Attacking a secure smartcard
Jerry Leichter
leichter at lrw.com
Sat Dec 6 22:51:23 EST 2008
I've previously mentioned Flylogic as a company that does cool attacks
on chip-level hardware protection. In http://www.flylogic.net/blog/?p=18
, they talk about attacking the ST16601 Smartcard - described by the
vendor as offering "Very high security features including EEPROM flash
erase (bulk-erase)". The chip is covered by a metal mesh that, if cut
or shorted, blocks operation. However, Flylogic reports:
"Using our techniques we call, “magic” (okay, it’s not magic but we’re
not telling), we opened the bus and probed it keeping the chip alive.
We didn’t use any kind of expensive SEM or FIB. The equipment used
was available back in the 90’s to the average hacker! We didn’t even
need a university lab. Everything we used was commonly available for
under $100.00 USD.
This is pretty scary when you think that they are certifying these
devices under all kinds of certifications around the world."
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list