> There have been a few articles about smartcard attacks recently. I would
> like to pose a few points in regard to.
>
> 1) These attacks all require physical access to the card. They cannot be
> done remotely.
> 2) These attacks assume the user has not realizes they have lost their
> card and has therefore not notified their helpdesk to have the card
> revolked.
> 3) These attacks require the user to very carefully remove layers from the
> outside of the chip to expose the card. This is not easy - in most
> cases the chip is ruined.
> 4) These are trial and error attacks - by changing the values of data
> stored in eeprom, the attacker hopes to change the behavior of the card
> and have it malfunction by returning data the attacker wants to know.
> Consider this like a game of minesweeper. You have 262,144 bits in 32k
> The majority of those bits being changed will deem the card useless.
> In the other cases, unuseful data might be returned. Even if the data
> was unciphered in the eeprom (not likely), the user must know where to
> look for the data which in most cases isn't linear.
> 5) These attacks are well known - changing the power, clock to get the
> card to malfunction. Heat, Cold, whatever - most do not work and the
> attacker has to know alot about the card and data on it. If I wanted
> to put this work to get free GSM service why not steal a credit card
> and buy a phone card - at least this is less trackable....
>
> There are some clear things left out of the article. First, those parts
> are not $30 - I believe you would need some chemicals to expose the chip,
> you would need a quality microcope, and I'm sure I couldn't pay the
> Russian bomb specialist $30 to do this attack for me.
>
> Point being that there is no perfect solution. I can buy a $10 safe from
> Walmart to protect my documents from fire up to 10 minutes at 1900
> degrees, or I could buy a safe from Diebold for $30,000 which survives a
> couple of hours at that temperature. The confort of the smartcard is that
> I know it is 100% safe as long as it is in my pocket .....
For me it seems that it must always be easier and cheaper to steal the
money *after* it has been taken from the bank than to steal the
smartcard, hack it and get the money from the bank myself.
I guess that it must also much easier to get pin codes etc. from a
careless cardholder than hacking the card itself?
What I want to say is that the card itself seems to be very secure, but
how is about the "card environment" like the storage of the codes, the
smartcard reader, the computer-net that is used in order to transfer the
transactions, human beeings that are involved etc.
Greetings,
Arno
--
_ __ ___ _ _ _
/_\ _ _ _ _ ___ \ \ / (_) | |_ ___| |_ __
/ _ \| '_| ' \/ _ \ \ \/\/ /| | | ' \/ -_) | ' \
/_/ \_\_| |_||_\___/ \_/\_/ |_|_|_||_\___|_|_|_|_|
tel://+43/512/394545/72
fax://+43/512/394545/20
mail:[EMAIL PROTECTED]
http://www.phion.com
***************************************************************
Unix Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/
To unsubscribe send an email to [EMAIL PROTECTED] with
unsubscribe sclinux
***************************************************************
