performance of privacy-enhancing cryptography on smartphones · on smartphones but cryptology...
TRANSCRIPT
About UsABCs
Conclusion
Performance of Privacy-Enhancing Cryptographyon Smartphones
BUT Cryptology Research Group
Dr. Jan Hajny
SIX Research CentreBrno University of Technology
[email protected]://crypto.utko.feec.vutbr.cz
Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
About UsABCs
Conclusion
1 About Us
2 ABCsOur Pilot: ABCs for Access-ControlAndroid and iOS: PerformanceAndroid and iOS: Communication InterfaceAndroid and iOS: Key Protection
3 Conclusion
Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
About UsABCs
Conclusion
Crypto Research Group, Brno University of Technology, CZ
Small group of cca 10 people,
part of Department of Telecommunications, Brno, CZ,
equipped by SIX Research Centre,
both basic and applied research (privacy, lightweight andprovable crypto, critical infrastructure, DDoS testing),
http://crypto.utko.feec.vutbr.cz/.
Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
About UsABCs
Conclusion
Our Pilot: ABCs for Access-ControlAndroid and iOS: PerformanceAndroid and iOS: Communication InterfaceAndroid and iOS: Key Protection
ABCs and Our Pilot
Our Fall 2013 pilot:
ABCs were used to control the access to university labs,
only one attribute (”studentship”) was checked before theaccess to a lab was granted,
contact-less MultOS ML-3 cards and HM12 scheme wereused.
Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
About UsABCs
Conclusion
Our Pilot: ABCs for Access-ControlAndroid and iOS: PerformanceAndroid and iOS: Communication InterfaceAndroid and iOS: Key Protection
Pilot Evaluation
Students, post-docs and academic staff were asked for pilotevaluation. Weak aspects were identified:
Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
About UsABCs
Conclusion
Our Pilot: ABCs for Access-ControlAndroid and iOS: PerformanceAndroid and iOS: Communication InterfaceAndroid and iOS: Key Protection
ABCs’ Primitives
U-Prove, Idemix, HM12 ABC schemes︸ ︷︷ ︸FS Computational PK Protocols︸ ︷︷ ︸
Random Number Generation
Hash functions
BigInteger Operations
Modular Operations in Z∗p , Z∗
n Groups
Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
About UsABCs
Conclusion
Our Pilot: ABCs for Access-ControlAndroid and iOS: PerformanceAndroid and iOS: Communication InterfaceAndroid and iOS: Key Protection
Smart-Card Performance
Primitives and HM12 scheme implemented on JavaCards, Gemalto.NET cards and several MultOS cards:
modular multiplication is the bottleneck,
MultOS provides API for hardware multiplication (upto M3),
Idemix, U-Prove, HM12 proving phase takes 0.5 - 7 s.
Figure: MMult1024 (blue),MMult2048 (red)
Figure: MExp1024 160 (blue)and MExp1024 368 (red)
Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
About UsABCs
Conclusion
Our Pilot: ABCs for Access-ControlAndroid and iOS: PerformanceAndroid and iOS: Communication InterfaceAndroid and iOS: Key Protection
Android Performance
Primitives and HM12 scheme implemented on Android devices:
2 phones (Samsung Galaxy S i9000, Samsung Galaxy NexusI9250M) and 1 tablet (ASUS TF 300T),
based on measured times of operations, proving phase isexpected to be under 100 ms for all schemes on Android.
Figure: MMult1024 (blue),MMult2048 (red)
Figure: MExp1024 160 (blue)and MExp1024 368 (red)
Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
About UsABCs
Conclusion
Our Pilot: ABCs for Access-ControlAndroid and iOS: PerformanceAndroid and iOS: Communication InterfaceAndroid and iOS: Key Protection
iOS Performance
Primitives and HM12 scheme implemented on iOS devices:
2 phones (iPhone 4 and iPhone 5C),
based on measured times of operations, proving phase isexpected to be under 130 ms for all schemes on iOS.
Figure: MMult1024 (blue),MMult2048 (red)
Figure: MExp1024 160 (blue)and MExp1024 368 (red)
Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
About UsABCs
Conclusion
Our Pilot: ABCs for Access-ControlAndroid and iOS: PerformanceAndroid and iOS: Communication InterfaceAndroid and iOS: Key Protection
iOS Communication Interface
ABCs implemented on iOS:
iOS environment lacks:
big integer data type for large numbermodular arithmetics,NFC for fast communication and cardemulation.
We used:
GMP library in C compiled for ARM,QR code for device < − > readercommunication.
Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
About UsABCs
Conclusion
Our Pilot: ABCs for Access-ControlAndroid and iOS: PerformanceAndroid and iOS: Communication InterfaceAndroid and iOS: Key Protection
Android Communication Interface
Primitives and HM12 implemented on Android 4.4:
Android environment provides:
native BitIng data type,NFC for fast communication,in 4.4, Card Emulation mode.
phone is 100% card compatible, just 5x faster.
Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
About UsABCs
Conclusion
Our Pilot: ABCs for Access-ControlAndroid and iOS: PerformanceAndroid and iOS: Communication InterfaceAndroid and iOS: Key Protection
Weaknesses and Future Work
Why not so perfect?
Lower cryptographic key security (despite of Keychain,Credential Storage),
problematic communication interface:
Android: card emulation only in > 4.4 KitKat,Android: NFC chip is not present in all devices,Apple: QR codes are slow.
What are the next steps?
Use hardware-protected storage (microSD),
upgrade cryptographic protocols to avoid trusted hardware.
Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones
About UsABCs
ConclusionConclusion
Thank you for [email protected]
crypto.utko.feec.vutbr.cz
This research work is funded by the project TACR TA02011260 of the Technology Agency of the Czech Republic.
Dr. Jan Hajny Performance of Privacy-Enhancing Cryptography on Smartphones