Author Archives: wunderbarb

P2P: is giving access illegal?

Posted on by
Reply

Two US judges gave a different answer to the question: “Is putting a copyright content in a folder accessible to P2P share illegal?” According to Judge Kenneth Karras of New York, it is illegal, whereas for Judge Nancy Gertner of Boston it is not an infringement until the content has been downloaded by someone. Nevertheless, both judges agree that downloading copyright content is an infringement. The judgments are not final.

Would Judge Nancy Gertner confirm her decision, then it would open new perspectives in future trials.

  • Content owners will not have to prove the exposure of copyrighted content, but would have to prove the actual download of the exposed content by someone else.
  • Content owners should probably also have to proof that the exposure was deliberate. Known examples have illustrated that people may inadvertently expose data to peer to peer networks. See Confidential data and P2P

An interesting issue to be followed.

RFID to stop theft

Posted on by
Reply

SimplyRFID provides a system NOX to detect theft that is not simple at all. It is the combination of three techniques:

  • RFID tags are glued on items to be protected. The RFID tag provides the identity of the item, and through readers its location.
  • Optically charged dust is spread on restricted area, for instance in secure vaults.
  • Video surveillance has two roles. First it monitors the people. Second it detects presence of dust that is illuminated by a laser. The dust glows. It is thus possible to detect intrusion in sensitive area. Automatic software may detect the glowing dust and trigger an alarm.

The interesting part is that the RFID readers are hidden to the users. They are not aware of their existence. This is perhaps the “smarter” part of the concept.

How does it work? When a RFID tag passes near a hidden detector, it is triggered. It is then easy to discover the potential thief using the video surveillance. Of course, if the thief is aware of the location (or even of the presence) of hidden RFID tags, then he will be more cautious. The system targets insiders. Thus, the thief has time; He will first shield the tag. Then, he will pass through the detectors without triggering them. We assume that he hides the stolen device from the spying cameras. It is even better if there are several days between the shielding and the actual theft. It will require many hours to visually monitor the video tapes and if several people meanwhile handled the item, it is even better.

Interestingly, these hidden readers are violating privacy because employees are not informed of their presence.

Chain of trust

Posted on by
Reply

Yesterday, I highlighted the focus on the chain of trust. I would like to come back to it.
Chain of trust is based on the concept that an authority is trusted. This authority then delegates its trust by signing a certificate to another authority. This is the way Public Key Infrastructures (PKI) do work. A Certification Authority has a root trust and all the certificates will cascade back to it.

In the case of downloaded/loaded software, it works in a similar way. The software to be downloaded is signed with the private key of an authority. The host, which should load the software, checks the signature using the corresponding certified public key. The certificate may be part of a hierarchical signature scheme. This seems extremely sound. Where is the problem?

From the cryptographic point of view, the trust model has mainly two assumptions (in addition to the traditional use of robust proven algorithms and secure implementation)
1- No private key involved in the signature schemes does leak. In reality, the assumption is mainly that the private root key does not leak. The other leakages can be coped through revocation.
2- The attacker cannot replace or add a new root public key.
The second assumption is often forgotten. Nevertheless, this seems still sound.

Unfortunately, the trust model is more complex. It adds a third assumption.
3- If a piece of software is signed, it means that this software is safe.

In an ideal world, assumption 3 means that the signing authority carefully checked the software and certifies that it is safe. Any developer knows how it is difficult to carefully review a small piece of software to find flaws, then reviewing the complete software…

In real world, if the host may receive many applications, for instance in game consoles, or future TPM based software for computers, we may assume that the signing authority will sign any piece of software presented by a software editor that it trusts. It means that the trust model has a fourth assumption:
4- A piece of software provided by a known software editor can be trusted.

Unfortunately, this assumption is rather weak. Many attacks or errors can invalidate it (malware insertion, security flaws, impersonation of the editor, …). It is why the chain of trust is not as efficient as we could expect in an environment that handles many applications.

