Talks
2023
Event
Abstract
Sicherheitsprobleme in Webanwendungen zu finden ist für die meisten Experten in diesem Bereich nichts Ungewöhnliches. Aber eine einzelne Webanwendung, die unabsichtlich alle Punkte der OWASP Top 10 in sich vereint, ist dann doch eine Überraschung. Dieser Vortrag beleuchtet die Schwachstellen einer Software, der mehr als 100 österreichische Unternehmen ihre Daten (und die ihrer Kunden) anvertrauen.
Für Interessierte bieten die Vortragenden einen weiterführenden Workshop, im dem sie sich die Frage stellen, wie es überhaupt soweit kommen konnte, und ihren Umgang mit dieser Situation zeigen. Begleiten Sie die Vortragenden auf einer sowohl frustrierenden als auch unterhaltsamen Reise voller Schwachstellen, Missverständnisse und schlechter Entscheidungen.
Event
Abstract
In diesem Vortrag werden praxisrelevante Sicherheitsprobleme vorgestellt und in Hinblick auf ihre Ursachen untersucht. Dabei wird aufgezeigt, dass diese Probleme (sogar in sehr unterschiedlichen Bereichen) nur entstehen konnten, weil der Anbieter einer Lösung das Problem, das der Kunde eigentlich lösen wollte, nicht richtig verstanden hatte. Davon ausgehend werden Vorschläge abgeleitet, wie man in der eigenen Organisation sensibler für derartige Probleme werden kann.
Event
Abstract
Sicherheitsprobleme in Webanwendungen zu finden ist für die meisten Experten in diesem Bereich nichts Ungewöhnliches. Aber eine einzelne Webanwendung, die unabsichtlich alle Punkte der OWASP Top 10 in sich vereint, ist dann doch eine Überraschung. Dieser Vortrag beleuchtet die Schwachstellen einer Software, der mehr als 100 österreichische Unternehmen ihre Daten (und die ihrer Kunden) anvertrauen.
2020
Event
Event
Event
Event
2019
Event
Abstract
Smartphone, Internet, Apps wie WhatsApp oder Snapchat … sie sind aus dem täglichen Leben kaum noch wegzudenken. Doch was verrät dein Smartphone eigentlich über dich? Gibt es vielleicht auch dann Informationen über dich, deine Apps und deine Gewohnheiten preis, wenn du gar nicht damit rechnest? Wer könnte diese Daten nutzen und wofür? Welche Gefahren verstecken sich eigentlich in öffentlichen WLANs? Gemeinsam erforschen wir, wie man Daten von Smartphones sammeln und auswerten kann. Wir erkunden, wie man diese Informationen nutzen kann, um Personen zu identifizieren und zu verfolgen.
2017
Event
2016
Event
2015
Event
2014
Event
Event
2013
Event
Abstract
Endlich ist kontaktloses Bezahlen auch in Österreich angekommen. Bei immer mehr Händlern kann mit NFC-Kredit- und Bankomatkarten gezahlt werden. Viele neu ausgegebene Kredit- und Bankomatkarten sind standardmäßig mit NFC ausgestattet. Doch was steckt eigentlich hinter so einer Kontaktlostransaktion? Was passiert da genau? Welche Daten werden übertragen? Welche Daten sind überhaupt auf der Karte gespeichert? Und kann ein Angreifer meine Karte kopieren?
Event
Abstract
Creating Java Card applications for Near Field Communication’s card emulation mode requires access to a secure smartcard chip (the secure element). Today, even for development purposes, it is difficult to get access to the secure element in most current smart phones. Therefore, it would be useful to have an environment that emulates a secure element for rapid prototyping and debugging. Our approach to such an environment is emulation of Java Card applets on top of non-Java Card virtual machines (e.g. Android’s Dalvik VM). However, providing a Java Card run-time environment on top of another Java virtual machine faces one big problem: The Java Card virtual machine’s operation principle is based on persistent memory technology. As a result, the VM and the applications that run on top of it have a significantly different life-cycle compared to other Java VMs. Based on specific scenarios for secure element emulators for the Android platform, we evaluate these differences and their impact on Java VM-based Java Card emulation. Further, we propose possible solutions to the problems that arise from these differences in the life-cycles.
Event
Abstract
The ecosystem behind secure elements is complex and prevents average developers from creating secure element applications. In this paper we introduce concepts to overcome these issues. We develop two scenarios for open platforms emulating a secure element for the Android platform. Such an open emulator can be used for debugging and rapid prototyping of secure element applications. Moreover, by trading the secure element’s security and trust for openness, such a platform can be used as a replacement for the secure element for long-term testing and for showcasing of applications.
Event
Event
Abstract
Recent roll-outs of contactless payment infrastructures – particularly in Austria and Germany – have raised concerns about the security of contactless payment cards and Near Field Communication (NFC). There are well-known attack scenarios like relay attacks and skimming of credit card numbers. However, banks and credit card schemes often mitigate these attacks. They explain that attacks are impractical (e.g. in a relay attack an attacker needs to have RF access to a victim’s card while performing a payment transaction) or even impossible (e.g. skimmed data does not contain the dynamic authorization codes that are normally required to perform a payment transaction). This paper introduces an attack scenario on EMV contactless payment cards that permits an attacker to create functional clones of a card that contain the necessary credit card data as well as pre-played authorization codes. The card clones can then be used to perform a limited number of EMV Mag-Stripe transactions at any EMV contactless payment terminal.
