Interleaving command sequences: a threat to secure smartcard interoperability

Authors:
Maurizio Talamo;Maulahikmah Galinium;Christian H. Schunck;Franco Arcieri
Affiliations:
Nestor Laboratory and Department of Mathematics, Tor Vergata University of Rome, Italy;Department of Mathematics, Tor Vergata University of Rome, Italy;Nestor Laboratory, Tor Vergata University of Rome, Italy;Nestor Laboratory, Tor Vergata University of Rome, Italy
Venue:
CIMMACS'11/ISP'11 Proceedings of the 10th WSEAS international conference on Computational Intelligence, Man-Machine Systems and Cybernetics, and proceedings of the 10th WSEAS international conference on Information Security and Privacy
Year:
2011

Citing 6
Cited 1

Model checking

Model checking
A Protocol for Programmable Smart Cards

DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
How to Use ISO/IEC 24727-3 with Arbitrary Smart Cards

TrustBus '07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Verifying Extended Criteria for the Interoperability of Security Devices

OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
Towards interoperability: an architecture for pan-European eID-based authentication services

EGOVIS'10 Proceedings of the First international conference on Electronic government and the information systems perspective
Smart Card Handbook

Smart Card Handbook

Real time scheduling verification with incomplete information

AMERICAN-MATH'12/CEA'12 Proceedings of the 6th WSEAS international conference on Computer Engineering and Applications, and Proceedings of the 2012 American conference on Applied Mathematics

Quantified Score

Hi-index	0.00

Visualization

Abstract

The increasingly widespread use of smartcards for a variety of sensitive applications, including digital signatures, creates the need to ensure and possibly certify the secure interoperability of these devices. Standard certification criteria, in particular the Common Criteria, define security requirements but do not sufficiently address the problem of interoperability. Here we consider the interoperability problem which arises when various applications interact with different smartcards through a middleware. In such a situation it is possible that a smartcard of type S receives commands that were supposed to be executed on a different smartcard of type S′'. Such "external commands" can interleave with the commands that were supposed to be executed on S. We experimentally demonstrate this problem with a Common Criteria certified digital signature process on a commercially available smartcard. Importantly, in some of these cases the digital signature processes terminate without generating an error message or warning to the user.