Interesting People mailing list archives
IP: Weaknesses in Smart Cards? [ I agree djf]
From: Dave Farber <farber () central cis upenn edu>
Date: Thu, 26 Sep 1996 21:23:57 -0400
Date: Thu, 26 Sep 1996 02:21:25 -0700 To: cypherpunks () toad com From: tcmay () got net (Timothy C. May) Thanks, John. I read the full article. I'm skeptical. At 12:08 PM 9/26/96, John Young wrote:
9-26-96. NYP: "Potential Flaw In Cash Card Security Seen. Counterfeiting a Risk, Say Bellcore Scientists." Markoff.
The Bellcore researchers said that a smart card's security could be breached by forcing the microchip in the card to make a calculation error, whether through sophisticated means like bombarding the card with radiation or perhaps cruder methods like placing it in a microwave oven. A mathematical formula they derived could use this error to extrapolate the secret data that authenticates the card when it is used.
As the researchers note, they haven't actually done this. Having worked on radiation effects on chips, I'm skeptical that this can be done economically. Simple radiation sources won't be penetrating enough (for the high "linear energy transer" (LET) particles needed to deposit enough energy to flip a logic state) and the penetrating stuff (betas and gammas) are low-LET and will only disrupt logic states in very high overall exposures (kilorads). A cyclotron, for example, could get some high-LET particles through the packaging to the chips. Strip-back of the outer packaging is possible, of course. I'd need to know a lot more about the packaging used by VISA and other smartcard makers to know how economical this would be. (Breaking any single card is not necessarily a financial windfall, if the card has a limit, for example. This puts a limit on how much $$$ can be spent on cracking a chip.) Also, there are electrically-erasable PROM (EEPROM) chips which are very difficult to clone, and which would have response properties to radiation which are much different from static RAMs and microprocessors. The "microwave oven" point I won't comment on. Their work on what might be called a kind of "avalanche" algorithm, where a few flaws in operation yield secrets at the output, seems interesting. However, one thing that disturbs me (and their work is not the only example) is the "press release" nature. Especially for _theoretical_ work, rather than actual demonstration! When the cracking of a 40-bit key was done about a year ago (by a couple of Cypherpunks, including the French student), it was a *real* crack, not a press release about a _possible_ attack. Likewise, the Netscape crack by Wagner and Goldberg was a *real* attack. But as the "arms race" for press releases about potential security flaws escalates, it appears people are pre-announcing results, or gussying-up potential flaws in the language of scary press releases. Not a good journalistic trend, in my opinion. --Tim May We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay () got net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1,257,787-1 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
Current thread:
- IP: Weaknesses in Smart Cards? [ I agree djf] Dave Farber (Sep 26)