Event
Abstract
The recent emergence of Near Field Communication (NFC) enabled smart phones resulted in an increasing interest in NFC security. Several new attack scenarios, using NFC devices either as attack platform or as device under attack, have been discovered. One of them is the software-based relay attack. We evaluate the feasibility of the software-based relay attack in Google’s existing mobile contactless payment system Google Wallet. We give an in-depth analysis of Google Wallet’s credit card payment functionality. We describe our prototypical relay system that we used to successfully mount the software-based relay attack on Google Wallet. We discuss the practicability and threat potential of the attack and provide several possible workarounds. Finally, we analyze Google’s approach to solving the issue of software-based relay attacks in their recent releases of Google Wallet.
Abstract
The recent emergence of Near Field Communication (NFC) enabled smart phones lead to an increasing interest in NFC technology and its applications by equipment manufacturers, service providers, developers, and end-users. Nevertheless, frequent media reports about security and privacy issues of electronic passports, contactless credit cards, asset tracking systems, NFC-enabled mobile phones, and proprietary contactless technologies suggest that NFC is a potentially unsafe technology whose main beneficiaries are thieves. While these weaknesses are often bound to specific applications and products, they boost the fear that NFC technology as a whole is dangerous, threatens our privacy and helps identity theft and fraud. In order to defend their own products and services, manufacturers and service providers often position themselves on the opposite extreme, stating that their products and services incorporate sufficient countermeasures.
This thesis’ aim is to assess the actual state of NFC security, to discover new attack scenarios and to provide concepts and solutions to overcome any identified unresolved issues. Based on exemplary use-case scenarios, application-specific security aspects of NFC are extracted. The current security architectures of NFC-enabled mobile phones are evaluated with regard to the identified security aspects. As a result of the exemplary use-cases, this research focuses on the interaction with NFC tags and on card emulation. For each of these two modes of NFC, this thesis reveals attack scenarios that are possible despite existing security concepts. For the interaction with NFC tags, a new attack scenario is introduced that allows modification of tag content even though its authenticity and integrity were supposedly guaranteed by a digital signature scheme. Moreover, potential privacy issues and remaining problems have been identified in the NFC Forum’s signature scheme specification. For the card emulation scenario, the mobile phone itself is identified as a significant, yet unconsidered, threat. Specifically, the well-known concept of relay attacks on smartcards is extended to the mobile phone platform. By using the phone’s processing capabilities and communication facilities, relay attacks can be mounted in a significantly easier and less obvious way. These assumptions are verified through prototypical implementations. Possible solutions and workarounds to overcome these issues are outlined and evaluated with regard to their advantages and disadvantages.
Event
Abstract
The recent emergence of Near Field Communication (NFC) enabled smartphones resulted in an increasing interest in NFC security. Several new attack scenarios, using NFC devices either as attack plattform or as device under attack, have been discovered. One of them is the software-based relay attack. In this paper we evaluate the feasibility of the software-based relay attack in an existing mobile contactless payment system. We give an in-depth analysis of Google Wallet’s credit card payment functionality. We describe our prototypical relay system that we used to sucessfully mount the software-based relay attack on Google Wallet. We discuss the practicability and threat potential of the attack and provide several possible workarounds. Finally, we analyze Google’s approach to solving the issue of software-based relay attacks in their recent releases of Google Wallet.
2012
Event
Abstract
- Basics
- NFC
- Tags
- NDEF
- Android + NFC
- Hands-On
- Part 1: NDEF Writer
- Part 2: NDEF Reader
- Part 3: Auto-start an app when a tag/NDEF record is detected
Event
Abstract
Software card emulation is a new approch to advance the interoperability of NFC with legacy contactless smartcard systems. It has been first introduced to NFC-enabled mobile phones by Research In Motion (RIM) on their BlackBerry platform. Software card emulation aims at opening and simplifying the complex and tightly controlled card emulation functionality. While this form of card emulation, that gets rid of the secure element (a device tightly controlled by the ``big players’’), is a great chance for development of innovative NFC applications, it potentially makes card emulation less secure and paves the way for interesting attack scenarios. This paper evaluates the advantages and disadvantages of software card emulation based on existing application scenarios and recent research results.
Event
Abstract
Near Field Communication’s card emulation mode is a way to combine smartcards with a mobile phone. Relay attack scenarios are well-known for contactless smartcards. In the past, relay attacks have only been considered for the case, where an attacker has physical proximity to an NFC-enabled mobile phone. However, a mobile phone introduces a significantly different threat vector. A mobile phone’s permanent connectivity to a global network and the possibility to install arbitrary applications permit a significantly improved relay scenario. This paper presents a relay attack scenario where the attacker no longer needs physical proximity to the phone. Instead, simple relay software needs to be distributed to victims’ mobile devices. This publication describes this relay attack scenario in detail and assesses its feasibility based on measurement results.