[139424] in cryptography@c2.net mail archive
Attacking a secure smartcard
daemon@ATHENA.MIT.EDU (Jerry Leichter)
Sun Dec 7 13:05:11 2008
From: Jerry Leichter <leichter@lrw.com>
To: Cryptography <cryptography@metzdowd.com>
Date: Sat, 6 Dec 2008 22:51:23 -0500
I've previously mentioned Flylogic as a company that does cool attacks =20=
on chip-level hardware protection. In =
http://www.flylogic.net/blog/?p=3D18=20
, they talk about attacking the ST16601 Smartcard - described by the =20
vendor as offering "Very high security features including EEPROM flash =20=
erase (bulk-erase)". The chip is covered by a metal mesh that, if cut =20=
or shorted, blocks operation. However, Flylogic reports:
"Using our techniques we call, =93magic=94 (okay, it=92s not magic but =
we=92re =20
not telling), we opened the bus and probed it keeping the chip alive. =20=
We didn=92t use any kind of expensive SEM or FIB. The equipment used =20=
was available back in the 90=92s to the average hacker! We didn=92t =
even =20
need a university lab. Everything we used was commonly available for =20=
under $100.00 USD.
This is pretty scary when you think that they are certifying these =20
devices under all kinds of certifications around the world."
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
