www.crcs.cz/rsa @CRoCS_MUNI PV204 Security technologies LABS JavaCard programming, Secure Multiparty Computation Petr Švenda svenda@fi.muni.cz @rngsec Centre for Research on Cryptography and Security, Masaryk University www.crcs.cz/rsa @CRoCS_MUNI The masterplan for this lab • Threshold ECDSA signature (MeeSign tool) – Large group, smaller groups • Brainstorm interesting usages of MPC • Manage and update JavaCard applications on smartcard 2 | PV204: Smartcards and JavaCard www.crcs.cz/rsa @CRoCS_MUNI Secure Multiparty Computation www.crcs.cz/rsa @CRoCS_MUNI Preparation (every student) • Download and extract MeeSign client for your platform at https://meesign.crocs.fi.muni.cz/ • Connect to university network => wlan-fi or eduroam • Start MeeSign application • Check that server is set to meesign.crocs.fi.muni.cz • ! Set your name as ‘pv204 0x your_nick_here’ (replace x by number of your seminar group) • Click Register 6 | PV204: Smartcards and JavaCard www.crcs.cz/rsa @CRoCS_MUNI Task: Signing as a larger group • New group ‘PV204_0x_large’ created by tutor – Threshold set to n-2 – Students added by nickname (or QRCode) • Confirm yourself in when prompted • Tutor starts signing of document, wait for notification • Open then sign pdf document shared, Sign afterwards • Wait for the finalization (n-2 people needed) • Check yourself properties of the resulting MPC signature – Adobe Acrobat Reader or https://ec.europa.eu/digital-buildingblocks/DSS/webapp-demo/validation (upload signed file, Detailed report -> Basic Building Blocks SIGNATURE) PV204 | LAB: Secure channels7 www.crcs.cz/rsa @CRoCS_MUNI8 | PV204: Smartcards and JavaCard www.crcs.cz/rsa @CRoCS_MUNI9 | PV204: Smartcards and JavaCard www.crcs.cz/rsa @CRoCS_MUNI Verify pdf signature • Check resulting signature – Adobe Acrobat Reader – pdfsig (poppler-utils) – Online https://ec.europa.eu/digital-building-blocks/DSS/webapp-demo/validation 10 | PV204: Smartcards and JavaCard www.crcs.cz/rsa @CRoCS_MUNI Task: Signing in smaller group • Groups of 3 students • Create new group with some unique name, add yourself and peers – Try to add peers via qrcode • Users display qrcode (upper right corner) • Group creator Add member -> Scan – Set threshold to 2-of-3 • Initiate MPC signing, sign • View then sign pdf document • Check yourself the resulting MPC signature – Adobe Acrobat Reader or https://ec.europa.eu/digital-building- blocks/DSS/webapp-demo/validation PV204 | LAB: Secure channels11 www.crcs.cz/rsa @CRoCS_MUNI Questions • What is difference between group 2-of-3 and 3-of-3? What is security advantage of the first and second one respectively? • What if two people from the group refuses to sign? • How many devices needs an attacker to compromise to forge signatures? • What is the reason why Adobe Acrobat Reader displays warning about resulting signature? • What is a public key of your group? 12 | PV204: Smartcards and JavaCard www.crcs.cz/rsa @CRoCS_MUNI Task: Brainstorm interesting usages for MPC • Form groups of 3 students • Brainstorm and write into Miro at least three concrete usage scenarios utilizing asymmetric cryptography where MPC can be used (be creative!) – https://miro.com/app/board/uXjVMf66usg=/?share_link_id=424368693160 – Goals achieved, threshold configuration • Pick the most interesting one and elaborate in more details – Describe process of group establishment, problems solved, comparison to single key scenario • Some hints – RSA/ECDSA/Schnorr/EdDSA… – Document signing, authentication, collaborative decryption, key generation, PKI, single point of failure, unicorns, key distribution, … – k-of-n threshold, combination with secure hardware, temporary signers, cold-storage signers – Human participant, automated participant with policy, redundant participants, multiple shares by one participant… 14 PV204 | LAB: Secure channels www.crcs.cz/rsa @CRoCS_MUNI CONVERSION AND UPLOAD TO REAL CARD 15 | PV204: Smartcards and JavaCard We will compile, convert and install SimpleApplet.cap www.crcs.cz/rsa @CRoCS_MUNI Task: Create cap file and upload