Cracking the Smartcards

hanuman writes: "So you know you're a true hacker when: 'Breaking the encryption alone would cost up to $5m. The process demanded the use of ultra-expensive electron-scanning microscopes, with the team probing wafer-thin chips no bigger than a thumbnail. Each chip contained up to 50 layers, with each layer in turn carrying up to 1,000 transistors, every one of which had to be pulled apart and analysed.'." This is a follow-up to the Vivendi vs. News Corp. story with more details about what is alleged to have occurred. Update: 03/14 12:28 GMT by M : And yet another story, which alleges that the head of security at NDS funded the website that distributed the hack for their rival's smart cards.

Low tech and ancient news. Read thise paper first

I know guyz that have done this (SEM in light fast vaccuums)... and won.

Read this VERY fascinating ggogle cache of the state of the art many years ago... :

http://www.google.com/search?q=cache:wybhqqCka28 C: www.usenix.org/publications/library/proceedings/sm artcard99/full_papers/kommerling/kommerling_html/

Its pretty darn good.

Now the world has progressed to kracking using varrying external clocks, SEM as routine, probe points, etc.

Everything is crackable.

The best researchers (with published findings) arent in isreal btw, they are in Britain.

please read that cached google paper, its really worth it.

if the cache is dead try :

http://www.usenix.org/publications/library/proce ed ings/smartcard99/full_papers/kommerling/kommerling _html/

Always overstated

[Kris_J]

Whenever anything remotely like hacking occurs, the hacked company dramatically overstates all financial figures as well as the level of expertise required to perform the hack -- makes it seem more malicious. Damages always have at least 6 zeros (preferably 9) and you need to have a team of 15 people working 24/7 for months/years. When the truth is much closer to one person hacking away in a garage for a few weekends and finding a fundamental flaw. And damages? Well, with intellectual property it can often be argued that damages are negative, with the exposure being provided by a new technical option actually increasing the total number of people interested in spending money on a product.

Not so hard

I'm sorry to have to say that the article you
referred to contains a gross inaccuracy: the
exstimate of the cost of `cracking a smart card'
is way overinflated. Smart card technology is,
by its own very nature, not safe: any smart
card is vulnerable to power/timing attacks
and, even if expensive equipement helps, you
don't need that much in order to recover the
keys. As a matter of fact, given that amount of
money the simplest way to force the system is
an exaustive search on the 3des keyspace (yes,
3des is the algorithm). I would advise people to
read a bit more about Differential Power Analysis
before going to court... I would suggest anybody
interested
to try to find the proceedings of any
{Euro|Asia}crypt or of CHES (Cryptographic
Hardware and Embedded systems).

Regards,
lg

Re:Not so hard

[swillden]

As a matter of fact, given that amount of money the simplest way to force the system is an exaustive search on the 3des keyspace (yes, 3des is the algorithm)

This part makes me wonder if you're trolling. Well, if so, I bit. Searching the 3DES keyspace is not currently feasible, and won't be for quite some time. 3DES has an effective keyspace of ~111 bits (it's 112, but the complement property of DES keys, plus a number of weak keys reduce it by 1 bit and change). That's a keyspace that is 70,368,744,177,664 times larger than the 64-bit keyspace that distributed.net has been working on for over three years, and 18,014,398,509,481,984 times larger than the one Deep Crack can search in a week. Actually, Deep Crack isn't really set up to attack 3DES (because it's infeasible and the EFF guys that build Deep Crack aren't stupid), but if it could, this means that finding a 3DES key would take, on average, 346,430,740,566,961 years. Of course, Deep Crack only cost $250K, and that was a couple of years ago, so more money and newer technology might be able to reduce that by a factor of 100 or so. Hell, assume you can do 1000 times better, Then you'd only need 346 trillion years.

112-bit keys won't be safe forever, but they'll be safe for the next decade or two at the very least, barring the discovery of flaws in DES, which has successfully stood against all comers for nearly 30 years.

Regarding power analysis, see my other post on why power analysis is dead. Timing analysis is similarly infeasible.

Re:Not so hard

[dangermouse]

Bah. You could always hit the key on the first try.

Not even hard. I'll give it a shot this afternoon.

Re:Well, no

[armb]

> .. smartcards can be hacked with a lot less money involved
> Try searching for it

http://citeseer.nj.nec.com/anderson97low.html is a good start. "Low Cost Attacks on Tamper Resistant Devices" (1997), Ross Anderson, Markus Kuhn.

