Hi everybody, Why attack the smartcard. It is easier to get such things like PIN, passwords, ... with cameras, recorder, ... Is it worth to put out a microscope and tons of money to crack the PIN or a cryptographic key ?
Social engineering and the rubber horse attack are more powerful than any other attack. An other way to get the PIN or password is look at the fingers of the victim. Another way to get the key from most people is: Get access to the remote computer and get the key or install a trojan which gets the keys or let the dumb user mail the key to you. (Many users do not know anything about private keys, public keys, ...). Andi PS: Sorry for my bad english :-) On Tue, 14 May 2002, Arno Wilhelm wrote: > > There have been a few articles about smartcard attacks recently. I would > > like to pose a few points in regard to. > > > > 1) These attacks all require physical access to the card. They cannot be > > done remotely. > > 2) These attacks assume the user has not realizes they have lost their > > card and has therefore not notified their helpdesk to have the card > > revolked. > > 3) These attacks require the user to very carefully remove layers from the > > outside of the chip to expose the card. This is not easy - in most > > cases the chip is ruined. > > 4) These are trial and error attacks - by changing the values of data > > stored in eeprom, the attacker hopes to change the behavior of the card > > and have it malfunction by returning data the attacker wants to know. > > Consider this like a game of minesweeper. You have 262,144 bits in 32k > > The majority of those bits being changed will deem the card useless. > > In the other cases, unuseful data might be returned. Even if the data > > was unciphered in the eeprom (not likely), the user must know where to > > look for the data which in most cases isn't linear. > > 5) These attacks are well known - changing the power, clock to get the > > card to malfunction. Heat, Cold, whatever - most do not work and the > > attacker has to know alot about the card and data on it. If I wanted > > to put this work to get free GSM service why not steal a credit card > > and buy a phone card - at least this is less trackable.... > > > > There are some clear things left out of the article. First, those parts > > are not $30 - I believe you would need some chemicals to expose the chip, > > you would need a quality microcope, and I'm sure I couldn't pay the > > Russian bomb specialist $30 to do this attack for me. > > > > Point being that there is no perfect solution. I can buy a $10 safe from > > Walmart to protect my documents from fire up to 10 minutes at 1900 > > degrees, or I could buy a safe from Diebold for $30,000 which survives a > > couple of hours at that temperature. The confort of the smartcard is that > > I know it is 100% safe as long as it is in my pocket ..... > > > > For me it seems that it must always be easier and cheaper to steal the > money *after* it has been taken from the bank than to steal the > smartcard, hack it and get the money from the bank myself. > I guess that it must also much easier to get pin codes etc. from a > careless cardholder than hacking the card itself? > What I want to say is that the card itself seems to be very secure, but > how is about the "card environment" like the storage of the codes, the > smartcard reader, the computer-net that is used in order to transfer the > transactions, human beeings that are involved etc. > > > > > > Greetings, > > Arno > > -- ----------------------------------------------------------------------- LISCON GmbH http://www.liscon.com/ Kersche Andreas [EMAIL PROTECTED] Richard-Wagner-Strasse 7 Tel: +43 699/11093881 A-9500 Villach Fax: +43 4242 214 855 99 AUSTRIA / EUROPE *************************************************************** Unix Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/ To unsubscribe send an email to [EMAIL PROTECTED] with unsubscribe sclinux ***************************************************************
