If a person having the card and a valid PIN number wants to extract the
secret keys it is hard to prevent them from doing so since any number of
chosen plaintext attacks can be run. If someone has only the card without
the PIN it is much much harder in a well designed card.

Also the side channel attacks (power consumption/timing) usually require the
PIN and are subject to blinding in the algorithm. Blinding is where for
example a RSA key and ciphertext are multiplied by a temporary number prior
to the RSA computations and afterwards the reciprocal number is multiplied
by the result. It should be a no-op in the algorithm but changes all the
intermediate values which makes timing/power calculations apply to the key*
temporary instead of just the key.

There are several problems and the answer is different depending on who is
trusted.
First - there is the issuing authority: they are usually assumed to be
trusted and competent.
Second - the valid holder of the card: this person is the one being
authenticated
Third - the computer/ATM/POS terminal : this is the equipment accepting the
authentication.

Now for most examples on sclinuxlinuxnet.com it would appear all three are
under a single point of control so many problems of trust become simpler.
I trust myself to issue a card to me. :)
I will use my card the way I intend. :)
my PC will use the card to verify that I am myself and is not working
against me.

A typical but much more complex problem is:
VISA or AMEX for example issue cards to their customers the customer takes
it to a point of sale terminal
the merchant accepts it.

In this case if the merchant wishes to cause fraudulent charges the system
can break down.
i.e. you type in your PIN and the merchant displays a charge in the correct
amount and bills for some other amount or sends 100 authorizations to the
card one after another. Since the merchants computer is where the value of
the transaction is displayed and where the PIN is entered this presents a
large possible problem. The smart cards do not appear to have quite enough
storage to keep track of all the merchant transactions. Also the smart card
should have its own display so that the user could verify what is being
signed. It should in general have its own keypad for the PIN to avoid
sending the secret PIN in the clear via untrusted (by the customer)
communication channel, another option would be to have a confirm button on
the card so each transaction would require pressing it. This would of
course work poorly for subscription services or bill by the minute.

The merchant fraud problem is counter weighted by the fact that a merchant
needs to have a merchant account, address and bank which prevents most of
the steal money and run methods. Transferring money by "beaming" like some
would like to do with PDAs and stored value cards is even more complex as
both sides might be operating as both customer and merchant.

The customer by possessing both the card and the valid PIN can in theory
extract the information on the card more easily than most, by using chosen
plaintext attack but this would only allow the user to be able to create
clones of their own identification. This is not really much of a problem as
it just lets a customer impersonate himself (or herself). Giving out this
information is not generally wise but could be useful for some purposes like
to spouse/children who would be allowed to sign.

Another class of problem entirely, is if the issuing authority is not
trusted. The issuing authority could make several completely valid smart
cards to identify the same person, after all that is their function. This
is counter weighted by the fact that the issuing authorities main value is
in their reputation and fraud of this sort would damage it. This can be
partly compensated for by having the customer create the identity and have
it signed by the issuing authority. This would prevent having the same
exact information on several cards as no one would have all the information.
It does have the problem of the customer keeping the information really
secret. So do you wish the issuing authority to have all the data or to
have the customer try to keep some secret?

***************************************************************
Unix Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/
To unsubscribe send an email to majordomolinuxnet.com with
unsubscribe sclinux
***************************************************************

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]