-07 at 10:00 -0400, Michael H. Warfield wrote: 
> On Thu, 2011-10-06 at 21:41 -0400, Michael B. Trausch wrote: 
> > On Thu, Oct 06, 2011 at 06:52:43PM -0400, Michael H. Warfield wrote:
> > > On Thu, 2011-10-06 at 16:11 -0400, Michael Trausch wrote: 
> > > > Just to clarify, I am not specifically looking for an OpenPGP smartcard...
> > > > anything that'll do for auth is fine.
> > >
> > > Hmmm...
> > >
> > > I haven't quite done what you are looking to do but you might check
> > > into the Aladdin eToken cards / tokens.  They have Windows software
> > > which I believe MIGHT do what you want to do but you'd have to buy
> > > that separately.  You'll need their pkcs11 driver to make the token
> > > work with NSS, ssh, pgp/gpg, and pam but it can be done.  I've used
> > > these with ssh (ssh-agent on Fedora has NSS integration and NSS
> > > handles the pkcs11 side of the house when used with ssh-agent).
> > > I've seen some code which, I think, logs you in when you insert a
> > > smart card and locks your screen when you pull it out but have had
> > > no experience with it.  The pam_usb module does something similar
> > > but just uses a plain ole usb memory card on which some sort of key
> > > is simply stored for that.

> > I would like something whre you can essentially lock the system, yes.
> > Well, actually, here is what I would _like_ to do, though I don't
> > seriously know if this would be an attainable setup:

> > * Be able to have my own CA (trusted roots aren't relevant here, I'd
> >     be installing the root CA onto the systems I am managing).

> That's fairly minor.  I do it around here.  Couple of CA management
> systems out there but I just use the openssl stuff and scripts.

> > * Be able to use that CA to initialize a smart card, such that the
> >     smart card would be given to a person to use as their identity
> >     card for network operations.

> Backwards.
> 
> You use the smart card to generate the key on the card and it gives you
> the private key you incorporate into an X.509 crs (certificate request).
Gives you the PUBLIC key which you incorporate into your csr...

Obviously, if it gave you the private key, my other statements wouldn't
have made sense and would have invalidated the very principle of a
cryptocard that you can not retrieve the private key from the card.

They have taken significant measures to protect most of these cards to
prevent key retrieval.

Several years ago, Bruce Schneier and I were talking at an
after-conference speaker's party and he was describing to me some
attacks that used various current probes to monitor the current
variations and frequency spectra of the chip power lines to reverse
engineer the private keys as various switching elements in the math
sections of the crypto engine switched on and off in orchestration with
the private key.  Most cards now filter and shield that.

Some attacks have tried to use micro variations in the heat dissipation
across the chip as it's computing using the private key.  That's now
covered.

I think it was Shamir (the S in RSA) who did some work with ionizing
radiation and varying voltage levels to stress these chips and
determining the private keys from the resulting computational errors.  I
think that's covered in a lot of cases as well, at least the high end
chips. 

Most are protected from dissolving the plastic away and reading the keys
using the bare chip and a microscope.

The math is "padded" to prevent timing attacks (measuring the time it
takes certain bits of 0s and 1s to be computed).

Most all of those attacks require the physical possession and
destruction of the original card to get enough information to create
cloned cards (including one you might hope to replace the original with
before the fact that it was missing was noticed).

You can see why these chips might be more expensive than a simple USB
key or even a non-crypto chip and pin card.  They've gone to a lot of
effort to protect them.  These things are tough.  Tougher than anything
you or I can mount.

<--Big SNIP -->

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20111007/8767f425/attachment.bin 


More information about the Ale mailing list