Smart Cards Vulnerable to Photo-Flash Attacks?

belphegor writes "Researchers at the University of Cambridge have found a way to use a camera flash and microscope to extract data from smart cards. " Notable because its apparently relatively simple to do and really throws a monkey wrench into a variety of businesses that use smart cards to store important data.

They should have used the iButton

[swagr]

It immediatly destroys it's internal data when forced open.
Here's the link.

Re:They should have used the iButton

[egomaniac]

It's easy enough to open an iButton without destroying it. I seem to recall you just keep it in a pressurized N2 atmosphere while cracking the case, and it won't even realize that it has been opened.

smartcards have always been lacking

[Lumpy]

there is very little tamper protection on smartcards due to their flimsy construction. you cant make a rapid zeroization system on something that isn't rigid and tough enough to be driven over repeatedly by a car or take the huge amount of abuse the human carrier provides every day.

except... dallas semiconductor long ago created the ibutton that is more secure and better than any smartcard..

(I know I sound like a broken record, but ibuttons are way better and cooler than any smartcard, and you as a home hacker can use them!)

Re:smartcards have always been lacking

Um, the problem is when you have cryptographic information on the card.

Like a private RSA key and certificate. There are many companies that use that for authentication and encryption. The Navy's CAC card for example. Every people in the Navy will have one. You wouldn't want someone to be able to steal your private key off of your card.

Re:smartcards have always been lacking

[Ilgaz]

I live in Istanbul, Turkey... 12M+ city. If what I see is right (on that website), that iButton takes care of near whole transportation system here. In busses, metro, sea. There wasn't a single incident since years.

Its named "Akbil" (Smart Ticket), in demos they showed huge cars&stuff driven over them, nothing happened.

Oh btw, to remind how widely they are used they are, its like 80% iButton vs 20% regular tickets.

Re:smartcards have always been lacking

[pwagland]

OK, so smart cards are not tamper resistant. I don't see that any attack based around stealing a smart card is anything to worry about, assuming the card itself only stores dumb information like a sum of money or an id number.

And herein lies the problem. Smart cards don't only store "dumb information". In particular, from the article (which I assume you read?):

Some of the information stored in the card is in the form of a number composed of ones and zeros that cryptographers refer to as a "private key." That key is part of a two-key system that is used to encode and decode information. The security of such systems is compromised if the private key is revealed.

In particular, here in the Netherlands (and I believe elsewhere in Europe), you can get online access to your account (with most banks) by using your ATM card. This is accomplished since each ATM card has a smart card on the card. If you can get the secret key out of the card, then you can login to someone elses banking site. No you can't do this with the card alone, since you need to know the cards PIN to access the smart card functionality.

Easy to do?

[AlaskanUnderachiever]

Ok, maybe everyone else on slashdot has a full clean room. I mean, it could be a possibility. But when I hear phrases like "focusing light on a single transistor" and "Wentworth Labs MP-901 manual probing station" I tend not to think of simple or easy to do. I'm not saying you couldn't hack one, I'm just asking what % of criminals are going to have access to a "manual probing station"?

Re:Easy to do?

[saider]

Much of this can be had at auctions. Many companies upgrade their equipment and shove their older, but still functional equipment out the back door to anyone who will haul it off. I know one guy who does this and makes a fairly good living. I remember he had a cell tower tranciever once. I'm sure some people would know what to do with that, but I don't.

Re:as expected

Well and good, but the Constitution has no such language. I salute you for a troll subtle enough that most people wouldn't pick up on it, however.

Troll rating:

First paragraph sounds reasonable and authoritative: 1 point
Factual statement about privacy invasion: 1 point
Reference to the constitution with the word "decannual": 1 point
A spurious "quote" from the Constitution that only a slashdotter could have written: -1 point
Cliche'd ending sentence about our "forefathers": -1 point

While you should be proud that you have a troll rating in positive territory, that's still not enough to send you over the edge and spark a flame war. Try again, next time.

Re:It's relatively simple to do...

[JKR]

wouldn't it just be easier to yank the data with one of those smart-card reader/portable hard-drive things that ThinkGeek was advertising on here?

No, because the cards that are being talked about are cryptographically "secured", in some way or other. You'd find that, for example, you wouldn't be able to read out a private key required to descramble the program contents because the key wouldn't appear in the same memory space as the readable part of the card (this is how SD-card works).

The clever bit here is the use of high energy density light to tamper with "tamperproof" hardware.