Abstract
PKI-enabled smartcards hold the future of personal identity management and resilience against identity theft. These cards can hold multiple certified identities (e.g. credit card accounts) and provide: Authentication, Data Integrity, Confidentiality and Non-repudiation. Since the private key of the client certificates are stored in the card, and this key cannot be extracted from the card, it provides a high degree of security even when the card is used on an untrusted workstation (or point-of-sale). This paper shows that using PKI enabled smartcards on an un-trusted workstation can allow a variety of attacks to be performed by a malicious software. These attacks range from simple PIN phishing, to more serious attacks such as signatures on unauthorized transactions, authentication of users without consent, unauthorized secure access to SSL enabled web servers as well as remote usage of the smartcard by attackers. We also show that the root cause of such problems is the lack of a secure I/O channel between the user and the card and outline steps that can be taken to ensure such a channel is available making the documented attacks not feasible. We have prototyped the proposed solution and verified that the above attacks can be thwarted.
Original language | English (US) |
---|---|
Title of host publication | Proceedings - IEEE Military Communications Conference MILCOM |
DOIs | |
State | Published - 2007 |
Event | Military Communications Conference, MILCOM 2007 - Orlando, FL, United States Duration: Oct 29 2007 → Oct 31 2007 |
Other
Other | Military Communications Conference, MILCOM 2007 |
---|---|
Country | United States |
City | Orlando, FL |
Period | 10/29/07 → 10/31/07 |
Fingerprint
ASJC Scopus subject areas
- Civil and Structural Engineering
- Electrical and Electronic Engineering
Cite this
Vulnerabilities of PKI based smartcards. / Dasgupta, Partha; Chatha, Karmvir; Gupta, Sandeep.
Proceedings - IEEE Military Communications Conference MILCOM. 2007. 4455333.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
}
TY - GEN
T1 - Vulnerabilities of PKI based smartcards
AU - Dasgupta, Partha
AU - Chatha, Karmvir
AU - Gupta, Sandeep
PY - 2007
Y1 - 2007
N2 - PKI-enabled smartcards hold the future of personal identity management and resilience against identity theft. These cards can hold multiple certified identities (e.g. credit card accounts) and provide: Authentication, Data Integrity, Confidentiality and Non-repudiation. Since the private key of the client certificates are stored in the card, and this key cannot be extracted from the card, it provides a high degree of security even when the card is used on an untrusted workstation (or point-of-sale). This paper shows that using PKI enabled smartcards on an un-trusted workstation can allow a variety of attacks to be performed by a malicious software. These attacks range from simple PIN phishing, to more serious attacks such as signatures on unauthorized transactions, authentication of users without consent, unauthorized secure access to SSL enabled web servers as well as remote usage of the smartcard by attackers. We also show that the root cause of such problems is the lack of a secure I/O channel between the user and the card and outline steps that can be taken to ensure such a channel is available making the documented attacks not feasible. We have prototyped the proposed solution and verified that the above attacks can be thwarted.
AB - PKI-enabled smartcards hold the future of personal identity management and resilience against identity theft. These cards can hold multiple certified identities (e.g. credit card accounts) and provide: Authentication, Data Integrity, Confidentiality and Non-repudiation. Since the private key of the client certificates are stored in the card, and this key cannot be extracted from the card, it provides a high degree of security even when the card is used on an untrusted workstation (or point-of-sale). This paper shows that using PKI enabled smartcards on an un-trusted workstation can allow a variety of attacks to be performed by a malicious software. These attacks range from simple PIN phishing, to more serious attacks such as signatures on unauthorized transactions, authentication of users without consent, unauthorized secure access to SSL enabled web servers as well as remote usage of the smartcard by attackers. We also show that the root cause of such problems is the lack of a secure I/O channel between the user and the card and outline steps that can be taken to ensure such a channel is available making the documented attacks not feasible. We have prototyped the proposed solution and verified that the above attacks can be thwarted.
UR - http://www.scopus.com/inward/record.url?scp=47949097544&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=47949097544&partnerID=8YFLogxK
U2 - 10.1109/MILCOM.2007.4455333
DO - 10.1109/MILCOM.2007.4455333
M3 - Conference contribution
AN - SCOPUS:47949097544
SN - 1424415136
SN - 9781424415137
BT - Proceedings - IEEE Military Communications Conference MILCOM
ER -