cartão de cidadão security and authentication bruno duarte – ei07136 pedro barbosa – ei08036...
TRANSCRIPT
![Page 1: Cartão de Cidadão Security and authentication Bruno Duarte – ei07136 Pedro Barbosa – ei08036 Rúben Veloso – ei11001](https://reader036.vdocuments.site/reader036/viewer/2022062408/56649f395503460f94c56522/html5/thumbnails/1.jpg)
Cartão de Cidadão
Security and authentication
Bruno Duarte – ei07136Pedro Barbosa – ei08036Rúben Veloso – ei11001
![Page 2: Cartão de Cidadão Security and authentication Bruno Duarte – ei07136 Pedro Barbosa – ei08036 Rúben Veloso – ei11001](https://reader036.vdocuments.site/reader036/viewer/2022062408/56649f395503460f94c56522/html5/thumbnails/2.jpg)
The "cartão de cidadão"
Physical and digital document that identifies citizens
Simplify usage of public services via telephone or internet
Objective
![Page 3: Cartão de Cidadão Security and authentication Bruno Duarte – ei07136 Pedro Barbosa – ei08036 Rúben Veloso – ei11001](https://reader036.vdocuments.site/reader036/viewer/2022062408/56649f395503460f94c56522/html5/thumbnails/3.jpg)
What is it?
- SmartCard:
- Incorporated microprocessor;
- Allows cryptographic processing;
- Allows storage;
- Fulfill international standards.
![Page 4: Cartão de Cidadão Security and authentication Bruno Duarte – ei07136 Pedro Barbosa – ei08036 Rúben Veloso – ei11001](https://reader036.vdocuments.site/reader036/viewer/2022062408/56649f395503460f94c56522/html5/thumbnails/4.jpg)
Official Applications
Similar application on Windows and Linux
![Page 5: Cartão de Cidadão Security and authentication Bruno Duarte – ei07136 Pedro Barbosa – ei08036 Rúben Veloso – ei11001](https://reader036.vdocuments.site/reader036/viewer/2022062408/56649f395503460f94c56522/html5/thumbnails/5.jpg)
Cards Architecture
![Page 6: Cartão de Cidadão Security and authentication Bruno Duarte – ei07136 Pedro Barbosa – ei08036 Rúben Veloso – ei11001](https://reader036.vdocuments.site/reader036/viewer/2022062408/56649f395503460f94c56522/html5/thumbnails/6.jpg)
Authentication
eID PT PKCS#11- Library to develop applications for “cartão do cidadão”;
- Simpler interface;
- Available for Java and .NET;
- Developed above PKCS#11.
- Appropriated for smartcards;
- Cryptography patterns(RSA Laboratories);
- Support for most used cryptographic methods (RSA, X.509, ...);
- Low Level interaction.
![Page 7: Cartão de Cidadão Security and authentication Bruno Duarte – ei07136 Pedro Barbosa – ei08036 Rúben Veloso – ei11001](https://reader036.vdocuments.site/reader036/viewer/2022062408/56649f395503460f94c56522/html5/thumbnails/7.jpg)
SOD Files• PTEID_GetCertificates();
• PTEID_GetADDR();
• PTEID_GetPins();
• PTEID_SetSOCAs() – define certificates location;
• PTEID_SetSODCheckin() – defines usage of above function.
Basic security principles
![Page 8: Cartão de Cidadão Security and authentication Bruno Duarte – ei07136 Pedro Barbosa – ei08036 Rúben Veloso – ei11001](https://reader036.vdocuments.site/reader036/viewer/2022062408/56649f395503460f94c56522/html5/thumbnails/8.jpg)
Developed examples
- Java Application using
eidPT;
- Application .NET C#
Using eidPT;
- Microsoft Office signature
method test
![Page 9: Cartão de Cidadão Security and authentication Bruno Duarte – ei07136 Pedro Barbosa – ei08036 Rúben Veloso – ei11001](https://reader036.vdocuments.site/reader036/viewer/2022062408/56649f395503460f94c56522/html5/thumbnails/9.jpg)
.NET C#
- Data read;
- Address read and
validation;
- SWatcher.
![Page 10: Cartão de Cidadão Security and authentication Bruno Duarte – ei07136 Pedro Barbosa – ei08036 Rúben Veloso – ei11001](https://reader036.vdocuments.site/reader036/viewer/2022062408/56649f395503460f94c56522/html5/thumbnails/10.jpg)
Java
- Data read;
- Data read and
validation;
![Page 11: Cartão de Cidadão Security and authentication Bruno Duarte – ei07136 Pedro Barbosa – ei08036 Rúben Veloso – ei11001](https://reader036.vdocuments.site/reader036/viewer/2022062408/56649f395503460f94c56522/html5/thumbnails/11.jpg)
Possibles failures
Vulnerabilities:
- key loggers;
- Applications not using official library;
- Trojans;
- No evident failures with the system;
- The reported error was not reproduced (PKCS#11);
![Page 12: Cartão de Cidadão Security and authentication Bruno Duarte – ei07136 Pedro Barbosa – ei08036 Rúben Veloso – ei11001](https://reader036.vdocuments.site/reader036/viewer/2022062408/56649f395503460f94c56522/html5/thumbnails/12.jpg)
Conclusions
- Manual vs Digital signatures;
- System is generally well conceived;
- People need to be aware of vulnerabilities and try to avoid it