Do Smart Cards Protect You From Credential Theft?
In recent years, the use of smart cards widely increased as a secure form of authentication for a wide range of applications, ranging from mobile networks requiring a SIM card in mobile devices to credit card vendors making smart cards, the de facto standard for credit cards.
The combination of strong encryption with the applied physical measures creates a tamper-resistant device, is what makes smart cards considered highly secure. An interesting application for smart card authentication is obviously computer network security, an application that gains popularity in governmental and finance sectors.
In this blog post, I will analyze how a typical deployment of smart card authentication in an Active Directory (AD) network usually does not provide efficient defense against a wide variety of credential theft attack vectors.
Network Protocol Attacks
A critical issue sometimes overlooked by CISOs and IT administrators is that smart cards don’t prevent credentials from being abused with Pass the Hash and Pass the Ticket attacks as credential tokens are still stored in lsass.exe and are still very much exploitable. If you are still skeptical, check out a Microsoft official publication with PtH mitigation recommendations which states the use of smart cards doesn’t help in protecting against privilege escalation and lateral movement. Moreso, using smart cards for login makes the network more susceptible to PtH/PtT attacks as NTLM hashes never become stale. (NTLM hashes are being used also in Kerberos so even if you disable NTLM in your network you are still vulnerable to this sort of attacks).
Furthermore, in many cases, some of the users (usually IT administrators) still have regular plain-text passwords in addition to smart cards as these are required for some legacy machines and services. In this case, the passwords can still be used for other scenarios except for machine logon such as authentication to a database, fetching files from a file server, and even running code on a remote machine using PsExec.
In all organizational networks, there are most likely some AD accounts that can’t be authenticated with smart cards. These are the accounts the are used to run servers (e.g. SQL databases) and accounts used for specialized agents on host PCs (e.g. backup agents, GPO scripts). Here at Preempt, we refer to these users as programmatic users. Obviously, since these users don’t engage in interactive logins and run without manual intervention, they must be exempt from smart card authentication and used with a run of the mill password authentication.
We’ve analyzed how prevalent programmatic accounts are in one of our recent clients and results were overwhelming: 551 of 2600 (21.19%) of user accounts are programmatic. More severe: 33% of privileged account was programmatic.
Smart Card Attacks
It is widely believed that the cryptographic and physical security of smart cards is impeccable and that the presence of PIN codes with limited attempts dramatically reduces the risk of a stolen card being used. It is, however, not inconceivable that an extremely sophisticated attacker with extensive technical know-how that gets physical possession of a smart card would be able to read the certificate private key stored internally in the smart card and use it for their malicious purposes. Cryptographic researchers have shown successful attacks on smart cards in the past. Just to list a few (see Ross Anderson’s wonderful book for an overview):
- Invasive Attacks
A method by which attackers were able to expose shared secrets from smart cards. The attack included breaking the seal and eavesdropping on smart card chip busses. Back in the day, this attack was very simple and caused a lot of headaches to pay-TV vendors who had to deal with card cloning. Even though defenses got better, no card is 100% safe from this sort of attack
- Differential Power Analysis
Differential Power Analysis (DPA) is a cryptographic attack that analyzes the power used by a smart card to reveal secret keys stored on the card. DPA is an ongoing field of academic research and while card vendors are getting increasingly good at protecting cards from DPA, researchers have again and again demonstrated they were able to effectively expose secrets with DPA
- Fault Generation
Fault generation is a method by which an attacker manipulates power/clock input signals to disrupt a card’s operation. Simple examples of this attack were documented in the card payment industry
Smart cards have some advantages in IT operations (no account lockouts or forgotten passwords) and are efficient at mitigating the risk of passwords being stolen and abused by non-technical disgruntled employees.
Smart cards, however, are not an efficient way to combat credential theft orchestrated by experienced attackers. Even worse, smart cards pose a security threat for two main reasons:
- The shared secret is never changed – this is equivalent to setting a password that never expires to all users.
- They give a false sense of security – leading IT admins to forgo additional layers of security such as User and Entity Behavioral Analytics (UEBA) system.
In his analysis, security researcher, Matt Weeks, recommends that smart card users’ hashes should be randomized daily while exempting programmatic accounts. Furthermore, he recommends that these programmatic accounts be highly restricted (using silos, denied network, and RDP). The sad truth in most networks we see here at Preempt is that these recommendations are almost never followed – for a variety of reasons.
Posted by Yaron Zinar on August 11, 2016 7:07 AM