Attacking smart card systems: Theory and practice

https://doi.org/10.1016/j.istr.2009.06.001Get rights and content

Abstract

Smart card technology has evolved over the last few years following notable improvements in the underlying hardware and software platforms. Advanced smart card microprocessors, along with robust smart card operating systems and platforms, contribute towards a broader acceptance of the technology. These improvements have eliminated some of the traditional smart card security concerns. However, researchers and hackers are constantly looking for new issues and vulnerabilities. In this article we provide a brief overview of the main smart card attack categories and their corresponding countermeasures. We also provide examples of well-documented attacks on systems that use smart card technology (e.g. satellite TV, EMV, proximity identification) in an attempt to highlight the importance of the security of the overall system rather than just the smart card.

Introduction

Smart cards are typically considered to be tamper resistant, which means that the intended functionality and data held within such a device should not be undermined by tampering. Smart cards also offer a selection of security mechanisms that could, for example, be used to implement authentication or ensure data confidentiality. Smart cards are therefore used in systems that provide security services. However, a “secure and trusted” token alone is not enough to guarantee security within a system. A designer incorporating smart cards into a system should consider both attacks that apply to the security of the physical smart card token and the system as a whole. This article provides a brief overview of selected attacks on smart cards, and also examines cases where real world systems using smart cards were attacked because of factors not directly related to the security of the actual token.

The structure of the article is as follows. In Section 2 we provide a very brief overview of smart card technology in terms of the different types of smart cards, their characteristics and related applications. In Section 3 we examine smart card security at the token level by highlighting the main attacks and their countermeasures. In Section 4 we discuss some attacks implemented against EMV payment, satellite TV and proximity identification systems where the underlying smart card technology may have been seen to be robust enough but where weaknesses in other system processes opened up opportunities for exploitation. Finally, we provide our concluding remarks in Section 5.

Section snippets

Smart card technology

There are several different types of smart card that can fulfil different functions in a secure system. The common types of smart cards are listed below in order of increasing cost:

  • Memory cards: These cards contain only memory that can be initialised once and have few security features. These cards could be used in systems where a card is pre-loaded with a set value, such as prepaid phone cards, or where the card simply contains an identifier linking to data in the back-end system. These cards

Physical smart card attacks

The design of a secure smart card solution requires that more threats to security to be considered than a typical cryptographic system, because an attacker is able to physically isolate the device computing a cryptographic algorithm. In this section we describe the threats and countermeasures that are particular to cryptographic solutions implemented on smart cards and similar devices. This is an overview of this subject and the interested reader is referred to Mayes and Markantonakis (2007)

Attacks on systems that use smart card technology

In this section we present three examples of systems that use smart card technology in order to enhance their product offerings, and, at the same time, maintain adequate levels of security. A common characteristic of these systems is that they have suffered, or could potentially suffer, direct or indirect costs. These may not attributed directly to the selected smart card technology but to the system and specific operational design decisions.

Conclusions

Smart cards are often used in systems in order to provide tamper-resistant and security functionality. As there are many different types of smart cards, with different capabilities, there are also many different types of attack strategies. In this report we highlight the importance of smart card technology in providing security services, briefly discussing the basic card types, while also making the reader aware of the possible security pitfalls in both the overall system design and the

Acknowledgements

The work of Michael Tunstall is supported in part by the European Commission IST Programme under Contract IST-2002-507932 ECRYPT and EPSRC grant EP/F039638/1. Keith Mayes, Konstantinos Markantonakis and Gerhard Hancke would like to thank the Information Security Group Smart Card Centre founding sponsors, Vodafone and Giesecke and Devrient.

Konstantinos Markantonakis is a Reader in the Information Security Group at Royal Holloway University of London. His main research interests include smart card security and applications; secure cryptographic protocol design, Public Key Infrastructures, key management, mobile phone security. More information can be obtained from http://www.scc.rhul.ac.uk/people.php.

References (53)

  • Anderson R, Kuhn M. Tamper resistance – a cautionary note. In: Proceedings of the second USENIX workshop of electronic...
  • APACS

    Card fraud the facts

  • APACS. 22 million UK consumers use cards to buy online in 2004; 08/09/05....
  • H. Bar-El et al.

    The sorcerer's apprentice guide to fault attacks

    Proc IEEE

    (2006)
  • BBC Two “Newsnight”, Segment on vulnerabilities in Chip and PIN “PIN entry devices” (PEDs),...
  • D. Boneh et al.

    On the importance of checking computations

  • E. Brier et al.

