Date: Thu, 21 Feb 2002 00:46:08 -0800 To: cypherpunks@lne.com From: Bill Stewart Subject: Smart Card Cracker at RSA tradeshow - Cool! Most of the exhibits at the RSA show looked like such things usually do. But one exhibit was really cool - Datacard Group, near the back around the middle. If you're there, you absolutely have to see these guys. They were cracking smart cards using Differential Power Analysis and Differential Fault Analysis - they have a stack of equipment with an oscilloscope and some magic boxes and a PC display, and they were showing "see these 16 vertical lines? That's 16 rounds of DES. Let's zoom in - this shape here is an S-box. I'll start the cracking program, and we'll have the key in a minute or two", and sure enough they did. Triple-DES only takes about 3 times as long... Finding the two primes from an RSA key took a similar amount of time - it's not doing some magic factoring technique, it's watching a card that has the two primes in it signing stuff. I think that demo was Differential Fault Analysis, where they hand the card some voltages and frequencies that are much different than it's designed for, and look at the different results they get depending on what parts they poke. I've seen Paul Kocher's descriptions in the past about how this stuff is possible - it's not the same impact as watching it done, and seeing how amazingly fast it can be. They're set up to do a couple formats of cards, including contactless as well as the standard contact-based things. Of course, there are also a few dozen smartcard vendors at the show, talking about how their authentication systems will make health care and banking and biometric citizen-unit-tracking perfectly secure :-)