The document discusses security threats and countermeasures related to smart cards, including physical attacks such as etching the chip surface, side channel attacks like power analysis to extract cryptographic keys, and attacks specific to contactless smart cards like covert transactions initiated without user knowledge. It analyzes these threats and their countermeasures, noting that while attacks can be subdued, perfect security is impossible to achieve for smart cards due to necessary trade-offs in their design.
2. Introduction: Understanding Smart Cards
Classification
Relevance of Security in Smart Cards
Analysis :- Security Threats and Countermeasures
Physical Attacks
Side Channel Attacks
Attacks on Contactless Smart Cards
Conclusion
Questions
3. What is it exactly?
Secure portable storage device
A chip card with an embedded computer in it
Why use Smart cards?
Tamper resistant Storage and Processing
Portability
Ease of use &Extended life time
Ability to perform multiple tasks
Applications
Healthcare
Banking and E-Commerce
Electronic ID and many more
4. Contact Cards:
Chip visible to user
Physical Contact to transfer data &
Power the card during operation
Contact Card
Contactless Cards:
Chip invisible to user (remains
embedded within the card)
Data transfer via RF Technology
Electromagnetic Induction to
power the card
Contactless Card
5. Confusion between Contactless smart cards and RFID
Similarities
Both provide convenience to users
RF technology to communicate with the reader
Used for Identification purposes
Differences
Smart Card requires higher level of security and privacy and contains
highly sensitive data (Financial Details, Personal Information etc. )
RFID is only used for identification purposes (Track and Trace, Human
Identification ) and thus information contained is not as significant
6. Enormous benefits are provided!!!! Increase in Complexity?????
Easy possession due to its low cost & hence sufficient training
Business model for easier future attacks
Transaction involves wired and wireless transmission of data.
Sensitive data within the chip requires Confidentiality, and Integrity
7. Surface of the chip is exposed manually
Chip is observed using powerful microscope
Internal blocks are tampered with to study the design
Methods include:
Etching (Staining)
Microscopes
Probe Stations
FIB (Focused Ion Beam)
8. Etching Materials include CH4, HF and other dangerous chemicals
De-Layering of Smart card chip
Optical and Electrical Analysis of internal blocks
“Staining” : Etching done in different speeds to reveal differences in
materials that define the ones and the zeroes.
Etched Smart Card Chip
9. Probing Needles:
Tiny Probe Needles creates New Channels
to the outside world
Extraction of program code and data including
the key when the chip is actively operating
Data can also be forced into the chip to
overwrite the original data
Microscopes:-Scanning Electron Microscope
Reverse Engineering performed by viewing chips of sizes even below
one micron.
Capable of visualizing live operations in the circuitry.
10. SEM can inject ions (instead of electrons) to make changes in the
circuitry apart from viewing them in detail
Different gasses in the ion beam can :
Re-wire the circuitry
Add extra probe pads
Cut an existing track
Addition of Cross-shaped Addition of a Track
probe pad courtesy: Gemplus Ltd
11. On-board Sensors
Protective Layers
“Glue Logic” :- Randomly placing internal blocks to avoid easy
tampering
Bus Scrambling to confuse attacker
Summary
Requires sophisticated equipments Glue Logic Structured Chip
Expensive
Destructive
Time Consuming
Not opted by normal hackers
Bus Scrambling
12. Use of ‘physical phenomena’
Electromagnetic emission
Power consumption
Timing
Non-Invasive unlike Physical
Attacks
Subdivided into:
Side Channel Analysis :
DFA (Differential Fault Analysis)
Side Channel Manipulation
Power Glitches
13. Analysis:
Passive in nature (only analysis)
Extracting detailed information by observing the power consumption and/
or electromagnetic radiation.
Amount of power consumed is related to data being processed
EM radiation is different for different components in the chip
Cryptanalysis : Statistical analysis of the cryptosystem’s inputs and outputs
to obtain the secret key
Information leaks in Cryptosystems
14. Power traces are observed and compared
Exact key of the cryptographic algorithm can be extracted
Process involved:
Keen observation of power levels for various bit value
Measurement of many power traces is done
As a result of which the attackers arrive at exact data being
processed (bit level)
Overlapping Power traces for
two different inputs
Differential Power trace for
two different inputs
15. Manipulation by disruption of physical phenomena
Chip damaged when excess Radiation imposed on it
Affecting the behavior of the chip by disrupting the Supply Voltage
known as “Power Glitches”
Others factors include temperature, light (x-ray), etc
Causes misinterpretation of actual value
Change a read value from memory to another by manipulating the supply power
16. Introducing Timing Noise prevents good alignment of power traces
Metal Shields against injection of EM radiation
Lowering Power signal by balancing circuits
Sensors
Summary
Attacks are non-invasive unlike Physical attacks
Comparatively inexpensive to achieve these attacks
Threats can be subdued but cannot be eliminated completely
Lower Time consumption and low cost
17. Similar functions as of Contact cards, hence equivalent efforts to
maintain Security
Susceptible to over-the-air attacks
Attacks without possession of the card
List of threats include:
Eavesdropping
Man in the middle attack
Denial of Service
Covert Transactions (exclusive to contactless cards)
18. Eavesdropping:
Can be performed from a distance by triggering the card
Example : Digital Passport using contactless technology
Active or Passive access of personal information without users
knowledge
Can be avoided by strong cryptographic algorithms (SMS4, AES etc.)
Man in the Middle:
Portion of the encrypted data is taken, modified and the injected back
into the channel
Example: Commonly found in Financial Transactions
Credit cards, ATM cards etc .
Can be avoided by introducing randomness in data encryption
Denial of Service:
Interfering by sending malicious requests over and over again.
Difficult threat to counteract
19. Covert Transactions:
Most serious threat
Malicious user communicates using fake readers triggering fake
transactions
User will never know if the transaction is genuine
Example: Primarily in Financial Transactions
modifications or hiding of data
Countermeasure:
Must have strong authentication between the card, user and the reader.
User authentication by suitable mechanisms can be a solution
20. Positives:
Has had tremendous growth recently
Offers better and affordable security solutions
Negatives:
Though designed to provide security there is always a trade-off
No Perfect Security exists
Suggestions:
Can only subdue the threats
Minimize Financial Attractiveness
Analyze possible threats beforehand