Cracking the Smartcards

← Back to Stories (view on slashdot.org)

Posted by michael on Wednesday March 13, 2002 @09:33PM from the corporate-warfare dept.

hanuman writes: "So you know you're a true hacker when: 'Breaking the encryption alone would cost up to $5m. The process demanded the use of ultra-expensive electron-scanning microscopes, with the team probing wafer-thin chips no bigger than a thumbnail. Each chip contained up to 50 layers, with each layer in turn carrying up to 1,000 transistors, every one of which had to be pulled apart and analysed.'." This is a follow-up to the Vivendi vs. News Corp. story with more details about what is alleged to have occurred. Update: 03/14 12:28 GMT by M : And yet another story, which alleges that the head of security at NDS funded the website that distributed the hack for their rival's smart cards.

7 of 215 comments (clear)

Low tech and ancient news. Read thise paper first by Anonymous Coward · 2002-03-13 21:43 · Score: 5, Informative

I know guyz that have done this (SEM in light fast vaccuums)... and won.

Read this VERY fascinating ggogle cache of the state of the art many years ago... :

http://www.google.com/search?q=cache:wybhqqCka28 C: www.usenix.org/publications/library/proceedings/sm artcard99/full_papers/kommerling/kommerling_html/

Its pretty darn good.

Now the world has progressed to kracking using varrying external clocks, SEM as routine, probe points, etc.

Everything is crackable.

The best researchers (with published findings) arent in isreal btw, they are in Britain.

please read that cached google paper, its really worth it.

if the cache is dead try :

http://www.usenix.org/publications/library/proce ed ings/smartcard99/full_papers/kommerling/kommerling _html/
Not so hard by Anonymous Coward · 2002-03-13 21:51 · Score: 5, Informative

I'm sorry to have to say that the article you
referred to contains a gross inaccuracy: the
exstimate of the cost of `cracking a smart card'
is way overinflated. Smart card technology is,
by its own very nature, not safe: any smart
card is vulnerable to power/timing attacks
and, even if expensive equipement helps, you
don't need that much in order to recover the
keys. As a matter of fact, given that amount of
money the simplest way to force the system is
an exaustive search on the 3des keyspace (yes,
3des is the algorithm). I would advise people to
read a bit more about Differential Power Analysis
before going to court... I would suggest anybody
interested
to try to find the proceedings of any
{Euro|Asia}crypt or of CHES (Cryptographic
Hardware and Embedded systems).

Regards,
lg
1. Re:Not so hard by swillden · 2002-03-14 01:38 · Score: 5, Interesting
  
  As a matter of fact, given that amount of money the simplest way to force the system is an exaustive search on the 3des keyspace (yes, 3des is the algorithm)
  This part makes me wonder if you're trolling. Well, if so, I bit. Searching the 3DES keyspace is not currently feasible, and won't be for quite some time. 3DES has an effective keyspace of ~111 bits (it's 112, but the complement property of DES keys, plus a number of weak keys reduce it by 1 bit and change). That's a keyspace that is 70,368,744,177,664 times larger than the 64-bit keyspace that distributed.net has been working on for over three years, and 18,014,398,509,481,984 times larger than the one Deep Crack can search in a week. Actually, Deep Crack isn't really set up to attack 3DES (because it's infeasible and the EFF guys that build Deep Crack aren't stupid), but if it could, this means that finding a 3DES key would take, on average, 346,430,740,566,961 years. Of course, Deep Crack only cost $250K, and that was a couple of years ago, so more money and newer technology might be able to reduce that by a factor of 100 or so. Hell, assume you can do 1000 times better, Then you'd only need 346 trillion years.
  112-bit keys won't be safe forever, but they'll be safe for the next decade or two at the very least, barring the discovery of flaws in DES, which has successfully stood against all comers for nearly 30 years.
  Regarding power analysis, see my other post on why power analysis is dead. Timing analysis is similarly infeasible.
  
  --
  Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
2. Re:Not so hard by dangermouse · 2002-03-14 04:10 · Score: 5, Funny
  
  Bah. You could always hit the key on the first try.
  Not even hard. I'll give it a shot this afternoon.
smart card cracking is not so easy... by Anonymous Coward · 2002-03-13 23:41 · Score: 5, Informative

The question is was the smart card a 0.40 euro or a 10 euro one. There are smartcards that:

Contain selfdestruct chemicals that immediately destroy chips core when opened (and they are pretty effective).

Perform logical operations on complementary values at the same time (first order differential power analysis wont work).

Have several polished layers of transistors( so you cant see the connection layout without carefully removing layers).

Have encrypted internal bus(so you cant read single bits from the bus, becouse they depend on each other).

Are designed to resist power failures (can't make that jump to crypto routine to become nop by dropping power or clock)

Generally are designed by paranoid and smart people. Cracking such cards is not possible in a garage according to public research. However, any smartcard can be hacked with enough determination and the correct solution is to make sure that hacking of one card only compromises that one card and not the entire system. However I don't think that limiting compromise is possible in broadcasting environment.
1. Re:smart card cracking is not so easy... by swillden · 2002-03-14 02:39 · Score: 5, Insightful
  
  Contain selfdestruct chemicals that immediately destroy chips core when opened (and they are pretty effective).
  Very cool. Can you point out any specific chips? I'm not familiar with any that have this feature.
  Perform logical operations on complementary values at the same time (first order differential power analysis wont work).
  Note that Kocher has described ways of defeating the complementary operations approach. It's based on the fact that because the set of transistors performing the complementary operations are not exactly the same as those performing the "correct" operations, it's possible to distinguish between them. But, yes, there are a variety of ways to defeat DPA and symmetric cryptography modern cards is not vulnerable to DPA (PK operations are still quite vulnerable, AFAIK).
  Have several polished layers of transistors( so you cant see the connection layout without carefully removing layers).
  Absolutely. And the layering is also structured to try to place more sensitive data near the center of the stack.
  Have encrypted internal bus(so you cant read single bits from the bus, becouse they depend on each other).
  The Dallas chips did this, but they were broken. Are there others?
  Are designed to resist power failures (can't make that jump to crypto routine to become nop by dropping power or clock).
  Yep, and you should also mention that they monitor other environmental factors like temperature levels, because attacks have been devised that exploit freezing chips or overheating them.
  Generally are designed by paranoid and smart people.
  And this is the best point in your post. Smart card chips are designed by smart, paranoid people who also try to break them and study the attacks that do succeed so they can build countermeasures to those attacks in the next round.
  Security is a constant cat and mouse game, with better and better attacks leading to better and better defenses. In the smart card world, the defenses have already progressed far beyond the stage where attacks you can perform in your garage are likely to be successful. Then again, there are plenty of smart card systems being designed and fielded by clueless idiots, so we'll be sure to see plenty more "Smart cards hacked!" stories on /.
  However, any smartcard can be hacked with enough determination and the correct solution is to make sure that hacking of one card only compromises that one card and not the entire system.
  Hear, hear. I've employed many paragraphs to make the same point. But I've never been accused of being overly concise ;-)
  However I don't think that limiting compromise is possible in broadcasting environment.
  Same signal to all consumers -> same decoding keys for every consumer -> all decoding cards are identical in critical ways. Yeah, seems like an intractable problem.
  
  --
  Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
You know what they say... by InterruptDescriptorT · 2002-03-14 01:48 · Score: 5, Funny

When scanning electron microscopes are outlawed, only outlaws will have scanning electron microscopes.

Looks like it's time to confiscate all the SEMs out there.

--
Karma: Excellent Birds (mostly as a result of listening to Laurie Anderson)