Re: Smartcard Security?

Eric Murray
Fri, 02 Feb 2001 04:41:22 -0800
On Thu, Feb 01, 2001 at 12:04:37AM -0800, Brad B wrote:
> I know NOTHING about Crypto/Smartcard tech, so please don't flame me, as I
> have nothing to defend myself with (hehe).
> 
> However, I was watching a thing on CSPAN about voting technology, and some
> guy was showing off an electronic system that used smartcards, some college
> professor who was against technological integration into the voting system
> noted he had a colleague who use exponential (something or other, maybe
> deduction or division). He monitored the card as it talked to a host to
> deduce the key, and he's been able to do this on ALL current smart card
> models to date. He's been working w/the smart card manufacturers however, so
> they should get more secure eventually.
> 
> 
> [There has been substantial work done on breaking smart cards using
> techniques such as fault analysis, power analysis, timing analysis,
> and other fun stuff like that. It isn't clear such issues are all
> fixable. I suspect many of cryptography readers are experts on this
> subject... --Perry]

See http://www.ftp.cl.cam.ac.uk/ftp/users/rja14/dfa
and http://www.cryptography.com/dpa/index.html.

Even if it's possible to make a secure smartcard, smartcards are usually
used with insecure readers- a "dumb" reader that's attached to a PC.
The PC tells the reader to tell the card to sign something (a vote in this
case) by taking a hash of the data, putting it into a smartcard command,
and sending that through the reader to the card.  The card sends back
the hash signed with the card's secret key.

The security problem here is that the PC is not secure- an attacker could
modify it so that the attacker's hash is signed rather than the real hash.
PC operating systems aren't secure, and many smartcard libraries (like
PC/SC) are of a 'stacked' design which allow modules to be plugged
in readily.  The user has no way of knowing what the card is signing.

It's possible to more or less fix this problem with dedicated readers
that have displays and authenticate their input, but the market doesn't
seem to be ready for them yet.

-- 
  Eric Murray           Consulting Security Architect         SecureDesign LLC
  http://www.securedesignllc.com                            PGP keyid:E03F65E5
Reply via email to