Other ways of cracking

[Guiri]

You can build a hardware device called Season2 interface, which allows you to plug it into the decoder, and then plug the smartcard into the Season2. This device has a serial port conector, so you can connect it to the computer, and then "sniff" all the traffic between the card and the decoder.

Here in Europe, Canal Satelite uses the SECA encryption, which is absolutely cracked. Applying some bugs of the existing smartcards you can create a "masker key", which is a kind of "root" account in the card. When you have created this master key on the card, you are ready to add providers, channels, buy pay per view events and a lots of interesting things.

Also there are lots of emulation software you can program into some pics (16f84, 16f876) and build a smartcard (piccard, piccard2), so you are able to watch all channels for free with these cards.

perfectly laughable

[dario_moreno]

is this the best they could come with to justify
their losses ? Jean-Marie Messier (J2M) is just
a stupid fool with hypertrophied ego.

The Universal music division made also a laugh
of themselves by taking 5 years to release
their music encryption scheme, which was cracked
in 2 weeks, and had been overtaken by mp3s three
years before. They did not understand that they
could make money with mp3s (by merchandise,
concerts, and stuff) and keep spending billions
developing stupid encryptions, crashing web sites
and harrassing highschool students trading mp3
CDs.

Canal+ France was once a great channel, with all
major blockbusters maybe 10 months old,
great prOn, soccer, and excellent humor and hosts.
Nowadays they show less than half of the
good movies of the year before, most of them
being actually 18/24 months old (because they
have to go through their lameass pay per view channels first), run old TV movies, have
lost many of their young talents, audience
has plumetted to 1 % marketshare, prices
went up (some say that in the 80s coke was free
for everyone at their parties, now even
the prices of the other kind of coke at the
vending machines have gone up).

And they blame it on Murdoch and the Israelies !

Investments in Cracking

[standards]

I think the interesting part is this just shows with enough big dollar corporate investment, even sophisticated security schemes can be cracked.

If cracking security helps your competition out of business, well, that could be worth several billion dollars. Investing $100 million would be money well spent.

In my community, the hacker community, a goal is to IMPROVE security by revealing it's flaws. But these guys broke security to make billions off of someone else's huge investment. That's very different.

Of course, like Enron, corporate executives should pay the price for much of the resulting destruction. It'd say that a good "20 years to life" sentence would be appropriate for all of those in this management chain. And if the worker-bees knew what they were up to, same thing: jail.

Re:Investments in Cracking

[Rogerborg]

• In my community, the hacker community, a goal is to IMPROVE security by revealing it's flaws. But these guys broke security to make billions off of someone else's huge investment. That's very different [and they should be jailed for 20 years to life]

Whoa there just a second. Before we all start cheering "You go, geek!", let's analyse what you've just said.

It's OK for you to crack encryption and to disclose it - responsibly, I'm sure you'll claim, but you'll have to pick your own definition for what that actually means - because your intention is to help the creators improve it.

It's 20 years to life for an NDS employee to perform substantially similar actions, simply because their intention is different.

You probably reckon that if you ever screw up a disclosure (information wants to be free, right?), and information gets into the wild that helps commercial pirates to sell cracked cards, then it's a no-foul simply because you're one of the good guys. In that case the damages to rights owners is just an unfortunate accident, it wasn't your fault, it was that 1337_h4x0r guy you'd known for three whole weeks on IRC, who promised he was a white hat and that you could trust him with the disclosure, and so on.

I can understand your stance, but I'd suggest that in practical terms that any disclosures you make will be judged (prosecuted, rather) on the consequences, and that you'll have to rely on your good intentions purely as a last ditch defence, and not as a cloak of invulnerability. I'd be very careful about wishing for long sentences for black hats, because I suspect that a jury might be rather less inclined to believe a plea of "I never meant to hurt anyone" from someone that the prosecution has just described as an evil computer hacker with a track record of hiding behind anonymous pseudonyms ("standards") to cover up his nefarious acts.

In other words: don't be too sure that something as fragile as the truth will protect you. Lawyers get paid a lot of money to lie very convincingly on behalf of their clients. How convincing could you be if you ever have to prove your innocence?

