Slashdot Mirror
Cracking the Smartcards
hanuman writes: "So you know you're a true hacker when: 'Breaking the encryption alone would cost up to $5m. The process demanded the use of ultra-expensive electron-scanning microscopes, with the team probing wafer-thin chips no bigger than a thumbnail. Each chip contained up to 50 layers, with each layer in turn carrying up to 1,000 transistors, every one of which had to be pulled apart and analysed.'." This is a follow-up to the Vivendi vs. News Corp. story with more details about what is alleged to have occurred. Update: 03/14 12:28 GMT by M : And yet another story, which alleges that the head of security at NDS funded the website that distributed the hack for their rival's smart cards.
What is a smart card?
A credit card-sized device that protects digital television signals from
unauthorised viewing.When plugged into a set-top box, it determines which
programmes subscribers have paid to see.
The cards contain tiny but sophisticated computers that decrypt television
signals as they pass through the air and turn them into television pictures.
Without a smart card, ITV Digital viewers can only watch free-to-air channels
like the BBC, ITV and Channels 4 and 5.
Users of pirate cards have been gaining access to pay TV channels like sports
and movies without paying.
Where did the pirated cards come from?
Hackers posted on the internet details of the codes needed to create illegal
smart cards that gave free access to pay TV services. Criminals used the
information to make fake cards and then sold them through pubs, clubs and market
stalls for £5-£20. About 100,000 pirated ITV Digital cards are thought to be in
circulation.
What is Vivendi Universal?
A former French water group that is now one of the biggest entertainment
companies in the world. The chief executive, Jean-Marie Messier (right), has
become one of the world's most powerful media moguls after buying a range of
businesses including the Universal film studios and music labels, Canal Plus
television in France, the Cegetel mobile phone company, directory businesses and
internet firms.
What is Canal Plus?
The European film and television distribution arm of Vivendi Universal. The
division that makes the smart cards is called Canal Plus Technologies. It
supplies cards and software to 12.5m set-top boxes worldwide.
What is NDS Group?
Based in Staines, Middlesex, NDS specialises in building the smart cards and
interactive software for pay TV systems that allows paid-for television
programmes to be securely beamed to customers' homes.
Rupert Murdoch's News Corporation is an 80% shareholder. NDS technology is used
in almost 28m pay TV set-top boxes worldwide and supports 40% of all satellite
receivers. Most of the group's research is carried out in Israel.
Basically this is a nice heavyweight fight.
I really hate Dan Patrick.
I know guyz that have done this (SEM in light fast vaccuums)... and won.
:
8 C: www.usenix.org/publications/library/proceedings/sm artcard99/full_papers/kommerling/kommerling_html/
:
e ed ings/smartcard99/full_papers/kommerling/kommerling _html/
Read this VERY fascinating ggogle cache of the state of the art many years ago...
http://www.google.com/search?q=cache:wybhqqCka2
Its pretty darn good.
Now the world has progressed to kracking using varrying external clocks, SEM as routine, probe points, etc.
Everything is crackable.
The best researchers (with published findings) arent in isreal btw, they are in Britain.
please read that cached google paper, its really worth it.
if the cache is dead try
http://www.usenix.org/publications/library/proc
I'm sorry to have to say that the article you
referred to contains a gross inaccuracy: the
exstimate of the cost of `cracking a smart card'
is way overinflated. Smart card technology is,
by its own very nature, not safe: any smart
card is vulnerable to power/timing attacks
and, even if expensive equipement helps, you
don't need that much in order to recover the
keys. As a matter of fact, given that amount of
money the simplest way to force the system is
an exaustive search on the 3des keyspace (yes,
3des is the algorithm). I would advise people to
read a bit more about Differential Power Analysis
before going to court... I would suggest anybody
interested
to try to find the proceedings of any
{Euro|Asia}crypt or of CHES (Cryptographic
Hardware and Embedded systems).
Regards,
lg
> .. smartcards can be hacked with a lot less money involved
> Try searching for it
http://citeseer.nj.nec.com/anderson97low.html is a good start. "Low Cost Attacks on Tamper Resistant Devices" (1997), Ross Anderson, Markus Kuhn.
rant
I think the interesting part is this just shows with enough big dollar corporate investment, even sophisticated security schemes can be cracked.
