29-07-2011, 02:41 PM
Abstract
We demonstrate how 1-of-n encoded speed-independent
circuits provide a good framework for constructing smart
card functions that are resistant to side channel attacks
and fault injection. A novel alarm propagation technique
is also introduced. These techniques have been used to
produce a prototype smart card chip: a 16-bit secure
processor with Montgomery modular exponentiator and
smart card UART.
1. Introduction
Smart cards are increasingly prevalent, particularly in
Europe, for authentication and payment mechanisms
(credit cards, pay-TV access control, public transport
payment, medical records, personal identity, mobile
phone SIMs, etc.). They present a harder target for the
criminal underworld than their magnetic strip counterparts.
None the less, there is sufcient economic gain in
cracking smart cards. Pay-TV is particularly vulnerable
since communication with the smart card is typically
unidirectional, from the broadcasting source to the set-top
box hosting the smart card. Since there is no back channel,
it is not possible to identify duplicate smart cards via
interactive protocols. Consequently, it is economically
attractive to reverse engineer a pay-TV smart card in
order to make a large number of duplicates. As smart
cards are used in more and more applications, many new
opportunities for theft and fraud open up to criminals
capable of reverse engineering cards or extracting key
material.
The next section introduces attack technologies which
determine the environment in which smart cards must
survive. We address a number of hardware level security
issues and how self-timed circuits can be used to build
more robust smart cards.
2. Attack Technologies
Hardware level attacks fall into two main categories:
invasive and non-invasive attacks.
2..1 Invasive attacks
Reverse engineering is the most extreme form of an invasive
attack where the smart card is depackaged and completely
analysed. Monitoring of bus signals is often sufcient to
extract data, and can be undertaken by dropping picoprobes
on bus lines. If bus signals are hidden (e.g. by a top level
metal defence grid), a focused ion beam (FIB) workstation
may be used to extract signals. There is also the `litigation
attack'; the attacker rst obtains a patent that might possibly
have been infringed by a smart card designer, then abuse
the legal discovery process to obtain design details. Thus,
inline with Kerckhoffs' principle1, one has to assume that
the design details of a smart card are in the public domain.
Another attack technique, used in the context of an
invasive microprobing attack, is to use a laser to shoot
away alarm circuitry, or protective circuitry such as access
control matrices which allow certain areas of memory
to be accessed only after the presentation of certain
passwords
Download full report
http://googleurl?sa=t&source=web&cd=1&ve....1.59.7842%26rep%3Drep1%26type%3Dpdf&ei=InkyTruZEszorQfFxNT1Dg&usg=AFQjCNETq-IIj13O0RgTysYe9dBr-ixG0g&sig2=WWUGHqHKcmmp19PrDZwgRg