Re:Well, no 40 minutes ago a better post...

http://slashdot.org/comments.pl?sid=29435&cid=31 61 644

has reference to a much better paper from 2 years later and was posted 40 minutes ago and if you browsed at level-0 you would have spotted it.

The fact that its still at 0 is because moderation does not work very well which is why your post is at 2 karma and you let mine languish at 0.

Sensationalist.

[Noryungi]

Canal+ has a very long history of crackers kicking the living daylights out of their encryption/scrambling schemes.

When the channel was launched in the early '80s, it took less than two months for the electronic schematics of a "pirate" descrambler to be posted in a popular electronics magazine... who quickly pulled the issue from the shelves when sued by Canal+. It's been downhill ever since.

A lot of web sites in Belgium, Switzerland and the UK (hint: border countries) actually advertise pirate descramblers or electronics schematics.

I seriously doubt the company attacked by Canal+ had to spend millions and millions of $$$ to crack the scrambling -- the figure (as well as Canal+ losses) were probably grossly over-inflated by greedy lawyers and C+ legal department.

One final note: Canal+ has a nasty reputation in France and in the rest of Europe for cracking down hard on pirates & crackers. Jean-Marie Messier (CEO of Vivendi/Universal/Canal +), who is a complete megalomaniac, is probably to prove he has got a bigger... Uh... large... Ahem... hairy cojones than News Corps's CEO.

Just my 0.02 Euros.

Re:The players and the gizmos of pay TV

[Lumpy]

Wrong.. the smartcard does no decryption of video. The smartcard in the H card is a 4mhz processor It does nothing but verification of authentication tokens and then tells the reciever to display correctly hotpornnet or to not display it correctly.

The smartcard is primarily used to store and decrypt the decoding key for the reciever.

If the video was being decoded in the card, then the card emulator hack that is used on the sucessful sattelite tv pirates systems wouldnt work as most use 286 and 386 machines that boot from a floppy.

except for the main incentive

[osolemirnix]

While all you say may be true and the reporting of how the hack has occured may be wildly exaggerated (electron microscopes, etc.), some facts remain:

• The cracked cards will ruin Canal+'s business (or have already done so).
• Murdochs media empire certainly gains a very strong strategic advantage by a ruined competition.
• Thus, Murdochs media empire does have a strong incentive.

Even if it didn't take place as they claim, this would certainly be a working strategy: crack your competitions technology, release it anonymously on the net in an easy-to-use form and let the script-kiddies do the rest. I guess we'll be seeing more of that tech/cyberwar in the future.

smart card cracking is not so easy...

The question is was the smart card a 0.40 euro or a 10 euro one. There are smartcards that:

Contain selfdestruct chemicals that immediately destroy chips core when opened (and they are pretty effective).

Perform logical operations on complementary values at the same time (first order differential power analysis wont work).

Have several polished layers of transistors( so you cant see the connection layout without carefully removing layers).

Have encrypted internal bus(so you cant read single bits from the bus, becouse they depend on each other).

Are designed to resist power failures (can't make that jump to crypto routine to become nop by dropping power or clock)

Generally are designed by paranoid and smart people. Cracking such cards is not possible in a garage according to public research. However, any smartcard can be hacked with enough determination and the correct solution is to make sure that hacking of one card only compromises that one card and not the entire system. However I don't think that limiting compromise is possible in broadcasting environment.

Re:smart card cracking is not so easy...

[swillden]

Contain selfdestruct chemicals that immediately destroy chips core when opened (and they are pretty effective).

Very cool. Can you point out any specific chips? I'm not familiar with any that have this feature.

Perform logical operations on complementary values at the same time (first order differential power analysis wont work).

Note that Kocher has described ways of defeating the complementary operations approach. It's based on the fact that because the set of transistors performing the complementary operations are not exactly the same as those performing the "correct" operations, it's possible to distinguish between them. But, yes, there are a variety of ways to defeat DPA and symmetric cryptography modern cards is not vulnerable to DPA (PK operations are still quite vulnerable, AFAIK).

Have several polished layers of transistors( so you cant see the connection layout without carefully removing layers).

Absolutely. And the layering is also structured to try to place more sensitive data near the center of the stack.

Have encrypted internal bus(so you cant read single bits from the bus, becouse they depend on each other).

The Dallas chips did this, but they were broken. Are there others?

