OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Michael Gile (mgilemac.com)
Date: Mon Jan 21 2002 - 16:27:57 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    The security problem with smart cards is not key recovery. It is the fact
    that the smart card must rely on a standard PC (or other insecure host) for
    input and output.

    For example, say we have a smart card with a signing application that will
    sign arbitrary data from the host PC (an oracle). The attacker no longer
    needs access to the key, only an application that can send data to the card.
    Even when adding authorization to the key usage (for example a PIN), an
    attacker needs only access to the insecure host machine and can then recover
    the PIN itself or send bogus data to be signed.

    The solution to the smart card attacks above is to add a secure
    communication channel to some special purpose server through which only
    encrypted data is ever transmitted outside the card, or provide a more
    robust mechanism to the user that can be used for secure input and allows
    more storage and computing power on the card itself.

    Regards,

    Michael Gile
    Wave Systems Corp.
    mgilewavesys.com
    mgilemac.com

    On 1/21/02 12:39 PM, "Matthias Bruestle" <mlistmbsks.franken.de> wrote:

    > On Sun, Jan 20, 2002 at 08:03:26PM -0800, David Corcoran wrote:
    >> I've got Ben Laurie (yes, the famous Apache hacker) on another list
    >> claiming that smart cards are weak storage for keying material.
    >> e.g. that physical access to the card is all that is needed for a
    >> motivated hacker to pry the key out of the card.
    >
    > I have never tried to crack a smart card or have much knowledge about
    > the technical devices needed, but I have read quite a bit and had to
    > do with cards, industry, etc..
    >
    > My estimation of the situation:
    >
    > Smart card manufacturers try to make these as secure as possible,
    > but smart cards are a cheap mass product.
    >
    > I do think, that cracking of smart cards is hard, but not impossible.
    > And it is getting harder and harder, because there are are improvements
    > in the smart card area regarding security, e.g. in the Infineon series
    > 44 -> 66S -> 66P. (I'm most familiar with these ICs.) I do believe,
    > that the 66P series from Infineon for at least some years secure against
    > reading the content of the EEPROM by students and also more sophisticated
    > hackers. This is because of the security features they have and because
    > so many firms and government agencies do trust them. It would be very
    > bad publicity for them if a card would be cracked. But I do not believe,
    > that the 66P is secure against the laboratory and knowledge of e.g. Intel.
    >
    > For the 66S there seams to be not so much trust, e.g. the German
    > signature cards from Telesec hat originally a 66S chip and were replaced
    > by cards with a 66P. For the 44 there is, as it appears, even much less
    > trust, thatn for the 66S.
    >
    > If you only want to read out a key, some form of power analysis would
    > be enough. You need here not very expensive equipment. Card and OS
    > manufacturers try als to be secure against this and they do apparently
    > also try themself (or pay others to do so) to attack their cards with
    > power analysis. My opinion is, that it is very difficult to do a power
    > analysis attack with modern cards, but I am not convinced that it is
    > impossible. What might make it impossible is to try to design a power
    > analysis resitant protocol. E.g. with some sort of error counter.
    >
    > These are not definite answers. Here is probably a similar situation
    > than in the cryptography area. but surrounded by non-openess.
    >
    > So my advice is to design a smart card application, that an attacker
    > can not gain much value, and also to develop some plans what to do,
    > if a card get's cracked.
    >
    > If there is interest, I can also write some about evaluation according to
    > ITSEC/CC.
    >
    >
    > Mahlzeit
    > endergone Zwiebeltuete

    ***************************************************************
    Unix Smart Card Developers - M.U.S.C.L.E.
    (Movement for the Use of Smart Cards in a Linux Environment)
    http://www.linuxnet.com/
    To unsubscribe send an email to majordomolinuxnet.com with
    unsubscribe sclinux
    ***************************************************************