1996-11-20 - Re: Cracks Are Found In Smartcard Security (fwd)

Header Data

From: Hack Watch News <kooltek@iol.ie>
To: jf_avon@citenet.net
Message Hash: 2ec64653acc5d5b688513842d857e9474e4ac2bd30f4e6f82fd7d49a0c5e5ff6
Message ID: <329377A5.4715@iol.ie>
Reply To: <9611201602.AB22689@cti02.citenet.net>
UTC Datetime: 1996-11-20 21:29:32 UTC
Raw Date: Wed, 20 Nov 1996 13:29:32 -0800 (PST)

Raw message

From: Hack Watch News <kooltek@iol.ie>
Date: Wed, 20 Nov 1996 13:29:32 -0800 (PST)
To: jf_avon@citenet.net
Subject: Re: Cracks Are Found In Smartcard Security (fwd)
In-Reply-To: <9611201602.AB22689@cti02.citenet.net>
Message-ID: <329377A5.4715@iol.ie>
MIME-Version: 1.0
Content-Type: text/plain


Jean-Francois Avon wrote:

> In what context?  (How does that applies to PGP? Did he say that for short
> keys used to encrypt data directly?)
> 
> Sorry for my cluelessness.
> 

The smart cards in use by banks to protect transactions seem to use RSA
and DES algorithms. Now these algorithms are computationally difficult
to hack. Therefore an attack via cryptographical route would not be
envisaged by those who specify the system for the bank.

With the research into popping smart cards using fuming Nitric Acid, the
keys used for these transactions could be extracted from a smart card
within a few hours. Thus with the keys extracted, RSA and DES become
even more vulnerable because they are such well known algorithms. It
would be easy for someone to implement them in a pirate smart card as
indeed has been the case in European satellite Pay TV piracy. (France
Telecom used DES as the cryptographical basis for their EuroCrypt-M
access control overlay for the D2-MAC television standard).

The Fiat-Shamir ZKT was also demonstrated to be vulnerable using a
similar approach. It was possible to extract the necessary data to allow
pirate cards to spoof a valid ZKT response. Of course the original
version of this flaw was due to incompetence on the part of the system
designers (they never secured the card-decoder interface
microcontroller). A later implementation integrated the result of the
ZKT with the output of the algorithm thus making it a more secure
implemenation. However the smart card was popped (reverse-engineered
using the techniques desicribed in the paper) making it all academic.

The bottom line is that the security of smart cards is both highly
overrated and depends on a high level of bluff. Most people would not
attack a smart card because they think it is secure. However in European
satellite television piracy, most of the systems have been shown to have
flaws either in the technology or the implementation. (Naturally the
best reference on this is European Scrambling Systems 5 - The Black Book
ISBN: 1-873556-22-5 ;-) )

The relevant paper is at:
http://www.cl.cam.ac.uk/users/rja14/tamper.html

Regards...jmcc





Thread