Cracking the Smartcards

hanuman writes: "So you know you're a true hacker when: 'Breaking the encryption alone would cost up to $5m. The process demanded the use of ultra-expensive electron-scanning microscopes, with the team probing wafer-thin chips no bigger than a thumbnail. Each chip contained up to 50 layers, with each layer in turn carrying up to 1,000 transistors, every one of which had to be pulled apart and analysed.'." This is a follow-up to the Vivendi vs. News Corp. story with more details about what is alleged to have occurred. Update: 03/14 12:28 GMT by M : And yet another story, which alleges that the head of security at NDS funded the website that distributed the hack for their rival's smart cards.

The players and the gizmos of pay TV

[satanami69]

What is a smart card?
A credit card-sized device that protects digital television signals from
unauthorised viewing.When plugged into a set-top box, it determines which
programmes subscribers have paid to see.

The cards contain tiny but sophisticated computers that decrypt television
signals as they pass through the air and turn them into television pictures.
Without a smart card, ITV Digital viewers can only watch free-to-air channels
like the BBC, ITV and Channels 4 and 5.

Users of pirate cards have been gaining access to pay TV channels like sports
and movies without paying.

Where did the pirated cards come from?

Hackers posted on the internet details of the codes needed to create illegal
smart cards that gave free access to pay TV services. Criminals used the
information to make fake cards and then sold them through pubs, clubs and market
stalls for £5-£20. About 100,000 pirated ITV Digital cards are thought to be in
circulation.

What is Vivendi Universal?

A former French water group that is now one of the biggest entertainment
companies in the world. The chief executive, Jean-Marie Messier (right), has
become one of the world's most powerful media moguls after buying a range of
businesses including the Universal film studios and music labels, Canal Plus
television in France, the Cegetel mobile phone company, directory businesses and
internet firms.

What is Canal Plus?

The European film and television distribution arm of Vivendi Universal. The
division that makes the smart cards is called Canal Plus Technologies. It
supplies cards and software to 12.5m set-top boxes worldwide.

What is NDS Group?

Based in Staines, Middlesex, NDS specialises in building the smart cards and
interactive software for pay TV systems that allows paid-for television
programmes to be securely beamed to customers' homes.

Rupert Murdoch's News Corporation is an 80% shareholder. NDS technology is used
in almost 28m pay TV set-top boxes worldwide and supports 40% of all satellite
receivers. Most of the group's research is carried out in Israel.

Basically this is a nice heavyweight fight.

Re:The players and the gizmos of pay TV

[Lumpy]

Wrong.. the smartcard does no decryption of video. The smartcard in the H card is a 4mhz processor It does nothing but verification of authentication tokens and then tells the reciever to display correctly hotpornnet or to not display it correctly.

The smartcard is primarily used to store and decrypt the decoding key for the reciever.

If the video was being decoded in the card, then the card emulator hack that is used on the sucessful sattelite tv pirates systems wouldnt work as most use 286 and 386 machines that boot from a floppy.

Re:The players and the gizmos of pay TV

[Quixote]

And where did this writeup come from? Here. Just a cut-n-paste job

F'ckin karma whore..
Mod the parent down!

Low tech and ancient news. Read thise paper first

I know guyz that have done this (SEM in light fast vaccuums)... and won.

Read this VERY fascinating ggogle cache of the state of the art many years ago... :

http://www.google.com/search?q=cache:wybhqqCka28 C: www.usenix.org/publications/library/proceedings/sm artcard99/full_papers/kommerling/kommerling_html/

Its pretty darn good.

Now the world has progressed to kracking using varrying external clocks, SEM as routine, probe points, etc.

Everything is crackable.

The best researchers (with published findings) arent in isreal btw, they are in Britain.

please read that cached google paper, its really worth it.

if the cache is dead try :

http://www.usenix.org/publications/library/proce ed ings/smartcard99/full_papers/kommerling/kommerling _html/

Not so hard

I'm sorry to have to say that the article you
referred to contains a gross inaccuracy: the
exstimate of the cost of `cracking a smart card'
is way overinflated. Smart card technology is,
by its own very nature, not safe: any smart
card is vulnerable to power/timing attacks
and, even if expensive equipement helps, you
don't need that much in order to recover the
keys. As a matter of fact, given that amount of
money the simplest way to force the system is
an exaustive search on the 3des keyspace (yes,
3des is the algorithm). I would advise people to
read a bit more about Differential Power Analysis
before going to court... I would suggest anybody
interested
to try to find the proceedings of any
{Euro|Asia}crypt or of CHES (Cryptographic
Hardware and Embedded systems).

Regards,
lg

Re:Breakdown of cost? cost is a sensational lie

Its inflated. A similar team of experts could do it with 2 or 3 guys in a month or two for under 20 thousand dollars...

Sure low iq moron engineers can squander 5 million doing the same thing genius level experts can do it for under 20K.

But that does not mean it takes 5 million.

Forget your breakdown.

Read this to learn the methods used that are common knowledge methods :

http://www.google.com/search?q=cache:wybhqqCka28 C: www.usenix.org/publications/library/proceedings/sm artcard99/full_papers/kommerling/kommerling_html/

and those are not all the 2002 tricks, but good enough to beat most all crypto chips.

Re:Well, no

[armb]

> .. smartcards can be hacked with a lot less money involved
> Try searching for it

http://citeseer.nj.nec.com/anderson97low.html is a good start. "Low Cost Attacks on Tamper Resistant Devices" (1997), Ross Anderson, Markus Kuhn.

Investments in Cracking

[standards]

I think the interesting part is this just shows with enough big dollar corporate investment, even sophisticated security schemes can be cracked.

If cracking security helps your competition out of business, well, that could be worth several billion dollars. Investing $100 million would be money well spent.

