IP: Vulnerability Is Discovered in Security for Smart Cards

[Dave Farber <dave () farber net>]

Vulnerability Is Discovered in Security for Smart Cards

May 13, 2002
By JOHN MARKOFF 




 

SAN FRANCISCO, May 12 - Two University of Cambridge
computer security researchers plan to describe on Monday an
ingenious and inexpensive attack that employs a $30 camera
flashgun and a microscope to extract secret information
contained in widely used smart cards.

The newly discovered vulnerability is reason for alarm, the
researchers said, because it could make it cost-effective
for a criminal to steal information from the cards.

Smart cards are used for dozens of different applications,
including electronic identity protection, credit and debit
cards and cellular phone payment and identity systems.

The Cambridge researchers said they had discussed their
discovery with a number of card manufacturers, and several
had acknowledged the vulnerability. One company reported
that its security testing teams had already considered
types of attacks similar to the one mounted by the
Cambridge team and that they believed their products were
not vulnerable. 

The researchers said they had also proposed a potential
design change to the companies that would protect against
the attack. 

"This vulnerability may pose a big problem for the
industry," they wrote in their paper, "Optical Fault
Induction Attacks." The researchers argued the industry
would need to add countermeasures to the cards to increase
their security. 

The Cambridge group's discovery is one of two new smart
card attacks that will be introduced Monday evening in
Oakland, Calif., at an Institute of Electrical and
Electronics Engineers symposium on security and privacy.

A team of researchers from I.B.M.'s Thomas J. Watson
Laboratory in Yorktown Heights, N.Y., said they would
present a report at the conference based on their discovery
of a different vulnerability in subscriber identification
module, or S.I.M., cards. These are used in the type of
digital cellphone known as G.S.M., widely used in Europe
and to a lesser extent here.

The vulnerability would make it possible for a criminal to
find the secret information stored in the card, steal the
user's cellphone identity and make free phone calls.

Smart cards are credit-card-like devices containing a
microprocessor chip and a small amount of computer memory
for storing bits of electronic data that represent money or
other information that can be used to ensure identity, like
a code or a digitized retina scan or fingerprint.

More widely used in Europe than in the United States, the
cards have long been promoted as the key to a cashless
society as well as for identity and authorization
applications. Some countries have begun using them for
national identity cards, and they have recently been
discussed as a way of confirming travelers' identities to
speed airport security.

The Pentagon has armed soldiers with smart cards for online
identity and physical access, and the cards are in use in
the United States in commercial services like the American
Express Blue credit card and the Providian Smart Visa Card.
Both cards are offered by their providers as a convenient
and safe way to make Internet purchases, although their
actual use for those purposes so far has been limited.

Some of the information stored in the card is in the form
of a number composed of ones and zeros that cryptographers
refer to as a "private key." That key is part of a two-key
system that is used to encode and decode information. The
security of such systems is compromised if the private key
is revealed. 

Typically, after the card holder authenticates the card by
supplying a pin number, the private key will then be used
to encrypt any sort of transaction using the card. For
example, the card might be used to authorize a purchase or
a transfer of funds, make an e-mail message private, log on
to a computer network or enter a building.

The researchers from Britain, Sergei Skorobogatov and Ross
Anderson, who are based at the University of Cambridge
Computer Laboratory, discovered the flaw after Mr.
Skorobogatov found that he could interrupt the operation of
the smart card's microprocessor simply by exposing it to an
electronic camera flashbulb.

They were able to expose the circuit to the light by
scraping most of the protective coating from the surface of
the microprocessor circuit that is embedded in each smart
card. 

With more study, the researchers were able to focus the
flash on individual transistors within the chip by beaming
the flash through a standard laboratory microscope.

"We used duct tape to fix the photoflash lamp on the video
port of a Wentworth Labs MP-901 manual probing station,"
they wrote in their paper.

By sequentially changing the values of the transistors used
to store information, they were able to "reverse engineer"
the memory address map, allowing them to extract the secret
information contained in the smart card.

Mr. Skorobogatov is a Russian emigrant who was once
employed in the former Soviet Union's nuclear weapons
program, where his job was to maintain bombs.

Mr. Anderson is a well-known computer security researcher
whose work in both computer security and cryptography is
widely recognized. 

The researchers said they had discussed their findings with
a number of companies that had acknowledged the
vulnerability. However, at least one manufacturer who had
read the paper said it believed its products were not
vulnerable to the attack.

"This is a paper for an academic conference," said Alex
Giakoumis, director of product lines for the Atmel
Corporation, a San Jose, Calif.-based maker of smart cards.
"We've already looked at this area."

He said his company had built defensive measures into its
products that would make them invulnerable to such an
attack. However, he said he was unwilling to be specific
about the nature of the security system, because such
information would be valuable to someone who was attempting
to break the security of the Atmel smart cards.

The I.B.M. paper, which is titled "Partitioning Attacks: Or
How to Rapidly Clone Some G.S.M. Cards," was prepared by
Josyula R. Rao, Pankaj Rohatgi, Helmut Scherzer and Stefan
Tinguely. 

The researchers reported that they had dramatically
shortened the time needed to steal secret information from
today's G.S.M. cellphones.

Their new approach can seize the information within
minutes, they said, making it a much more useful method
than either breaking the cryptographic algorithms used by
the card or by intrusive attacks such as the Cambridge
approach. The I.B.M. researchers' report also offers advice
to the smart card industry on how to protect against
vulnerabilities. 

http://www.nytimes.com/2002/05/13/technology/13SMAR.html?ex=1022278959&ei=1&;
en=6ac980d05978c20c

For archives see:
http://www.interesting-people.org/archives/interesting-people/