How secure are smartcards?
J. Ottosson
j-001 at ottosson.nu
Tue Jul 26 18:07:40 CEST 2011
On 25 Jul 2011 at 20:12, Werner Koch wrote:
> For the v1 card you may want to have a look at the flylogic.net blog; they
> have lots of entries about different chips. There is no specific entry
> about the v1 card iirc, but I once sent them a few cards and they told me
> it would be easy to read it out using their equipment.
>
> For a general overview on the grade of tamper resistance you may want to
> start at http://www.cl.cam.ac.uk/research/security/tamper/ .
This subject is interesting and important, there have been deliberate attempts
for many years to not tell the whole truth to the public about the security of
"smart cards", be they financial type of cards or other. The public is only
being told they are "totally secure" and also other info about the (in)security
of associated systems are being withheld from the public or actively lied about.
Even worse though, as I recall from the time when I worked with IBM crypto
processors like 4758 etc, a lot of the people inside the (somewhat introvert)
banking community working with security, had no clue and actually believed that
DESX was unbreakable and that the PIN system couldn't be tricked or broken and a
lot of other things that were not necessarily true.
I remember reading Ross Anderson's comments on sci.crypt during the Citibank
trials in UK with great interest and remember to this day a quote from him
saying something about banking security people digging holes on the subject
about PIN security - I found it insanely accurate and dead on, having my own
experiences to compare with.
I also remember when I organized a live TEMPEST lab session with a swedish
military hw supplier, the IT people attending didn't even know what the
phenomenon was about..
In the late 1990' there were academic reports being classified as secret in
Sweden, that proved a great number of smart cards to be insecure. A number of
those were swedish military graded equipment and hence government organizations
like FMV (Swedish Defence Materiel Administration) and MUST (Swedish Military
Intelligence and Security Service) quickly withdraw the papers from the open
market.
Only a handful of people outside the military have read those papers I'm told.
Today I guess that there's nothing in those papers that the Cambridge people
haven't covered..(?)
I think that as long as you're in possession of the card the content is safe
from any reasonable types of threats imposed by logical access from malware etc,
as long as there is no bugs in the on-board OS.. If however it gets stolen by
skilled advisaries, one should regard the keys as compromised, generate
revocation certificates and new keys.
What constitutes skilled advisaries and the likelihood of being targeted by such
an organization can always be discussed though.
As I understand it after having spoken to some government/military security
people in Sweden there is no chip design on the planet that cannot be broken
today.
And if this isn't enough then its back to random numbers and one time pads I
guess. But then.. when is it random enough..?
Needless to say though, we should still use smart cards, since it's better than
the alternatives, I think.
/J
>
>
>
> Shalom-Salam,
>
> Werner
>
> --
> Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
>
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
More information about the Gnupg-users
mailing list