Banks and other institutions handle the problem of transaction security with three techniques: authentication, confidentiality and integrity. SSL/TLS (Secure Socket Layer Security/Transport Layer Security) is commonly used for the latter two issues. Several solutions, such as one-time passwords or challenge-response protocols, are used for authentication. The use of these techniques goes a long way towards handling primitive Internet attacks. Unfortunately, they alone do not provide a complete solution for today's more sophisticated attacks.
In MITM or 'man-in-the-middle' attacks, a hacker intercepts and modifies in an unnoticeable fashion the messages flowing between a user and a financial institution. The modified messages look to the user like those from the financial institution, whereas those to the financial institution look like those from the client. Malware (malicious software) is even more fiendish. Here the attacker manages to install a virus or Trojan horse in a user's personal computer and is then free to manipulate the messages received and sent by the user. Thus malware attacks can redirect communication to the attacker's server and change the data displayed by the user's browser. ZTIC provides security in the presence of both of these attacks.
ZTIC, the Zone Trusted Information Channel, adds a trusted and tamper-resistant secure communication endpoint with integrated display to an otherwise untrustworthy client PC. Implemented as a USB device running the TLS/SSL protocol, a ZTIC is about the size of a memory stick and thus can be attached conveniently to a key chain. Through this endpoint, a user can then communicate securely with sensitive online services such as a banking server.
All communication between a user's Web browser and a server is passed through and processed by the ZTIC, which in turn is hooked into the communication path by a networking proxy running on the PC. ZTIC continuously scans the data exchanged between client and server for sensitive operations such as money transfers. For each sensitive operation, it intercepts the communication flow, extracts crucial information for display and verification, and proceeds only after the user has explicitly confirmed the operation by pressing an OK button on the ZTIC. Non-sensitive operations are passed along without the need for user interaction. In addition, ZTIC may serve as a holder of sensitive personal information, such as a private key used in SSL/TLS client authentication. If non-repudiation is a strong design goal of an authentication solution, it is also possible to utilize a smartcard within a ZTIC to protect private data from extraction and duplication.
For all this, the ZTIC hardware consists conceptually, at a minimum, of a processing unit, volatile and persistent memory, a small display and at least two control buttons (OK and Cancel). An optional smartcard reader is also available. The software is minimally configured with a complete TLS engine including all cryptographic algorithms required by today's SSL/TLS servers, an HTTP parser for analysing the data exchanged between client and server, plus custom system software implementing the USB mass storage device profile and the networking proxy for running on a PC. All this fits easily into the USB stick implementation.
The information flow is shown in
Figure 1. The secure channel is opened between the (bank's) server and the ZTIC. The user communicates as usual with the server via a PC.
The result of any sensitive operation is shown on the small display of the ZTIC, requiring the user to accept or cancel the transaction. Even if there should be malicious software manipulating the flow in the PC, the user can cancel the transaction. What the user sees on the ZTIC display is identical to what the server sees, no matter what malicious intervention may have occurred. Hence, owing to the direct secure connection between ZTIC and server, the ZTIC essentially provides a window to the server.
ZTIC has been programmed such that no change is required in either the server software or the software running on the client's PC. It runs on all operating systems. The USB stick implementation adds only a minimal and quite acceptable delay to the transaction processing time.
IBM Zurich Research Laboratory, Switzerland
Tel: +41 44 724 8620