A Modern View on Smart Cards Security
Apr 20, 2011
The talk by Ilya Levin at the ANSES RahRah 8 seminar, organized by the Ministry of Home Affairs (Singapore) and held at Singapore Police Cantonment Complex Auditorium, 393 New Bridge Road.
- Download the slides (pdf, 1.5Mb)
It is a common assumption that smart cards are something reliable and secure. When people hear about attacks on smart cards, they usually think of something sophisticated. Something like oscilloscopes, lasers, tunnel microscopes, differential power analysis, and so on. Thus people believe that smart cards are hard to attack.
Traditional threats assessment treats a smart card as a standalone attack target. In reality, a smart card is a part of a system, and an adversary can attack it through that system.
Instead of guessing a valid user PIN to access a smart card, an attacker can get it from a compromised user system. He can also attack and compromise a smart card issuer system to get administrative keys and PINs.
An attacker may exploit unfortunate features of a smart card. The features like design mistakes, firmware implementation errors or errors in middleware and applications. There are real–life examples of these.
JavaCards and alike introduce new risks such as potential issues in VM and quality of custom–written applets.
The recent trend for smart cards to go contactless and act as an NFC secure element introduce another new class of remote attack.
The industry understudies all these new issues and practically possible attacks. There are chances determined malicious attackers are ahead of the industry. We need to catch up.