In my community, the hacker community, a goal is to IMPROVE security by revealing it's flaws. But these guys broke security to make billions off of someone else's huge investment. That's very different.

Of course, like Enron, corporate executives should pay the price for much of the resulting destruction. It'd say that a good "20 years to life" sentence would be appropriate for all of those in this management chain. And if the worker-bees knew what they were up to, same thing: jail.

Re:Well, no 40 minutes ago a better post...

http://slashdot.org/comments.pl?sid=29435&cid=31 61 644

has reference to a much better paper from 2 years later and was posted 40 minutes ago and if you browsed at level-0 you would have spotted it.

The fact that its still at 0 is because moderation does not work very well which is why your post is at 2 karma and you let mine languish at 0.

iButonsare more secure than a smartcard.

[Lumpy]

You CANT do this to an iButton. as soon as you crack open the shell to expose the silicon a super rapid zeroization process starts inside.

They cant put this no-tamper technology on a smartcard, there is barely room and durability for what is there now.

Re:iButonsare more secure than a smartcard.

[Sheridan]

The iButton's tamper resistance is not perfect - at least according to Ross Anderson, in "Security Engineering" (Chapter 14, "Physical Tamper Resistance"):-

... one might try drilling in through the side, then either probe the device in operation or disable the tamper-sensing circuitry. Because the iButton has lid switches to detect the can being opened, and its processor is mounted upside-down on the circuitboard (with a mesh in the top metal layer of the chip), this is unlikely to be a trivial exercise. It might well involve building custom jigs and tools. In short, it's a tempting target for the next bright graduate student who wants to win their spurs as a hardware hacker.

i.e. the "no-tamper technology" in the iButton is in the form of lid switches which may be defeatable by drilling in from the side, unlike e.g. the IBM 4758 cryptoprocessor which has a tamper-sensing mesh encasing it.

A relevant paper

[phyngerz]

A relevant paper (by Markus Kuhn, same guy who did the research about evesdropping on CRTs using the ambient light generated) here.

More on this story...

[dipfan]

The Guardian's got two more pieces on this today, with more details about the collusion between NDS and "crackers", including the very seedy past of the NDS security chief Ray Adams.
The guts of it are the connections of NDS with a sat-piracy website called The House of Ill Compute (THoIC), which fell apart in spectacular fashion in the middle of last year when some of the site's members confronted the spy in their midst in a pub with evidence he was recording everything and passing it to NDS, and getting paid for it. Some UK /.ers may recall it.

Here:
http://media.guardian.co.uk/news/story/0, 7541,6670 40,00.html

and here
http://media.guardian.co.uk/news/story/0,754 1,6669 67,00.html

Need to cut down keyspace?

[Goonie]

Last time I checked, you can't just brute force 3des for $5 million - the keyspace is just too large (2^112 is pretty damn big). You'd need some help along the way, like the differential attacks described elsewhere. Wouldn't you?

From what I've read, they cut down the keyspace by (for instance) forcing the algorithm to execute wrongly and thus revealing substantial information about the keys.

smart card cracking is not so easy...

The question is was the smart card a 0.40 euro or a 10 euro one. There are smartcards that:

Contain selfdestruct chemicals that immediately destroy chips core when opened (and they are pretty effective).

Perform logical operations on complementary values at the same time (first order differential power analysis wont work).

Have several polished layers of transistors( so you cant see the connection layout without carefully removing layers).

Have encrypted internal bus(so you cant read single bits from the bus, becouse they depend on each other).

Are designed to resist power failures (can't make that jump to crypto routine to become nop by dropping power or clock)

Generally are designed by paranoid and smart people. Cracking such cards is not possible in a garage according to public research. However, any smartcard can be hacked with enough determination and the correct solution is to make sure that hacking of one card only compromises that one card and not the entire system. However I don't think that limiting compromise is possible in broadcasting environment.

Re:Well, no 40 minutes ago a better post...

Its not a link. Its a html citation url. It was butchered by slashcode (on slashdot) inserting a space character.

To read it you ahve copy and paste it and manually delete the space character that slashdot usually adds to all html url citations.

this html citation will work

I will paste it again here but when you copy it into your browser hunt for the random space sharacter that the buggy slashcode will insert into it. :

http://www.google.com/search?q=cache:wybhqqCka28 C: www.usenix.org/publications/library/proceedings/sm artcard99/full_papers/kommerling/kommerling_html/

I triple tested the google cache http url as I pasted it here one second ago. Its valid, you just need to be aware of slashdots bugs.

Re:Other ways of cracking

[titurel]

Yes a season can be very helpful but you won't get the sufficient amout of information about the encryption algorithm just by sniffing the traffic between the smartcard and the decoder.

Here in Europe, Canal Satelite uses the SECA encryption, which is absolutely cracked. Applying some bugs of the existing smartcards you can create a "masker key", which is a kind of "root" account in the card. When you have created this master key on the card, you are ready to add providers, channels, buy pay per view events and a lots of interesting things.

Here in Sweden Canal Digital uses Conax and there are no public codes or files so that you can unscramble the picture. (There are pirate cards, but rumor says that they have been stolen from factory or are MOSCed (modified original cards) On the other hand the largest provider Viasat and their system is compleately cracked.

By expoliting or MOSCing the providers card you can read out the management keys (keys used for decrypting operational keys wich are used for decrypting the picture) and of course add other keys and idents. You can also change the time period that determines how long you are allowed to watch a channel. Right now there even are scripts that unlocks canal digital (conax) cards.

You can find out more on satcodes.com

Re:All I want to know...

fscktv

pdf also available

[morcheeba]

Or get the whole pdf (652kB) from usenix -- it's easier to add that to my library than the html. Thanks for a great link!