The short answer to this question is yes. Finread specifies an isolated secure computing environment which can act as a secure intermediary between the smartcard and whoever needs to use the smartcard. This secure environment can also be authenticated to ensure that only true Finread readers may run Finread applications. A reader is verified using what the specs call a Finread Card Reader Identification Application (FCRIA).
Mike On 3/5/02 7:47 PM, "Jason Barkeloo" <[EMAIL PROTECTED]> wrote: > specs are designed to do? > > jb > > > > From: Michael Gile ([EMAIL PROTECTED]) > Date: Mon Jan 21 2002 - 16:27:57 CST > > The security problem with smart cards is not key recovery. It is the fact > that the smart card must rely on a standard PC (or other insecure host) for > input and output. > > For example, say we have a smart card with a signing application that will > sign arbitrary data from the host PC (an oracle). The attacker no longer > needs access to the key, only an application that can send data to the card. > Even when adding authorization to the key usage (for example a PIN), an > attacker needs only access to the insecure host machine and can then recover > the PIN itself or send bogus data to be signed. > > The solution to the smart card attacks above is to add a secure > communication channel to some special purpose server through which only > encrypted data is ever transmitted outside the card, or provide a more > robust mechanism to the user that can be used for secure input and allows > more storage and computing power on the card itself. > > Regards, > > Michael Gile > Wave Systems Corp. > [EMAIL PROTECTED] > [EMAIL PROTECTED] > > On 1/21/02 12:39 PM, "Matthias Bruestle" <[EMAIL PROTECTED]> wrote: > >> On Sun, Jan 20, 2002 at 08:03:26PM -0800, David Corcoran wrote: >>> I've got Ben Laurie (yes, the famous Apache hacker) on another list >>> claiming that smart cards are weak storage for keying material. >>> e.g. that physical access to the card is all that is needed for a >>> motivated hacker to pry the key out of the card. >> >> I have never tried to crack a smart card or have much knowledge about >> the technical devices needed, but I have read quite a bit and had to >> do with cards, industry, etc.. >> >> My estimation of the situation: >> >> Smart card manufacturers try to make these as secure as possible, >> but smart cards are a cheap mass product. >> >> I do think, that cracking of smart cards is hard, but not impossible. >> And it is getting harder and harder, because there are are improvements >> in the smart card area regarding security, e.g. in the Infineon series >> 44 -> 66S -> 66P. (I'm most familiar with these ICs.) I do believe, >> that the 66P series from Infineon for at least some years secure against >> reading the content of the EEPROM by students and also more sophisticated >> hackers. This is because of the security features they have and because >> so many firms and government agencies do trust them. It would be very >> bad publicity for them if a card would be cracked. But I do not believe, >> that the 66P is secure against the laboratory and knowledge of e.g. Intel. >> >> For the 66S there seams to be not so much trust, e.g. the German >> signature cards from Telesec hat originally a 66S chip and were replaced >> by cards with a 66P. For the 44 there is, as it appears, even much less >> trust, thatn for the 66S. >> >> If you only want to read out a key, some form of power analysis would >> be enough. You need here not very expensive equipment. Card and OS >> manufacturers try als to be secure against this and they do apparently >> also try themself (or pay others to do so) to attack their cards with >> power analysis. My opinion is, that it is very difficult to do a power >> analysis attack with modern cards, but I am not convinced that it is >> impossible. What might make it impossible is to try to design a power >> analysis resitant protocol. E.g. with some sort of error counter. >> >> These are not definite answers. Here is probably a similar situation >> than in the cryptography area. but surrounded by non-openess. >> >> So my advice is to design a smart card application, that an attacker >> can not gain much value, and also to develop some plans what to do, >> if a card get's cracked. >> >> If there is interest, I can also write some about evaluation according to >> ITSEC/CC. >> >> >> Mahlzeit >> endergone Zwiebeltuete > > > > Jason Barkeloo > Director of Research > ACEtek Research > tele 513.225.8765 > http://metaskilled.tripod.com > > > *************************************************************** > Unix Smart Card Developers - M.U.S.C.L.E. > (Movement for the Use of Smart Cards in a Linux Environment) > http://www.linuxnet.com/ > To unsubscribe send an email to [EMAIL PROTECTED] with > unsubscribe sclinux > *************************************************************** *************************************************************** Unix Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/ To unsubscribe send an email to [EMAIL PROTECTED] with unsubscribe sclinux ***************************************************************
