Digipass Nano

I recently had an opportunity (thanks SURFnet, and VASCO) to have some hands-on experience with a novel class of authentication tokens. In a project for SURFnet my colleague Maarten Wegdam and myself looked at so-called SIM augmented authentication tokens, and the VASCO Digipass Nano in particular. The results of our analysis, in the form of a more detailed report, is available from the SURFnet website.

About the technology: A SIM augmented solution sits between the SIM and the handset (the ME) and consists of a very thin chip (see the image) in a sticker. It basically relays all traffic, consisting of so-called ISO7816-4 APDUs, from ME to SIM and back, while intercepting certain APDUs and injecting certain other APDUs. The user can interact with this benign man-in-the-middle through the SIM application toolkit (GSM 11.14, see also my earlier post on Mobile PKI), which is implemented in any GSM handset. VASCO's Digipass Nano uses this trick to implement an event based One Time Password token that is accessed by navigating the SIM menu in the handset, yet is fully secure (if GSM 11.14 is implemented securely) from snooping malware.

The man-in-the-middle characterization of SIM augmented solutions sounds scary, if you think about it, especially with respect to the trust that the ME (through GSM 11.14) puts in the SIM. On the other hand:

• The (security, usability, and business model) advantages of secure storage of credentials may outweigh the (security, usability, and business model) disadvantages of asking the user to place a hardware device between SIM and ME. (I.e., the security should not be analyzed in isolation, and there are both security advantages and disadvantages.)
  
• An attack which asks the user to place a (not-to-be-trusted) SIM augmented solution in their handset doesn't scale (and there is so much more low-hanging fruit for attackers, which scales much better). For a full threat analysis, see the report.
  
• The average user isn't too concerned about what the SIM augmented solution can do. We did a small-scale user test as part of our research.
• SIM augmentation based on GSM 11.14 allows, in principle, multiple secure elements (or secure cores, in Du Castel speak) within a single handset. Multiple secure elements, representing multiple stake holders, breaks the Mobile Network Operator dominated model for (very secure) credential storage. We also did a brief business model analysis as part of the report.
  

Whether we will see SIM augmented solutions in the short term remains to be seen. But it's certainly interesting technology to analyze.

SMS text authentication for patient access to Dutch electronic health record

The encryption algorithm A5/1 used in GSM has been suspect since at least 1994 (when the algorithm leaked). Nohl's talk at 26C3 (November 2009) demonstrates that a practical attack will become possible soon. And all of a sudden people start to get nervous in 2010.

As a follow-up to their report for the Dutch Ministry of Health Radboud University and PriceWaterhouseCoopers recently published a risk assessment focusing on GSM based SMS text authentication as a factor to strengthen the Dutch government citizen-to-government authentication solution DigiD.

SMS text authentication is already used in DigiD level 2, but the binding of a user's subscriber number to their DigiD is rather weak: anyone with access to the mailbox of the user's registered home address (the so-called GBA address) can bind a new mobile phone to the user's existing DigiD account (and subsequently order a password reset, completely hijacking the account). The original report by RU, PWC and TILT recommended to strengthen this binding process so that a patient would have to prove possession of a subscriber number to a government representative face-to-face. The strengthened DigiD (known as EPD-DigiD) can then be used by patients to access their electronic health record in a standard SMS OTP authentication scenario (during a session the user has an extra factor with a separate network connection to the provider).

The conclusion of the RU/PWC risk analysis is that although breaking A5/1 leaves SMS authentication relatively secure (the risk of actual abuse is not that high) the perceived lack of security in the public opinion and the non-compliance with security standards may be damaging to the reputation to the government. The solution is not secure enough to allow patients to access their health records at this point in time.

What I don't get is the proposed solution: a conversion table (on paper) sent to each user over regular snail mail (how secure is that?). The user uses this table to manually translate the code that was sent in an SMS message before entering it in the browser's form. This appears not to add an extra factor: an attacker that can eavesdrop on the Web channel and the GSM channel will soon learn the mapping. Also from a user experience perspective that sounds horrible.

An alternative approach would be to install a SIM toolkit applet on the SIM which performs the translation automatically for the user. Rather than a static table per user one can even use a key (but with a decent cipher; I'm sure the current generation of SIMs in the field support AES or at least 3DES) and have real security. Sort of a light-weight-Mobile-PKI-without-the-PKI solution.