Ray Van Eng (08/20/97)
Smart cards which are often used to store monetary value and digital certificates for identification are thought to be tamper-proof because the cards' safety mechanism will scramble their secret data if they are under a security attack by hackers. However, based on his study, Bellcore researcher Richard Lipton declared that if a smart card is forced to perform a faulty computation, information on how that calculation was made could reveal itself. That would mean that the algorithm or how the secret key was structured could be identified. This hits the security of smart card right at its core. The hacking process is sort of like reverse engineering with which a technician would back-track how a piece of equipment work every step of the way in order to re-construct the original design. That was how the first wave of IBM-PCs were cloned back in the 1980s when IBM Corp. had a proprietary computer design running on off-the-shelve electronic components. "If someone induces a card to make a mistake in its calculations, they can compare that mistake with the way the computation should have been done and, by using an algorithm, reproduce the information on the card," Lipton said. It came as no surprise that a smart card maker such as Mondex International Ltd. was quick to come to its defense, saying that its Mondex stored value cards were "designed to pre-empt the general line of attack proposed in the Bellcore paper". Indeed. Long before Bellcore stumble upon its latest findings, Mondex has been touting the fact that its cards would froze up and seal off any further interaction if they were being tampered with e.g. entering an invalid user code repeatedly. Visa International Inc., MasterCard International Inc., The Chase Manhattan Corp., and Citibank, who are about to test market 50,000 stored value smart cards later this year in the city of Manhattan have all said that their products including the Mondex and Visa Cash cards to be used in the pilot could not be comprised by Bellcore's break-in techniques. Bellcore begs to disagree. The world renowned research group says that there are many ways that can make a smart card behave irrationally and causing it to slip-up. For example, charging the card with a high enough voltage or exposing it to X-rays or acid chemicals could possibly prey open the secret workings of a smart card. Bellcore has indicated that it will continue to do more studies along those lines. So the threat is real, at least that's what Bellcore thinks. But is there any remedy? Lipton hinted that the defense could lie in fault-tolerant techniques such as verifying a computed value by checking it twice, using a different method for the check than for the original calculation. Also, Richard DeMillo, Bellcore's vice president of information technology and Internet applications contended, "It's no reason not to deploy sophisticated technology that will make business better and people's lives easier. The presence of forgers hasn't stopped us from using checks, and the presence of a security threat to computing devices shouldn't stop us now." As DeMillo puts it, Bellcore's position is to develop solutions and "help our customers stay ahead of the threat curve," he added. |