2. Topics
• Estonian ID-card history
• Client software evolution & OpenSC
• Misc uses for the card and some “hacks”
• Generic PKI-paranoia mixed with FUD
3. # id
• Martin Paljak, ~30
• From periphery of Estonia
• ID-card user/hacker since 2003
• Wearing my (invisible) tinfoil hat today
4. Estonian ID-card
• Introduced in 2002 (conceived in ~1999)
• Currently ~1.1million cards (~1.35 million citizens)
• ~400000 active electronic users
• 4th generation of card in circulation + Mobile-ID
• Non/pre-standard on-card structures
5. What can it do?
• Authentication (certificate)
• Legally binding signatures (certificate)
• Visual ID (electronic ID as well)
• Decryption (for data in motion)
9. SOFTWARE
• Initially no client drivers procured with cards
• Windows-only binary effort by the (commercial) CA
• Signature is THE product for the CA
• CA makes money from signatures (OCSP)
10. Say WHAT?
• €€€ for one of the pillars of PKI (OCSP)?
• Paranoia alert: binary only software?
• FUD alert: if I sell my car, how do I know that
I’m not selling my home instead?
12. Volunteers to the rescue!
• “Open Source is about scratching your own itch”
• I haz Debian
• Create card driver with open source
• I buy Mac
• Y U NO MAKE MAC SOFTWAREZ ?
15. Extreme measures
• People smashing the chip with a hammer
• Cryptographers disabling their certificates
• “I did not generate those keys!”
• Tinfoil envelopes (and hats!)
• But no ICAO/RFID on the card...
• Knowledgeable people writing satire...
16. OpenSC
• Started by a Finn named JuhaYrjölä in ~2001
• Open source smart card middleware
• Includes support for several cryptographic
smart cards (national eID-s,“blank” cards, etc)
• Not necessarily the cutest piece of software
• It uses OpenSSL ;)
18. OpenSC the software
• First custom Linux code & PKCS#11
• Then OS X - Tokend
• Now deprecated from 10.7+
• Now slowly Windows code - MiniDriver
• Extra cruft to support not a single card but
many cards with common goals
• A framework, sort of
19. Purpose
“Implement API-s and platform modules used by real life
applications, to provide those applications access to
on-card capabilities”
21. OpenSC the project
• Not to be confused with opensc.ws, a trojan forum
• Not to be confused with opensc-vdr, some SAT-TV
card-sharing thing (also illegal)
• An umbrella for people, code and projects with one
goal: use various cryptographic hardware.With open
source. Especially smart cards.
• New goal: reduce fragmentation in Linux and improve
interoperability between libraries (OpenSSL, NSS,
GnuTLS etc) with PKCS#11
23. 2007
• Government finally opens a tender for eID
middleware software
• Based on existing open source code ;)
• Official E-voting happened in 2005
without official middleware to use the
card on “other” platforms...
• New, slightly different version of the card
24. 2007
• Campaign to increase electronic users of
the PKI system to 400000 in 3 years
• Cheap (6€) OmniKey card readers
subsidized by government made available
• Mobile-ID (WPKI) for driverless operation
introduced
25. 2010
• eID usage has increased tremendously
• People depend on it for online lifestyle
• “Temporary-ID” card introduced
(incompatible with original card), to have a
backup card if needed. Electronic use only.
• Software procurement failed, a fork of
forked open source code is created.
26. 2011
• A new (incompatible) card is introduced,
with 2048 bit RSA keys.
• There is finally “official software” available
to everyone, with real support. Open
source. Uses OpenSC for some parts.
• Smartphones make Mobile-ID an
interesting subject
• I get to plant paranoia on Codebits :)
28. IMPORTANT
• Smart card authentication != PIN verification!!!
• Presenting your ID-card without the security guy
doing a face<>card check != ID verification.
•Identification
•Authentication
•Authorization
29. Door lock with ID+PIN
• Enter your ID card
• Type the PIN on keypad
• Simsalabim, door opens
• Remember EMV “CHIP+PIN” ?
30. In Bigger cities of Estonia
• Pay money to a company for credit
• Present your ID-card to public transport
workers when asked
• Checked from database, if your ID-code has a
ticket.
• But municipal workers are not border guards ;)
31. A Public Library
• Pay money to secretary for credit
• Insert ID-card at copy machine
• Machine does:
• database_lookup(id_code_on_card)->credit--;
• You do:
• A card that “looks” like your roommates card
• TIP: always do cryptographic verification!
32. Common patterns
• Actually abusing the system
• Developing a “database nation”
• For the government, your identity
becomes just a primary key in the
database ...
33. PARANOIA ALERT!
“One Card to rule them all, One Card to find
them, One Card to bring them all and in the
darkness bind them.”
34. E-voting
• You encrypt your vote with the e-voting
system’s public key (anonymous)
• You sign the encrypted vote and send it
over the internet to the “ballot collector”
• Ballot box checks your eligibility to vote,
removes your signature and forwards the
encrypted vote to the “ballot box”
• Anonymous votes get decrypted and
counted offline
35. Things to consider
• Vote-forging it not tied to ID-card
• Don’t care (but authentication is)
• Things are heavily monitored
• Don’t care (police will knock on door)
• ZEUS trojan has a smart card module
• Don’t care (but precautions are taken)
• Haters gonna hate.
36. Trust?
“It is OK to use card you don’t trust to interact
with a government you don’t trust”
37. Use and abuse
• “Automatically select certificate”
• Identification of visitors, for fun or profit
• Remove your card if not using it!
• Trojans steal PIN codes and send to ...
• Use pinpad readers!
• Secure pinpad readers coming to market.
38. The good, the bad, the awful
• Biggest issue: fault in infrastructure
• The basic “SSL/PKI” complaints apply
• No breach from systematic failure has
happened, AFAIK.
• DON’T PANIC!
• Do business from anywhere, like Sintra!
39. Transparency FTW
• ... helps to fight FUD
• ... helps to fight paranoia
• ... helps to keep things auditable
• Use open source software
• Use public documentation
• If it is hackable, it will be hacked anyway.