Cracking the Smartcards

hanuman writes: "So you know you're a true hacker when: 'Breaking the encryption alone would cost up to $5m. The process demanded the use of ultra-expensive electron-scanning microscopes, with the team probing wafer-thin chips no bigger than a thumbnail. Each chip contained up to 50 layers, with each layer in turn carrying up to 1,000 transistors, every one of which had to be pulled apart and analysed.'." This is a follow-up to the Vivendi vs. News Corp. story with more details about what is alleged to have occurred. Update: 03/14 12:28 GMT by M : And yet another story, which alleges that the head of security at NDS funded the website that distributed the hack for their rival's smart cards.

Re:smart card cracking is not so easy...

[swillden]

Contain selfdestruct chemicals that immediately destroy chips core when opened (and they are pretty effective).

Very cool. Can you point out any specific chips? I'm not familiar with any that have this feature.

Perform logical operations on complementary values at the same time (first order differential power analysis wont work).

Note that Kocher has described ways of defeating the complementary operations approach. It's based on the fact that because the set of transistors performing the complementary operations are not exactly the same as those performing the "correct" operations, it's possible to distinguish between them. But, yes, there are a variety of ways to defeat DPA and symmetric cryptography modern cards is not vulnerable to DPA (PK operations are still quite vulnerable, AFAIK).

Have several polished layers of transistors( so you cant see the connection layout without carefully removing layers).

Absolutely. And the layering is also structured to try to place more sensitive data near the center of the stack.

Have encrypted internal bus(so you cant read single bits from the bus, becouse they depend on each other).

The Dallas chips did this, but they were broken. Are there others?

Are designed to resist power failures (can't make that jump to crypto routine to become nop by dropping power or clock).

Yep, and you should also mention that they monitor other environmental factors like temperature levels, because attacks have been devised that exploit freezing chips or overheating them.

Generally are designed by paranoid and smart people.

And this is the best point in your post. Smart card chips are designed by smart, paranoid people who also try to break them and study the attacks that do succeed so they can build countermeasures to those attacks in the next round.

Security is a constant cat and mouse game, with better and better attacks leading to better and better defenses. In the smart card world, the defenses have already progressed far beyond the stage where attacks you can perform in your garage are likely to be successful. Then again, there are plenty of smart card systems being designed and fielded by clueless idiots, so we'll be sure to see plenty more "Smart cards hacked!" stories on /.

However, any smartcard can be hacked with enough determination and the correct solution is to make sure that hacking of one card only compromises that one card and not the entire system.

Hear, hear. I've employed many paragraphs to make the same point. But I've never been accused of being overly concise ;-)

However I don't think that limiting compromise is possible in broadcasting environment.

Same signal to all consumers -> same decoding keys for every consumer -> all decoding cards are identical in critical ways. Yeah, seems like an intractable problem.