Forwarded From: Brian Young <byoungat_private> http://www.nytimes.com/library/tech/98/06/cyber/articles/10smartcard.html June 10, 1998 Cryptographers Discuss Finding Of Security Flaw in 'Smart Cards' By PETER WAYNER A team of San Francisco-based computer scientists has spoken for the first time openly about their discovery of a major new technique that allows them to break the security system in tamper-resistant "smart cards." The technique, which monitors the cards' power consumption to break the codes, is a possible threat for some of the new digital transaction systems being tested in Europe and New York and makes life more complicated for computer security experts who often rely on these tamper-resistant cards to keep out intruders. The results have shaken up the smart card industry. John Beric, the head of security for Mondex International, a company that uses the cards for financial transactions, said in an interview this week that the company had completely rewritten its software to deal with the threat. "We've changed our mindset," he said. "We [write software] in a different way now." Marc Briceno, the director of the Smartcard Developer's Association, said of the development, "It's very real." And Peter Neumann, a scientist at the SRI International, a think tank based in Menlo Park, Calif., said the discovery had "enormous potential as another technique for breaking weakly designed and badly implemented devices." [snip.. see URL for rest of article] -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:55:51 PDT