If cracking security helps your competition out of business, well, that could be worth several billion dollars. Investing $100 million would be money well spent.
In my community, the hacker community, a goal is to IMPROVE security by revealing it's flaws. But these guys broke security to make billions off of someone else's huge investment. That's very different.
Of course, like Enron, corporate executives should pay the price for much of the resulting destruction. It'd say that a good "20 years to life" sentence would be appropriate for all of those in this management chain. And if the worker-bees knew what they were up to, same thing: jail.
http://slashdot.org/comments.pl?sid=29435&cid=3
has reference to a much better paper from 2 years later and was posted 40 minutes ago and if you browsed at level-0 you would have spotted it.
The fact that its still at 0 is because moderation does not work very well which is why your post is at 2 karma and you let mine languish at 0.
You CANT do this to an iButton. as soon as you crack open the shell to expose the silicon a super rapid zeroization process starts inside.
They cant put this no-tamper technology on a smartcard, there is barely room and durability for what is there now.
Do not look at laser with remaining good eye.
A relevant paper (by Markus Kuhn, same guy who did the research about evesdropping on CRTs using the ambient light generated) here.
The Guardian's got two more pieces on this today, with more details about the collusion between NDS and "crackers", including the very seedy past of the NDS security chief Ray Adams. /.ers may recall it.
, 7541,6670 40,00.html
4 1,6669 67,00.html
The guts of it are the connections of NDS with a sat-piracy website called The House of Ill Compute (THoIC), which fell apart in spectacular fashion in the middle of last year when some of the site's members confronted the spy in their midst in a pub with evidence he was recording everything and passing it to NDS, and getting paid for it. Some UK
Here:
http://media.guardian.co.uk/news/story/0
and here
http://media.guardian.co.uk/news/story/0,75
From what I've read, they cut down the keyspace by (for instance) forcing the algorithm to execute wrongly and thus revealing substantial information about the keys.
Any sufficiently advanced technology is indistinguishable from a rigged demo
--Andy Finkel (J. Klass?)
The question is was the smart card a 0.40 euro or a 10 euro one. There are smartcards that:
Contain selfdestruct chemicals that immediately destroy chips core when opened (and they are pretty effective).
Perform logical operations on complementary values at the same time (first order differential power analysis wont work).
Have several polished layers of transistors( so you cant see the connection layout without carefully removing layers).
Have encrypted internal bus(so you cant read single bits from the bus, becouse they depend on each other).
Are designed to resist power failures (can't make that jump to crypto routine to become nop by dropping power or clock)
Generally are designed by paranoid and smart people. Cracking such cards is not possible in a garage according to public research. However, any smartcard can be hacked with enough determination and the correct solution is to make sure that hacking of one card only compromises that one card and not the entire system. However I don't think that limiting compromise is possible in broadcasting environment.
Yes a season can be very helpful but you won't get the sufficient amout of information about the encryption algorithm just by sniffing the traffic between the smartcard and the decoder.
Here in Europe, Canal Satelite uses the SECA encryption, which is absolutely cracked. Applying some bugs of the existing smartcards you can create a "masker key", which is a kind of "root" account in the card. When you have created this master key on the card, you are ready to add providers, channels, buy pay per view events and a lots of interesting things.
Here in Sweden Canal Digital uses Conax and there are no public codes or files so that you can unscramble the picture. (There are pirate cards, but rumor says that they have been stolen from factory or are MOSCed (modified original cards) On the other hand the largest provider Viasat and their system is compleately cracked.
By expoliting or MOSCing the providers card you can read out the management keys (keys used for decrypting operational keys wich are used for decrypting the picture) and of course add other keys and idents. You can also change the time period that determines how long you are allowed to watch a channel. Right now there even are scripts that unlocks canal digital (conax) cards.
You can find out more on satcodes.com
Or get the whole pdf (652kB) from usenix -- it's easier to add that to my library than the html. Thanks for a great link!
HIV Crosses Species Barrier... into Muppets