June 10, 1998 4:30 PM PDT
Industry spins smart card hole
The security hole was discovered by a group of young cryptographers operating out of San Francisco under the name Cryptography Research.
The attack, called Differential Power Analysis, involves monitoring how much power a microprocessor on a chip card uses as it functions, then using advanced statistical methods to determine secret keys or personal identification numbers.
"Clearly the equipment and expertise to do it are significant and in very few hands--it is incredibly precise and deeply engineered," Richard Phillimore, senior vice president of MasterCard's chip card business, said. "It's serious, but it's not a criminal attack. It was done very much in the laboratory environment. Practically, I wouldn't expect it to be a criminal type of activity."
"We believe that current chip cards provide an adequate level of security," said Stephen Schapp, executive vice president of emerging electronic payments at Visa International. "We plan to proceed with the current programs at the same time working with chip card vendors to take the security to a new level."
"There are techniques to address the problem, and they need to be incorporated in the future to build stronger and better products," Paul Kocher, president of Cryptography Research and the man who discovered the vulnerability, said in an interview.
Smart cards with e-cash stored on them are considered a potential target because a successful attack might let a dishonest user produce electronic cash. But the same attack might be used on cards that grant access to buildings or sensitive data stored on computers, two other emerging uses of smart cards.
Indeed Phillimore notes that similar methods, requiring several thousand dollars worth of hardware, could be used on any kind of chip, not just chip cards.
Kocher, who discovered the security flaw in part while working on a Visa contract, has been working quietly with smart card companies for more than a year. His firm also has created approaches to fixing the problem; MasterCard is in the process of implementing one software fix, and Visa is evaluating fixes from both Kocher's firm and others.
"This issue is something the industry has known about for quite a while now," Bill Barr, president of industry group Smart Card Forum said through a spokeswoman. "Although the issue is real, it doesn't pose a major threat, depending on the application, particularly as the industry is working to defeat these kinds of attacks."
But the matter quickly got sucked into the rival cash-on-a-chip-card agendas of Visa, which markets VisaCash, and Mondex, which is majority-owned by MasterCard.
"It is well understood that chip cards are tamper-resistant, not tamper-proof, and therefore Mondex employs sophisticated risk management techniques," according to a Mondex statement issued in response to a June 6 story in the Australian Financial Review. The technique got wider attention when it was picked up today by the New York Times.
"I look at it as smart card industry situation," said Kocher, who works for both Visa and Mondex. "None of the cards on the market are immune to this. The companies we're working with are all taking appropriate action to address it. It isn't something that is worse one company vs. another."
Some companies have already addressed the issue. Mastercard said that within weeks or months it will download a software fix onto Mondex cash cards, and Visa says it will take a matter of months for it to implement a solution. Mondex said it also will incorporate the fixes into the first version of the Multos smart card operating system that it is promoting.