    Correlation power analysis with a leakage model

  • C. Clavier et al.

    Differential power analysis in the presence of hardware countermeasures

  • S. Chari et al.

    Towards approaches to counteract power-analysis attacks

  • Card fraud facts and figures....
  • Chip and SPIN !....
  • Drimer S, Murdoch SJ, Anderson R. Optimised to fail: card readers for online banking....
  • Drimer S, Murdoch S. Keep your enemies close: distance bounding against smartcard relay attacks. In: Proceedings of...
  • Dorsey N, Hurst S. ECE4112 smart card security....
  • DSS Programming....
  • DreamBox Multimedia Worldwide....
  • ETSI. Digital Video Broadcasting (DVB); support for use of scrambling and conditional access (CA) within digital...
  • ECM attacks, many dish network cards are now DEAD!....
  • Europay–MasterCard–Visa. EMV'96 integrated circuit card specification for payment systems, Version 3.0, from:...
  • K. Gandolfi et al.

    Electromagnetic analysis: concrete results

  • Hancke GP. Security of proximity identification systems. PhD dissertation, University of Cambridge, February...
  • International Organization for Standardization. ISO/IEC 15693 Identification cards – contactless integrated circuit(s)...
  • International Organization for Standardization. ISO/IEC 14443 Identification cards – contactless integrated circuit(s)...
  • Irdeto....
  • ISO/IEC. Information technology – generic coding of moving pictures and associated audio: audio. In: International...
  • ISO/IEC. Information technology – generic coding of moving pictures and associated audio: video. In: International...
  • Cited by (42)

    • Physical fault injection and side-channel attacks on mobile devices: A comprehensive analysis

      2021, Computers and Security
      Citation Excerpt :

      High-precision probes connected to EM pulse generators can be used to perturb specific IC regions while shielding other components. EMFIs have attracted significant attention from the research community since their use on smart cards in the early-2000s (Markantonakis et al. (2009); Mayes and Markantonakis (2008); Quisquater and Samyde (2002)). EMFIs on Mobile Phone SoCs.

    • Practical limitation of co-operative RFID jamming methods in environments without accurate signal synchronization

      2016, Computer Networks
      Citation Excerpt :

      Given the popularity of RFID technology in various applications, security services have become an important aspect of contactless and RFID systems[1,2], including its used within the Internet-of-Things [3].

    • User authentication schemes for wireless sensor networks: A review

      2015, Ad Hoc Networks
      Citation Excerpt :

      In this way, Ua is able to register a number of users at GWN in fake manner and the GWN cannot detect such an activity. A malicious but legitimate user Ua can also act as GWN in same way by extracting [63–66] values from his own SC and obtaining xs and h(K) from these values. Since a legal user knows his/her identity and password, so it is rather easier for him to obtain xs and h(K) and act as registering authority.

    • Hardware security training, hands-on!

      2023, Hardware Security Training, Hands-on!
    • High-Level Approaches to Hardware Security: A Tutorial

      2023, ACM Transactions on Embedded Computing Systems
    View all citing articles on Scopus

    Konstantinos Markantonakis is a Reader in the Information Security Group at Royal Holloway University of London. His main research interests include smart card security and applications; secure cryptographic protocol design, Public Key Infrastructures, key management, mobile phone security. More information can be obtained from http://www.scc.rhul.ac.uk/people.php.

    Michael Tunstall is a researcher in the Department of Computer Science at the University of Bristol. His current research interests are based around applied cryptography; specifically side channel attacks, fault analysis and developing efficient countermeasures.

    Gerhard Hancke is a researcher with the Smart Card Centre, which forms part of the Information Security Group at Royal Holloway University of London. His main interests are proximity identification and the security of RFID/contactless systems. Other interests include pervasive computing and sensor networks.

    Keith Mayes is the Director of the Information Security Group Smart Card Centre at Royal Holloway, University of London. His current interests are smart card/RFID/NFC security, protocols and applications; mobile communications systems; transportation systems security and risk assessment. More information can be obtained from http://www.scc.rhul.ac.uk/people.php.

    Ioannis Askoxylakis is a Research Scientist at the Institute of Computer Science of the Foundation for Research and Technology-Hellas (FORTH-ICS). His research interests lie in the fields of secure wireless communications and systems security with emphasis in security of mobile ad hoc and wireless mesh networks, cryptographic algorithms and protocols and mobile/electronic commerce applications. More information can be obtained from http://www.ics.forth.gr/∼asko.

    View full text