[ISN] Code Breaker Cracks Smart Cards' Digital Safe

From: mea culpa (jerichoat_private)
Date: Mon Jun 22 1998 - 19:08:10 PDT

  • Next message: William Knowles: "[IWAR] CIA says China and others focus on U.S. computer flaws"

    Forwarded From: Nicholas Charles Brawn <ncb05at_private>
    (ART ADV: Photo showing Paul Kocher is being sent to NYT photo clients.
    Graphic is being sent to NYT graphic clients. Non-subscribers can make
    individual purchase by calling 212-556-4204 or 1927.)@
    To the companies in the smart-card business, Paul Kocher may be too smart
    for their own good.
    For the last year, Kocher's four-man consulting firm in San Francisco has
    kept big credit-card companies and banks on edge by sharing details of his
    discovery of a way to break into the newest version of smart cards -
    credit-card size devices that contain a tiny computer chip and can be used
    for a variety of purposes including storing so-called digital cash.
    Although Kocher's intent has been to warn the industry and sell it possible
    solutions, his expertise - in the hands of thieves, counterfeiters or
    impostors - could compromise the security safeguards of smart cards, which
    are coming into widespread use in the United States and Europe.
    The cards are at the center of the plans by the banking and credit-card
    industries to cut costs and improve customer convenience by replacing
    conventional magnetic-stripe cards with ones that not only can act as a
    debit or automated-teller-machine card but can also be loaded with digital
    cash that would function as legal tender wherever merchants hav power
    consumption of the chip.
    It is a sophisticated type of analysis, but the rudimentary "laboratory" -
    in this case a three-room office suite, some garden-variety PCs and several
    thousand dollars of electronics equipment - indicates that it does not
    require elaborate tools to crack what is supposed to be a highly secure
    digital safe.
    As details of the technique circulate, as they invariably do in the hacker
    underground, imitators will almost certainly try to duplicate Kocher's
    experiment. For his part, Kocher, who at 25 is already a well-known expert
    in code breaking, said, "As the expertise becomes more widely available,
    the threats will become more than academic."
    Peter Neumann, a computer scientist at SRI International, a research group
    in Menlo Park, Calif., said the approach had "enormous potential as another
    technique for breaking weakly designed and badly implemented devices."
    Though already in wide use as bank cards in Europe, smart cards in the
    United States have been mainly used so far for controlling access to
    buildings and protecting against fraudulent use of new types of cellular
    telephones. But U.S. banks have begun experimenting with the cards, as
    Chase Manhattan is doing in a test of Mastercard International's Mondex
    system on the Upper West Side of New York City.
    Banks trust that the computer chips embedded in tamper-resistant packaging
    will act like a virtual branch office, dispensing money and crediting
    accounts to the right people. But if someone could break through the card's
    defense, then that person could conduct fraudulent transactions, load
    counterfeit digital cash onto the cards or create various other forms of
    So even as smart-card executives seek to play down the threat posed by
    Kocher's discovery, and they stress that no known break-ins of his sort
    have occurred in the real world, the industry knows it must continuously
    improve smart-card software and hardware.
    "In a sense, this is an arms race; the attackers will always get better,"
    said Richard Fletcher, the head of strategy and planning of Mastercard's
    Mondex smart-card division. "The only defense and the best defense against
    future attacks is to keep moving and keep changing."
    Gerald Hubbard is the vice president of marketing in the United States for
    Bull Smart Cards, a company that says it has shipped more than 120 million
    money-carrying smart cards throughout the world. He said that his company
    had known about the Kocher type of attack for more than four years and had
    installed safeguards to thwart it. But, Hubbard said, "You can never say a
    card is 100 percent immune."
    In fact, some other industry executives expect it to take perhaps two years
    before there will be smart cards and related hardware that will be
    impervious to Kocher's type of attack.
    Kocher said he had approached the smart-card industry last year with the
    details of his discovery because he knew that criminals might also use the
    same tricks. But he said that he did not publicize his findings, so that
    the industry would have time to adopt defenses, including techniques for
    which he has filed for patents and which he is now licensing to the
    He publicly announced the smart-card security flaw two weeks ago, only
    after The Australian Financial Review published an article about his
    break-in technique.
    Kocher's company, Cryptography Research, analyzes and tests
    computer-security hardware and software for many of the leading computer
    companies. His discoveries of flaws in supposedly secure technologies have
    drawn attention in the past - as in 1995, when he found that he could break
    into smart cards by simply timing how long it took them to process data.
    In the case of this newly disclosed smart-card problem, Kocher and his
    colleagues found that the cards' consumption of electrical power could
    disclose vital information about the secret key that protects the money or
    other data on the chip.
    By watching the monitor of an oscilloscope, a device that measures the
    power use on a screen similar to the way a cardiac monitor displays a
    patient's heart action, Kocher's team was able in some cases to use the
    electrical pattern from a single transaction to decipher the key to the
    code. In other cases, they were forced to use more sophisticated
    statistical techniques to analyze the results from as many as 1,000
    Kocher said his team had spent at least as much time looking for solutions
    as it had in identifying the security flaw. A possible remedy involves
    masking the transaction in digital noise by adding meaningless random
    calculations that would consume random amounts of current.
    Another possible solution, which according to Mastercard officials is being
    incorporated in the latest version of its Mondex smart-card software, is to
    vary the order of the operations in the software to make it more difficult
    to identify patterns in the consumption of power.
    A banking-industry goal with smart cards is to cut costs by eliminating the
    need for central approval of a debit or credit transaction. By some
    estimates, the marginal costs for clearing a smart-card transaction are
    well under a penny. Credit-card transactions, however, typically require a
    long-distance computer network and a large central database for examining
    each deal, and the transaction eventually means billing a customer and
    cashing the payment checks.
    These steps add up to 25 cents a transaction, on average, compared with
    about a penny for a smart-card transaction, in which all the authorization
    information - and even the money itself - can be contained on the card's
    To create an audit trail that might help track fraud, however, Visa
    International's smart-card system uses merchant terminals that report
    transactions to a central data base at the end of each day. "We don't feel
    it is a good idea to have the security depend upon the chip itself," said
    Philip Yen, a senior vice president of Visa International. "We think it's
    more important to have complete system security."
    Fletcher, of Mastercard's Mondex, contends that including any sort of
    central control runs counter to the purpose of a smart card - giving
    customers the ability to use the money on a card just like cash.
    "The critical point of any digital cash system is that you're off line," he
    said. "There's no online link at that point. You're critically dependent
    upon the card's security."
    As the banks debate the security trade-offs, there is one certainty: Paul
    Kocher and others like him will continue to look for chinks in the
    smart-card armor. And as Kocher likes to remind the industry, "We have not
    yet encountered a card that couldn't be broken."
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:56:33 PDT