Print

Mail

wiki links

Smart cards may have a major security weakness

Two University of Cambridge computer security researchers planned yesterday to describe an ingenious and inexpensive attack that employs a US$30 camera flashgun and a microscope to extract secret information contained in widely used smart cards.

The newly discovered vulnerability is reason for alarm, the researchers from the British university said, because it could make it cost-effective for a criminal to steal information from the cards.

Smart cards are used for electronic identity protection, credit and debit cards and cellular phone payment and identity systems.

"This vulnerability may pose a big problem for the industry," they wrote in their paper, "Optical Fault Induction Attacks."

The researchers argued that the industry would need to add countermeasures to the cards to increase their security.

The discovery will be described on Monday evening in Oakland at an Institute of Electrical and Electronics Engineers symposium on security and privacy.

Smart cards are credit-card-like devices containing a microprocessor chip and a small amount of computer memory for storing bits of electronic data that represent money or other information that can be used to insure identity, like a code or a digitized retina scan or fingerprint.

The cards have long been promoted as the key to a cashless society as well as for identity and authorization applications. Some countries have begun using them for national identity cards, and they have recently been discussed as a way of confirming travelers' identities to speed airport security.

The Pentagon has given soldiers smart cards for online identity and physical access, and the cards are in use in the US in commercial services like the American Express Blue credit card and the Providian Smart Visa Card.

Information stored in the card is in the form of a number composed of ones and zeros that cryptographers refer to as a "private key." That key is part of a two-key system that is used to encode and decode information. The security of such systems is compromised if the private key is revealed.

Typically, after the card holder authenticates the card by supplying a personal identification number, the private key is used to encrypt the transaction. For example, the card might be used to authorize a purchase or a transfer of funds, make an e-mail message private, log on to a computer network or enter a building.

Over the last decade, security researchers have repeatedly found subtle flaws in the elaborate security methods used to protect smart cards, which range from special packaging materials to mechanisms that prevent a potential attacker from gleaning information by seeing how much power the device is consuming at any one time.

The researchers, Sergei Skorobogatov and Ross Anderson, who are based at the university's Computer Laboratory, discovered the flaw after Skorobogatov found that he could interrupt the operation of the smart card's microprocessor simply by exposing it to an electronic camera flashbulb.

They were able to expose the circuit to the light by scraping most of the protective coating from the surface of the microprocessor circuit that is embedded in each smart card.

With more study, the researchers were able to focus the flash on individual transistors within the chip by beaming the flash through a standard laboratory microscope.

By sequentially changing the values of the transistors used to store information, they were able to "reverse engineer" the memory address map, allowing them to extract the secret information contained in the smart card.
This story has been viewed 1602 times.