21 February 2002


Date: Thu, 21 Feb 2002 00:46:08 -0800
To: cypherpunks@lne.com
From: Bill Stewart <bill.stewart@pobox.com>
Subject: Smart Card Cracker at RSA tradeshow - Cool!

Most of the exhibits at the RSA show looked like such things usually do. But one exhibit was really cool - Datacard Group, near the back around the middle. If you're there, you absolutely have to see these guys.

They were cracking smart cards using Differential Power Analysis and Differential Fault Analysis - they have a stack of equipment with an oscilloscope and some magic boxes and a PC display, and they were showing "see these 16 vertical lines?  That's 16 rounds of DES. Let's zoom in - this shape here is an S-box.  I'll start the cracking program, and we'll have the key in a minute or two", and sure enough they did. Triple-DES only takes about 3 times as long...

Finding the two primes from an RSA key took a similar amount of time - it's not doing some magic factoring technique, it's watching a card that has the two primes in it signing stuff.  I think that demo was Differential Fault Analysis, where they hand the card some voltages and frequencies that are much different than it's designed for, and look at the different results they get depending on what parts they poke.

I've seen Paul Kocher's descriptions in the past about how this stuff is possible - it's not the same impact as watching it done, and seeing how amazingly fast it can be.

They're set up to do a couple formats of cards, including contactless as well as the standard contact-based things.

Of course, there are also a few dozen smartcard vendors at the show, talking about how their authentication systems will make health care and banking and biometric citizen-unit-tracking perfectly secure :-)

  =================

One other pleasant product was @Stake's bootable linux business-card-CD, with lots of network analysis tools on it - ethereal, snort, VNC, a few dozen others. All the things you'd expect from them, if you dare to put it in your  machine....

They said there really weren't any "remote system administration" tools on the disk that they don't document being there :-)


From: S
Date: Thu, 21 Feb 2002 13:31:19 -0800
To: jya@pipeline.com
Subject: Datacard Group

I second Bill Stewart's recommendation of the Datacard Group's smartcard cracking demo at the RSA show.  (I saw him there and took his recommendation and saw the demo.)

They're using a 2 GHz oscilloscope (the fastest scope I've ever seen) and the demo is quite an education.  Back home in London, they said, they have better equipment and can do more sophisticated attacks. The equipment at the show is just what they chose to bring along.

One attack which Bill mentioned briefly was against a contactless card.  So the Datacard Group people were able to examine the power profile of a card with a contactless RF interface, without touching it, apparently by making essentially passive measurements as it was performing authentication functions.  The level of detail of the measurements they obtained was such that they could read secret information from within the card.  This goes a long way toward promoting skepticism of smartcard security; as Bill says, there's something about seeing it done up close which really resonates.


Date: Thu, 21 Feb 2002 01:53:46 -0800
To: cypherpunks@lne.com
From: Bill Stewart <bill.stewart@pobox.com>
Subject: Other things I saw at RSA trade show.

Lots of VPN/firewall boxes. Fewer PKI vendors than in the past, mostly now aligned with other products. A variety of SSL accelerator hardware - the higher-end boxes claim to have ~10K transactions/second now, with ~50-100K on their next rev. Some are more general, some more SSL-customized.

At least one has two GigEthernet interfaces, and integrates the SSL with the TCP/IP stack, so you don't have to run the traffic through your CPU to decrypt, saving a lot of copying.  It feeds the output to the private-side computer using a different TCP port for each  certificate you use. One has been integrated with FreeS/WAN IPSEC as an RSA / 3DES processor.

One VPN-like box which uses SSL instead of IPSEC, from Neoteris. The nice things that it does are to support access from any SSL-capable browser (doesn't have to be your own laptop, as long as you trust it enough), and to support access to various file system types, so you can use NFS or other file servers behind it as well as disk-based servers. It also has a little installable shim program for telnet-over-SSL.

A few secure mail products, such as Zixmail (who also give away screwdrivers.) Several email-firewall products, with virus checking and spam blocking. Ironmail sounded like they did a good job.

A number of people with USB key-dongles.  Most are small-memory versions, e.g. 16KB-32KB, which require a driver rather than emulating a disk drive, so they're not susceptible to general-purpose viruses, though you could probably wedge a custom virus onto one.

One company using Java I-Buttons.  Their name was something SSOthinglike - they do a Single Sign-On application using the I-Button as a token, and there are now several new mounting hardwares for the buttons. Dallas Semiconductor just recently merged with Maxim Semiconductor ( www.maxim-ic.com and also www.ibutton.com )

Not much in the way of tchochkes; a few squishballs, pens, T-shirts. CDROMs are the main giveaway other than brochures. Be sure to get the one from @Stake.

A few companies were obviously hiring, though not many.

EFF booth has a clunky Secret Decoder Ring. The NSA booth has some cardboard decoder wheels, and an Enigma. There's at least one encrypting GSM phone.

Smaller show than in the past. Looks like IBM's not sponsoring the big party Thursday at the art museum.


Date: Wed, 20 Feb 2002 21:44:15 -0800
To: cypherpunks@einstein.ssz.com
From: Steve Schear <schear@lvcm.com>
Subject: I will not comply!

I'm not sure how many of you made it to RSA, but their authentication requirements rubbed me the wrong way for a conference originally dedicated to both privacy and security.  From the looks of things its gone beyond big "S" and little "p" to all "S" and no "p".

To test their resolve and have a bit of fun while at it I decided to show up wearing Groucho glasses.  At first the processors greeted me with a nervous giggle, but when I insisted I be photographed with the glasses on the said I had to appear as I do on my driver's license.  So, I removed it from my wallet and 'lo I was wearing Groucho glasses on my DL as well (amazing what a photo-realistic printer and adhesive paper can do).  At this point they knew they either had to call security or let me enter in disguise.  They decided the latter and I entered mustachioed.  They asked that I continue to wear the glasses after entering.

When I approached the door monitors they challenged me and my credentials.  After inspecting the picture ID and verifying its likeness they stepped aside.  A few of you may have seen me on the show floor so attired.  My Groucho glasses were a hoot. I brought lots of smiles to people's faces. I think I had the best time ever at a conference.


Date: Thu, 21 Feb 2002 00:59:56 -0800
To: cypherpunks@lne.com
From: Bill Stewart <bill.stewart@pobox.com>
Subject: RSA Tradeshow Wants Photo ID to register, the bums

I suppose it probably was splattered all over their registration materials, but I certainly didn't notice. The RSA trade show insists on a picture ID to register, even for exhibits. Then they take a digital picture of you at registration and print it on your badge, so you're not able to switch off badges with other people; they're mainly checking pictures to get into the paid sessions, which doesn't bother me much (though it's pretty typical for companies who have multiple people attending a show and also doing booth bunny duty to switch off.)

But it's especially annoying when you've registered several dummy names for the free exhibits since you didn't know which co-worker would be there. I'll have to see about printing a fake ID at work this morning before I head back there (or else go back in and see if our lame booth has any spare exhibit badges.)

Joel Cypherpunk and Dr. Fred M'bogo, you're both pre-registered, so remember to bring picture ID of some sort with you :-)