Are designed to resist power failures (can't make that jump to crypto routine to become nop by dropping power or clock).

Yep, and you should also mention that they monitor other environmental factors like temperature levels, because attacks have been devised that exploit freezing chips or overheating them.

Generally are designed by paranoid and smart people.

And this is the best point in your post. Smart card chips are designed by smart, paranoid people who also try to break them and study the attacks that do succeed so they can build countermeasures to those attacks in the next round.

Security is a constant cat and mouse game, with better and better attacks leading to better and better defenses. In the smart card world, the defenses have already progressed far beyond the stage where attacks you can perform in your garage are likely to be successful. Then again, there are plenty of smart card systems being designed and fielded by clueless idiots, so we'll be sure to see plenty more "Smart cards hacked!" stories on /.

However, any smartcard can be hacked with enough determination and the correct solution is to make sure that hacking of one card only compromises that one card and not the entire system.

Hear, hear. I've employed many paragraphs to make the same point. But I've never been accused of being overly concise ;-)

However I don't think that limiting compromise is possible in broadcasting environment.

Same signal to all consumers -> same decoding keys for every consumer -> all decoding cards are identical in critical ways. Yeah, seems like an intractable problem.

Cracking smart cards

[brejc8]

I spent a few months cracking ARM 60 CPUs and seeing if I could find the key kept in the memory by observing the power consumption. Using a fast storage scope I could simply hook onto sequences in the program (branches are easily visible) and find the operations on the key. The power measurements told me how many bits in the key were on or off when driving the ALU read bus. As the algorithm was working with bytes it was very easy to find most of the bits of information. From a 32bit (4 billion combinations) key I could get down to about 2000 possibilities. From there its easy to just try them all out. Synchronous processors were very simple to crack. Asynchronous processors didn't have easily visible features like the clock to find the key instructions. They also have temporal shifts so different runs have the instructions executing at different times dependant on the data. From an asynchronous Amulet2e I could only get two or three bits of information (down to 1 billion possibilities).

You know what they say...

[InterruptDescriptorT]

When scanning electron microscopes are outlawed, only outlaws will have scanning electron microscopes.

Looks like it's time to confiscate all the SEMs out there.

DeCSS and Canal+ -- Hypocritical Posts?

[Compulawyer]

In other posts (they may have been in the other /. story posted earlier) I read comments that in effect said that people were hypocritical if they supported posting DeCSS code and not the code that decrypts Canal+'s system. If in fact the reason people are drawing a distinction between the 2 because one scheme was cracked by an individual person and the other by a global corporation with millions of $ to pump into R&D, then I agree, that distinction is hypocritical. However, there is a principled distinction that can be drawn between the 2 based on intent.

The lawsuit alleges that Murdoch's company released the information with the intent that others would use the information to steal proprietary information (the video streams) from Murdoch's competitors. That is MUCH different than cracking a scheme for the sake of the knowledge itself or merely to see if it can be done.

The former case is analogous to the following: Employee has combination to Boss' safe where all company assets are kept. Employee and Boss have an antagonistic relationship. Employee publishes an ad in "Robbers Daily News" with the address of the business and safe combination knowing (or hoping with a high probability that his hope will come true) that Robber reading the RDN will use the combination and steal the assets. Robber actually does use and steal. Employee is part of a conspiracy to steal the company's assets and is guilty of the theft as much as Robber. Don't say that my scenario is not accurate - I assure you as a lawyer that under this hypothetical situation, Employee is a conspirator.

Also, don't say that trying to look at the subjective intent of the actors kcreates an unworkable situation because WE DO IT EVERY DAY. In courts all across this and other countries around the world, we use the intent of the actor to determine the guilt of people for crimes (or to determine levels of guilt) or liability for civil offenses. Example: Man runs Woman over with car. Did Man intend to kill woman? If yes == murder. If no == somehting else. Did Man drive recklessly such that his actions constituted a depraved indifference to human life. If yes == murder or homocide. If no == something else. Was Man driving carelessly? If yes == involuntary manslaughter or negligent homocide. If no == something else. Was Man driving according to all posted rules and carefully? If yes == accident, no intent (or substitute for intent like recklessness), therefore NOT GUILTY.

Although it is more work looking at subjective intent, it usually provides a more thorough examination of the situation and an individualized solution. Simple, bright line rules just do not work well in complex situations. Case in point: the DMCA.