Smart Cards Vulnerable to Photo-Flash Attacks?

belphegor writes "Researchers at the University of Cambridge have found a way to use a camera flash and microscope to extract data from smart cards. " Notable because its apparently relatively simple to do and really throws a monkey wrench into a variety of businesses that use smart cards to store important data.

They should have used the iButton

[swagr]

It immediatly destroys it's internal data when forced open.
Here's the link.

Re:They should have used the iButton

[egomaniac]

It's easy enough to open an iButton without destroying it. I seem to recall you just keep it in a pressurized N2 atmosphere while cracking the case, and it won't even realize that it has been opened.

Re:They should have used the iButton

[arkanes]

Yeah, because I have this pressurised N2 atmosphere sitting over here in my basement...

Re:They should have used the iButton

[Tackhead]

> Yeah, because I have this pressurised N2 atmosphere sitting over here in my basement...

I tried building that. I'm 70% of the way there.

smartcards have always been lacking

[Lumpy]

there is very little tamper protection on smartcards due to their flimsy construction. you cant make a rapid zeroization system on something that isn't rigid and tough enough to be driven over repeatedly by a car or take the huge amount of abuse the human carrier provides every day.

except... dallas semiconductor long ago created the ibutton that is more secure and better than any smartcard..

(I know I sound like a broken record, but ibuttons are way better and cooler than any smartcard, and you as a home hacker can use them!)

Re:smartcards have always been lacking

[Jon+Peterson]

OK, so smart cards are not tamper resistant. I don't see that any attack based around stealing a smart card is anything to worry about, assuming the card itself only stores dumb information like a sum of money or an id number.

Guess what?! Criminals can read the information from a credit card using nothing more sophisticated than their eyes! Does this render credit cards an appalling security risk? No, because when it gets stolen you report it and cancel the card.

Now, if someone figures out a way to _write_ to the smart card to people can top up sums of money or whatever, that's a problem. Also, if the smartcard stores data that's useful in itself - say your real naem and address, or other bank account numbers, or what have you, then you certainly don't want that being read by someone else.

No worries, we'll just pass more laws...

[Dimensio]

All that needs to happen is for makers of smart cards to send money to Congresscritters to pass laws against smart card "circumvention devices" and have anyone making, selling or posessing a flash-based camera arrested.

Remember, when a security technology is comprimised you don't improve the technology, you outlaw anything that exposes its weakness.

Re:No worries, we'll just pass more laws...

[nolife]

This happened in the past with the padding of the cell phone industry. Analog mode cell phones send clear audio over the air in roughly the 868-890 MHz range. To protect the cell phone industry, the government passed a law in 1994 to prevent the sale of consumer radio scanners from receiving these frequencies. That worked for a while but many scanners were easily 'hacked' to get this region back. In 1997 the law was modified/changed to make it illegal to modify a scanner and companies had to produce scanners that were tamper proof.

These air bands were open to public ears for decades before the cell phone industry came to life. They chose to use "plain text" audio for analog transmissions to save money with no regard for your privacy. The government stepped in to bail them out when scanning these frequencies became popular and to give the public a false sense of security so they would buy more of them and keep the cell phone industry going strong.

It is also illegal to listen to analog cordless phones (46-49MHz/900MHz) but there is no law preventing the scanners from receiving these bands. I guess the cordless guys could not drum up enough soft money to get that through.

So let me get this straight,

[Civil_Disobedient]

Lemme see if I understand right. Reverse engineer hardware to show its inherit ineffectualness -- that's ok. Reverse engineer software to show its inherit ineffectualness -- that's illegal.

Ok, just making sure.

Easy solution: Nanotubes

[MontyP]

All they need to do is intertwine single wall carbon based nano tubes throughout the memory. When the camera flash hits the memory, the memory will self destruct.

Easy to do?

[AlaskanUnderachiever]

Ok, maybe everyone else on slashdot has a full clean room. I mean, it could be a possibility. But when I hear phrases like "focusing light on a single transistor" and "Wentworth Labs MP-901 manual probing station" I tend not to think of simple or easy to do. I'm not saying you couldn't hack one, I'm just asking what % of criminals are going to have access to a "manual probing station"?

The handyman's secret weapon

[gambit3]

"We used duct tape to fix the photoflash lamp on the video port of a Wentworth Labs MP-901 manual probing station," they wrote in their paper.

No matter how high tech, there's no experiment that can't be improved with duct tape

it's sad this springs to mind.

[BreakWindows]

A team of researchers from I.B.M.'s Thomas J. Watson Laboratory in Yorktown Heights, N.Y., said they would present a report at the conference based on their discovery ...

Dmitri called. He said if you see any guys in cheap suits applauding on stage right, exit stage left.