Attacking smart card systems: Theory and practice
Introduction
Smart cards are typically considered to be tamper resistant, which means that the intended functionality and data held within such a device should not be undermined by tampering. Smart cards also offer a selection of security mechanisms that could, for example, be used to implement authentication or ensure data confidentiality. Smart cards are therefore used in systems that provide security services. However, a “secure and trusted” token alone is not enough to guarantee security within a system. A designer incorporating smart cards into a system should consider both attacks that apply to the security of the physical smart card token and the system as a whole. This article provides a brief overview of selected attacks on smart cards, and also examines cases where real world systems using smart cards were attacked because of factors not directly related to the security of the actual token.
The structure of the article is as follows. In Section 2 we provide a very brief overview of smart card technology in terms of the different types of smart cards, their characteristics and related applications. In Section 3 we examine smart card security at the token level by highlighting the main attacks and their countermeasures. In Section 4 we discuss some attacks implemented against EMV payment, satellite TV and proximity identification systems where the underlying smart card technology may have been seen to be robust enough but where weaknesses in other system processes opened up opportunities for exploitation. Finally, we provide our concluding remarks in Section 5.
Section snippets
Smart card technology
There are several different types of smart card that can fulfil different functions in a secure system. The common types of smart cards are listed below in order of increasing cost:
Memory cards: These cards contain only memory that can be initialised once and have few security features. These cards could be used in systems where a card is pre-loaded with a set value, such as prepaid phone cards, or where the card simply contains an identifier linking to data in the back-end system. These cards
Physical smart card attacks
The design of a secure smart card solution requires that more threats to security to be considered than a typical cryptographic system, because an attacker is able to physically isolate the device computing a cryptographic algorithm. In this section we describe the threats and countermeasures that are particular to cryptographic solutions implemented on smart cards and similar devices. This is an overview of this subject and the interested reader is referred to Mayes and Markantonakis (2007)
Attacks on systems that use smart card technology
In this section we present three examples of systems that use smart card technology in order to enhance their product offerings, and, at the same time, maintain adequate levels of security. A common characteristic of these systems is that they have suffered, or could potentially suffer, direct or indirect costs. These may not attributed directly to the selected smart card technology but to the system and specific operational design decisions.
Conclusions
Smart cards are often used in systems in order to provide tamper-resistant and security functionality. As there are many different types of smart cards, with different capabilities, there are also many different types of attack strategies. In this report we highlight the importance of smart card technology in providing security services, briefly discussing the basic card types, while also making the reader aware of the possible security pitfalls in both the overall system design and the
Acknowledgements
The work of Michael Tunstall is supported in part by the European Commission IST Programme under Contract IST-2002-507932 ECRYPT and EPSRC grant EP/F039638/1. Keith Mayes, Konstantinos Markantonakis and Gerhard Hancke would like to thank the Information Security Group Smart Card Centre founding sponsors, Vodafone and Giesecke and Devrient.
Konstantinos Markantonakis is a Reader in the Information Security Group at Royal Holloway University of London. His main research interests include smart card security and applications; secure cryptographic protocol design, Public Key Infrastructures, key management, mobile phone security. More information can be obtained from http://www.scc.rhul.ac.uk/people.php.
References (53)
- Anderson R, Kuhn M. Tamper resistance – a cautionary note. In: Proceedings of the second USENIX workshop of electronic...
Card fraud the facts
- APACS. 22 million UK consumers use cards to buy online in 2004; 08/09/05....
- et al.
The sorcerer's apprentice guide to fault attacks
Proc IEEE
(2006) - BBC Two “Newsnight”, Segment on vulnerabilities in Chip and PIN “PIN entry devices” (PEDs),...
- et al.
On the importance of checking computations
- et al.
Correlation power analysis with a leakage model
- et al.
Differential power analysis in the presence of hardware countermeasures
- et al.
Towards approaches to counteract power-analysis attacks
- Card fraud facts and figures....
Electromagnetic analysis: concrete results
Cited by (42)
Physical fault injection and side-channel attacks on mobile devices: A comprehensive analysis
2021, Computers and SecurityCitation Excerpt :High-precision probes connected to EM pulse generators can be used to perturb specific IC regions while shielding other components. EMFIs have attracted significant attention from the research community since their use on smart cards in the early-2000s (Markantonakis et al. (2009); Mayes and Markantonakis (2008); Quisquater and Samyde (2002)). EMFIs on Mobile Phone SoCs.
Practical limitation of co-operative RFID jamming methods in environments without accurate signal synchronization
2016, Computer NetworksCitation Excerpt :Given the popularity of RFID technology in various applications, security services have become an important aspect of contactless and RFID systems[1,2], including its used within the Internet-of-Things [3].
User authentication schemes for wireless sensor networks: A review
2015, Ad Hoc NetworksCitation Excerpt :In this way, Ua is able to register a number of users at GWN in fake manner and the GWN cannot detect such an activity. A malicious but legitimate user Ua can also act as GWN in same way by extracting [63–66] values from his own SC and obtaining xs and h(K) from these values. Since a legal user knows his/her identity and password, so it is rather easier for him to obtain xs and h(K) and act as registering authority.
Hardware security training, hands-on!
2023, Hardware Security Training, Hands-on!High-Level Approaches to Hardware Security: A Tutorial
2023, ACM Transactions on Embedded Computing Systems
Konstantinos Markantonakis is a Reader in the Information Security Group at Royal Holloway University of London. His main research interests include smart card security and applications; secure cryptographic protocol design, Public Key Infrastructures, key management, mobile phone security. More information can be obtained from http://www.scc.rhul.ac.uk/people.php.
Michael Tunstall is a researcher in the Department of Computer Science at the University of Bristol. His current research interests are based around applied cryptography; specifically side channel attacks, fault analysis and developing efficient countermeasures.
Gerhard Hancke is a researcher with the Smart Card Centre, which forms part of the Information Security Group at Royal Holloway University of London. His main interests are proximity identification and the security of RFID/contactless systems. Other interests include pervasive computing and sensor networks.
Keith Mayes is the Director of the Information Security Group Smart Card Centre at Royal Holloway, University of London. His current interests are smart card/RFID/NFC security, protocols and applications; mobile communications systems; transportation systems security and risk assessment. More information can be obtained from http://www.scc.rhul.ac.uk/people.php.
Ioannis Askoxylakis is a Research Scientist at the Institute of Computer Science of the Foundation for Research and Technology-Hellas (FORTH-ICS). His research interests lie in the fields of secure wireless communications and systems security with emphasis in security of mobile ad hoc and wireless mesh networks, cryptographic algorithms and protocols and mobile/electronic commerce applications. More information can be obtained from http://www.ics.forth.gr/∼asko.