* Ulrich Kuehn:
In 2000 someone here in Germany already demonstrated how to attack
smart card based HBCI transactions. Those transactions are
authorized by an RSA signature done by the card.
Here's a link: http://www.heise.de/newsticker/meldung/9349
The attack relyed on the card reader not having a separate keyboard
for PIN entry.
In this particular implementation, yes.
There are other attacks if you control the end user system:
You can display a dialog box requesting that the user enters the PIN
on the host, and not on the PIN pad. Typical smartcard work in
various card readers (with and without PIN pads), so you can later use
the PIN to create additional transactions.
It turns out that you need not do this, though: once the end user has
entered the PIN, you can create as many signatures as you like. In
this sense, the PIN/TAN approach is more secure than smartcards.
Interestingly, I wonder what would happen if a reader with display
and keyboard is used in an online attack, i.e. the adversary sneaks
in a fraudulent transaction when the hash for the signature is
computed. I do not know from the top of my head what is supposed to
be displayed in the reader's display, so I do not know what impact
such an attempt would have.
The display contents is supplied by the end user computer, not the
smartcard, so it's still possible to break this scheme just by
attacking the computer.
Postbank's mTAN is promising because uses a separate channel which is
currently not very easy to attack, but the activation procedure is
fundamentally flawed. Costs are probably too high to introduce this
as a general countermeasure, though.
In the long term, we need a standardized device which generates TANs
which depend on the transaction contents (target account and amount).
Standardization is important because you don't want to carry around
such a device for each plastic card you own.
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]