[ISN] Cryptographers Discuss Finding of Security Flaw in 'Smart Cards'

From: mea culpa (jerichoat_private)
Date: Fri Jun 12 1998 - 18:06:50 PDT

  • Next message: mea culpa: "Re: [ISN] Strong Crypto Kills?"

    Forwarded From: Brian Young <byoungat_private>
    June 10, 1998
              Cryptographers Discuss Finding
              Of Security Flaw in 'Smart Cards'
              By PETER WAYNER
              A team of San Francisco-based computer scientists has spoken for
    the first time openly about their discovery of a major new technique that
    allows them to break the security system in tamper-resistant "smart cards."
              The technique, which monitors the cards' power consumption to break
    the codes, is a possible threat for some of the new digital transaction systems
    being tested in Europe and New York and makes life more complicated for
    computer security experts who often rely on these tamper-resistant cards to
    keep out intruders.
              The results have shaken up the smart card industry. John Beric, the
    head of security for Mondex International, a company that uses the cards for
    financial transactions, said in an interview this week that the company had
    completely rewritten its software to deal with the threat. "We've changed our
    mindset," he said. "We [write software] in a different way now."
              Marc Briceno, the director of the Smartcard Developer's Association,
    said of the development, "It's very real."
              And Peter Neumann, a scientist at the SRI International, a think tank
    based in Menlo Park, Calif., said the discovery had "enormous potential as
    another technique for breaking weakly designed and badly implemented devices."
    [snip.. see URL for rest of article]
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:55:51 PDT