to card • Navigate to SimpleApplet folder – src folder contains applet’s source code in SimpleApplet.java – jcbuild.xml contains configuration for conversion with ant-javacard project 16 | PV204: Smartcards and JavaCard Path and name for resulting cap file Folder with applet sources (level before package) Package AID Applet main class (including package name) Applet AID www.crcs.cz/rsa @CRoCS_MUNI Task: Create cap file and upload to card • Compile & Convert – Execute on cmd line: ant -f jcbuild.xml build • If OK, SimpleApplet.cap is created in !uploader folder 17 | PV204: Smartcards and JavaCard www.crcs.cz/rsa @CRoCS_MUNI Task: Create cap file and upload to card • http://github.com/martinpaljak/GlobalPlatformPro 1. List already loaded applets – java -jar gp.jar –list -d 2. Uninstall previous version of SimpleApplet – java -jar gp.jar -uninstall SimpleApplet.cap -d 3. Install SimpleApplet.cap – java -jar gp.jar -install SimpleApplet.cap -d 4. Use applet (commands in SimpleAPDU code) 18 | PV204: Smartcards and JavaCard www.crcs.cz/rsa @CRoCS_MUNI Problem: what with other applets on card? 1. List already loaded applets – java -jar gp.jar –list -d 2. Find package_AID and run: – java -jar gp.jar –deletedeps –delete package_aid – The –deletedeps will also delete all applets from target package • E.g., our SimpleApplet can be also removed by – gp –deletedeps –delete 73696d706c65 19 | PV204: Smartcards and JavaCard www.crcs.cz/rsa @CRoCS_MUNI Be aware – real card can be blocked • Too many unsuccessful authentication requests 20 | PV204: Smartcards and JavaCard >gp --list -debug # Detected readers from SunPCSC [*] Alcor Micro USB Smart Card Reader 0 SCardConnect("Alcor Micro USB Smart Card Reader 0", T=*) -> T=0, 3BF71800008031F E45736674652D6E66C4 SCardBeginTransaction("Alcor Micro USB Smart Card Reader 0") A>> T=0 (4+0000) 00A40400 00 A<< (0018+2) (56ms) 6F108408A000000003000000A5049F6501FF 9000 A>> T=0 (4+0008) 80500000 08 6265E168FB2639C1 A<< (0028+2) (118ms) 00003126960097543174010200103595AC1420213D2969EA8B8C41F3 90 00 openkms.gp.GPException: STRICT WARNING: Card cryptogram invalid! Card: 3D2969EA8B8C41F3 Host: DB1E6E1E71958A15 !!! DO NOT RE-TRY THE SAME COMMAND/KEYS OR YOU MAY BRICK YOUR CARD !!! at openkms.gp.GlobalPlatform.printStrictWarning(GlobalPlatform.java:156) at openkms.gp.GlobalPlatform.openSecureChannel(GlobalPlatform.java:471) at openkms.gp.GPTool.main(GPTool.java:348) www.crcs.cz/rsa @CRoCS_MUNI Be aware – real card can be blocked • Don’t write script that executes many authentications at once (cycle, multiple commands) • If unsuccessful one/two authentication is detected, then as for help, please!!! 21 | PV204: Smartcards and JavaCard www.crcs.cz/rsa @CRoCS_MUNI Questions • How can you list applets and packages available on card? • How can you prevent people listing applets on your card? • Why you need to remove applet first before installing updated version? 22 | PV204: Smartcards and JavaCard www.crcs.cz/rsa @CRoCS_MUNI ADDING NEW JAVACARD FUNCTIONALITY 24 | PV204: Smartcards and JavaCard We will update, compile, convert and install SimpleApplet.cap www.crcs.cz/rsa @CRoCS_MUNI Tasks: add new “increment” method to applet • Implement on-card Increment() method – All payload bytes from incoming apdu are incremented by one (separately) – Resulting array is returned back to host • Add new constant for instruction INS_INC • Add new method void Increment(APDU apdu) and its implementation – setIncomingAndReceive(), for loop over array, setOutgoingAndSend() • Add method call into switch inside process() method • Debug functionality with simulated card • Compile, convert and upload updated applet to real card • Change from simulator to real card – runCfg.setTestCardType(RunConfig.CARD_TYPE.PHYSICAL); • Test functionality using real card 25 | PV204: Smartcards and JavaCard www.crcs.cz/rsa @CRoCS_MUNI NO ASSIGNMENT THIS WEEK ☺ 26 | PV204: Smartcards and JavaCard www.crcs.cz/rsa @CRoCS_MUNI27 | PV204: Smartcards and JavaCard www.crcs.cz/rsa @CRoCS_MUNI28 | PV204: Smartcards and JavaCard