The chain of trust may be stronger in more restricted environment such as Set Top Boxes.

No free Linux equal call for hack?

Posted on by
Reply

A presentation about XBOX security at last Chaos Computer Camp (CCC) in December 2007 sheds some interesting lights on the hack of game consoles.

During the first five minutes, Michael Steil analyses the latest hacks. According to him, the influence of the Linux community is important. PS3 is still not yet hacked perhaps because it authorized Linux community to play homebrew applications. Thus, the linux hacker community had no incentive to hack. According to his figures, where Linux community was involved, hack occurred faster. I would like to remind that DVD Jon claimed that he wrote DeCSS, the software breaking the protection of DVD, because DVD play back was not available under Linux.
After this introduction, Felix Domke detailed the hack of XBOX360. Some interesting statements, unfortunately true :Sad:

  • Hackers own the flash memory, in fact the hacker controls all
  • The chain of trust does not work

The analysis of the attacks and countermeasures is impressive. It is also a good introduction to secure coding techniques.

Once more, a perfect illustration of Law 1. A lesson is that game console designers should not assume that their console is trusted. The hackers may control it.
Second lesson: enthusiasm is better incentive for hacking than commercial incentive. This is true for serious hacking: reverse engineering. It is perhaps less true for IT hacking (spam, intrusion, defacing, malware, …)
How long will PS3 resist?

Many thanks to Yves for this link  :Happy:

KeeLoq hacked

Posted on by
Reply

KeeLoq is a RFID system that protects many anti-theft cards, and garage openers. Already some published cryptanalysis highlighted the weaknesses of the cipher. But the attack were not practical. A group of six German and Iranian researchers designed a set of very practical attacks.

Using Differential Power Attack (DPA), they were able to extract the device key . What is impressive is that they did the attack without the knowledge of the chip. They were working with a black box. For instance, they had to guess when the encryption process occurred. They extract the device key in less than one hour Of course, DPA required physical access to the emitting device. The performed a similar attack to extract the manufacturer from the receiver. It took less than one day.

With this information, by eavesdropping a receiver, it is possible to impersonate it. They extract the seed, the secret and the current counter value. The counter value has to been “loosely” synchronized with the one of the receiver. Of course, by impersonating the emitter, it is easy to desynchronize the receiver from the genuine emitter. The owner of the genuine emitter will have to push his key 2^15 times to open his door. Nice denial of service.

This is the second hack of RFID security in a month. Recently it was NXP Mifare that was hacked. Once more, the security of a RFID was too weak. It has at least two types of known flaws:

  • a weak LFSR based cipher
  • No protection against side channel attacks.

The industry of secure processors is aware of these types of weaknesses for about one decade and fights them. It is time, that RFID industry adapts also to them. Is it compatible with the price constraints.

A paper at Eurocrypt08 will present this attack. The details of the attacks are available on Ruhr University site

Private copy levy or piracy levy?

Posted on by
Reply

French government asked the Conseil d’Etat to review the calculation rules of the levy for private copy. Currently, the government levies a tax on every non volatile storage units. This tax is a levy for private copy. It applies to recordable CD, recordable DVD, hard disks, USB flash memory, memory cards, … Its value is defined by the Commission d’Albis. As an example, the tax for iPhone would be of 7€ (i.e. about $10). The tax is redistributed to rights owners.

In January, three associations of consumers complained to this authority about this levy. The controversy is that the levy takes into account the estimated level of piracy. A recent survey claimed that 40% of the content store on recordable media where coming from P2P. If the levy takes into account piracy, then it covers both private copy (of a legally acquired content) and illegal copy (of P2P downloaded content). Thus, P2P download should not be anymore illegal because integrated in the tax. Meanwhile, the representatives of the consumer electronics boycotted the commission d’Albis for mainly the same arguments.

Thus, they require either to make P2P download legal or reduce the levy. The answer of the wise men will be extremely interesting.