Andreas Schwier | 25 Feb 2016
The new 2.1 release of the SmartCard-HSM is a minor release, adding two important new features: Controlled secure messaging binding of the authentication state and key agreement with authenticated public keys.
Binding the authentication state to secure messaging is an important security feature introduced in version 2.0. The mechanism ensures, that the authentication state achieved by a successfull PIN or public key authentication is bound to the secure messaging channel. If the secure messaging channel is disrupted, the authentication state is cleared. This prevents an adversary from intercepting the communication between the SmartCard-HSM and the application by introducing plain APDUs. The first plain APDU terminates the secure channel and resets the authentication state.
However, there are case where the authentication state needs to be preserved across the terminated secure channel. One application is remote PIN entry. Here a remote system establishes a secure channel with a SmartCard-HSM and presents the User PIN. As the secure channel ensures confidentiality and integrity of the exchanged information, the PIN is encrypted in transit. Once authentication has been performed, a local application continues to use the SmartCard-HSM.
As the secure channel keys can be not shared between the local and remote system, the local application will either continue using plain APDUs or create a new secure channel. In either case, the plain APDU would reset the authentication state.
The new version introduces an internal NoBindSM flag, that allows to temporarily disable the binding of the authentication state with the secure channel. The NoBindSM flag can be set once authentication is sucessfully performed. It remains set until it is explicitly reset or the secure channel is terminated. If the flag is set when the secure channel terminates, the authentication state is not reset and the NoBindSM flag is reset. See the VERIFY APDU in the User Manual for details on using the flag.
The second new feature is an EC Diffie-Hellman based key agreement scheme with authenticated public keys. This feature allows to establish a set of symmetric keys at the end-points of a communication channel. It allows a hybrid scheme, in which card verifiable certificates are used for key management.
In contrast to other schemes, where the application must authenticate the communication peer in order to prevent man-in-the-middle attacks, the SmartCard-HSM authenticates the peers public key using the signature applied to the public key during key generation. The SmartCard-HSM validates the peers public keys using the chain of card-verifiable-certificate up to the Scheme Root CA. The Scheme Root CA public key is registered as trusted public key during production.
Only if authenticity of the peers public key can be validated, then the public key is used to derive a shared key with a selected private key. The shared secret is then post-processed using a HMAC-256 based extraction-then-expansion key derivation as defined in NIST SP800-56C. A set of keys can be derived by specifying different key derivation parameter for each key.
The identity of the peer can be either derived from the unique identifier of the SmartCard-HSM or by introducing a new extension in the Device Authentication Certificate.