1 / 9

Why Cryptosystems Fail?

Why Cryptosystems Fail?. Ross Anderson Presented by Ananth Rajagopala-Rao. Motivation. Designers of cryptosystems are at a disadvantage as compared to other engineers as they receive no feedback on their systems. Governments, banks and military are very secretive about their mistakes.

bluma
Download Presentation

Why Cryptosystems Fail?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Why Cryptosystems Fail? Ross Anderson Presented by Ananth Rajagopala-Rao

  2. Motivation • Designers of cryptosystems are at a disadvantage as compared to other engineers as they receive no feedback on their systems. • Governments, banks and military are very secretive about their mistakes. • The emphasis on research in cryptosystems today is misplaced because of this.

  3. Case Study – ATM systems • In USA, banks are required to reimburse all disputed transactions unless they can prove a fraud by the customer, as a result banks lose approx. $15,000 a year. • In the UK, there have been several accusations of fraud by banks which later turned out to be clerical errors.

  4. How ATM fraud takes place • Most cases till 1994 were extremely simple, nobody used any cryptanalysis or other advanced techniques. • A design goal of the the ATM system is that any fraud requires the cooperation of a minimum of two persons, most frauds indicate elementary design flaws that violate this goal.

  5. How ATM works? • The account no and the an offset is stored on the card. • The PIN is a cryptographic function of the a/c number + the offset stored on the card. • The management of the keys for this cryptographic function is where a lot of problems arise. • If we know the PIN key • Given any card we can figure out the PIN. • We can forge ATM cards with cheap off the shelf hardware.

  6. Problems with encryption products • All hardware that stores important keys must be physically tamper resistant. • Of the 10,000 member banks of VISA and Mastercard, only about 1,000 have invested in such hardware. • All these security modules are manufactured by IBM, and the IBM manual actually tells how any programmer can recover the keys for debugging purposes!!!

  7. Problems with encryption products (cont.) • Key entry into these security modules is through obsolete IBM 3178 serial terminals. • The key is usually distributed between two high ranked officials in the bank. • These officials are mostly reluctant to use a keyboard, and simple give the key to the technician. • Even if they do type it in, they use emulation s/w on the service technicians laptop, which can record the key strokes.

  8. Problems with practices of banks • Some banks subcontract their ATM system to ‘facilities management’ firms. No back officials have any idea about the security implications of this. • Most keys are exchanged in open correspondence. • Some banks place the encryption module inside the branch, and transmit PINs in plaintext to ATMs. • Point of sale systems at stores??

  9. The threat model is wrong • Designers concentrate on what possible to happen than on what is likely to happen. • We overestimate the sophistication of both the users of the cryptosystem as well as that of the attacker. • Grossly underestimate “internal” threats. • Hangover from military applications, DOD funding, WW II etc. where the entities in question are nations??

More Related