9 May 2002
Date: Thu, 9 May 2002 17:27:44 +0000 (GMT) From: ukcrypto <ukcrypto@ttfn35.freeserve.co.uk> To: ukcrypto@chiark.greenend.org.uk Subject: Attack of the [phone] clones (fwd: The Register) http://www.theregister.co.uk/content/59/25216.html A technical paper on IBM's work, Partitioning Attacks: Or how to rapidly clone some GSM cards, by Josyula R Rao, Pankaj Rohatgi, Helmut Scherzer and Stefan Tinguely will be presented at the IEEE Symposium on Security and Privacy, in Oakland, California next week.
To: ukcrypto@chiark.greenend.org.uk Subject: Re: Attack of the [phone] clones (fwd: The Register) Date: Thu, 09 May 2002 23:14:20 +0100 From: Ross Anderson <Ross.Anderson@cl.cam.ac.uk> IBM's attack will be presented at the Oakland conference at 10 in the morning next Monday. At about 5 in the afternoon, I'll be describing a technology we've developed that stops this sort of attack dead. The paper already appeared in April at Async 2002, where it won the best presentation award. Our basic idea is that many types of attack, that exploit side channels or utilise fault induction of various kinds, can be blocked by implementing the smartcard CPU using redundant logic. Instead of a wire being High or Low to signal 1 or 0, we use HL to signal 1, LH to signal 0 and HH to signal ALARM. We also make the logic asynchronous and do one or two other things. One reason to go for a general and principled solution rather than an ad-hoc countermeasure is that, over the last few years, the measures taken in hardware and software to block all the power attacks, glitch attacks and so on have become an unmanageable mess. They can take up a third of the CPU real estate and a quarter of the software library. They are increasingly fragile in that small changes to either hardware or software can cause apparently unrelated protection mechanisms to fail. The cost, of space and performance, goes up constantly. It's the security equivalent of spaghetti COBOL. Eventually you have to step back, figure out what you're actually trying to do, and redevelop. The paper's at http://www.cl.cam.ac.uk/ftp/users/rja14/async2002paperV2.ps and the extra material I'm announcing on Monday consists essentially of test results, which are good. We've run the same code on a traditional CPU and on the new secure one, side-by-side on the same test chip; the correlation between power and data is visible clearly in the traces from the first CPU and not at all in those from the second. Ross PS: We're also announcing some new attack techniques that are easy to implement and widely applicable. A paper will appear on my web site once I get back from the conference, i.e. about 0300 GMT Tuesday