Re: [NOISE] Cable-TV-Piracy-Punks
A few more hopefully short comments... perry@piermont.com ("Perry E. Metzger") writes:
Why not? If the card knows its own key, then someone else can probably get the key out by some nasty mechanism.
There is no physical difference between cards. The key information is stored in EEPROM, and the links which permit the EEPROM to be written are burned after programming is complete. The EEPROM data is then only accessible to intimately associated circuitry in its vicinity. Presumedly the state of the EEPROM cannot be deduced by any external examination of the card, and any attempt to incrementally abrade the card down to the relevent circuit elements should completely obliterate the minute charge differences which represent the data. At least, that's the theory. The Europeans trust this technology well enough to let it represent real money, so presumedly they do not consider hacking a possibility. Perhaps our resident VLSI and Alpha Particle expert, Timothy C. May, could give us a guess as to whether Perry's "Nasty Mechanism" is more or less likely than Maxwell's "Daemon." inglem@adnetsol.com (Mike Ingle) writes:
The big latent assumption here being that you have only one-way communication with the subscribers. DSS has a modem. It could get a new key from a distribution center frequently - i.e. every day. Then the pirates would somehow have to update their keys daily, in real time. Once we have live packet communication (cable modems or ISDN D-channel, for example) the keys can be changed minute by minute, if necessary.
Assuming Perry is right and a smart card could have its innards transplanted into a hostile environment, the scheme you describe would offer no real protection. The compromised card would simply do the communication with the Key Distribution Center and give all the information to the pirates. A low-bandwidth link, such as a web page, would be more than sufficient to communicate the required bits to everyone else on the planet. The security of a smart card based system has to lie in the "data cannot be recovered even by destructive reverse engineering" aspect of it. If this is not a given, then cards can be exactly cloned, and one clone can tell others what they need to know to prevent the duplication from becoming known to the other side of any transaction. -- Mike Duvos $ PGP 2.6 Public Key available $ mpd@netcom.com $ via Finger. $
Mike Duvos writes:
perry@piermont.com ("Perry E. Metzger") writes:
Why not? If the card knows its own key, then someone else can probably get the key out by some nasty mechanism.
There is no physical difference between cards. The key information is stored in EEPROM, and the links which permit the EEPROM to be written are burned after programming is complete. The EEPROM data is then only accessible to intimately associated circuitry in its vicinity.
Or to people with access to scanning microscopy techniques like STMs or AFMs. I suspect that there are lots of techniques that can be successfully used. It used to be that using them required the sort of facilities only available at a large semiconductor manufacturer, but now I suspect that it would be easy for a student at a major university, and probably less easy, but still perfectly feasible, for a person working at home with lots of sophisticated but fairly available equipment like STMs.
Presumedly the state of the EEPROM cannot be deduced by any external examination of the card, and any attempt to incrementally abrade the card down to the relevent circuit elements should completely obliterate the minute charge differences which represent the data.
They aren't immune to the laws of physics. If it can be put together, it can be taken apart. I can even surmise HOW it can be taken apart.
At least, that's the theory. The Europeans trust this technology well enough to let it represent real money, so presumedly they do not consider hacking a possibility.
The Americans trust their money to the notion that no counterfeiter can afford to pay a million or so for an intaglio press. Do you think this is likely? In any case, I notice that the claim has changed. Before, it was claimed, speciously, that modern cryptography could solve this problem. Now it is claimed that the security of the system depends entirely on keeping the user from breaking in to a piece of equipment that they have physical possession of. Pretty different story, eh?
Perhaps our resident VLSI and Alpha Particle expert, Timothy C. May, could give us a guess as to whether Perry's "Nasty Mechanism" is more or less likely than Maxwell's "Daemon."
I think he'll tell you that he doesn't know how much effort it will take but that Intel's labs probably could manage it and that they probably couldn't manage to build Maxwell's Demon. Perry
"Perry E. Metzger" <perry@piermont.com> writes:
Or to people with access to scanning microscopy techniques like STMs or AFMs. I suspect that there are lots of techniques that can be successfully used. It used to be that using them required the sort of facilities only available at a large semiconductor manufacturer, but now I suspect that it would be easy for a student at a major university, and probably less easy, but still perfectly feasible, for a person working at home with lots of sophisticated but fairly available equipment like STMs.
We aren't talking about IC masks here. We are talking about electrostatic charges which would instantly leak away if the insulation around them were in the least bit compromised. Such data wouldn't even survive the preparation for scanning microscopy, much less the actual inspection process.
They aren't immune to the laws of physics. If it can be put together, it can be taken apart. I can even surmise HOW it can be taken apart.
If you put something fragile inside a container which cannot be breached without exposing the fragile thing to a destructive environment, then the fragile thing is very unlikely to be retrieved intact. The specific parameters here will of course vary with what technology is available, but I think live EEPROM cells deep inside a multi-layer VLSI device are probably safe from scrutiny for the lifetime of your average smart card. Live registers too, for that matter.
The Americans trust their money to the notion that no counterfeiter can afford to pay a million or so for an intaglio press. Do you think this is likely?
It is neither likely nor relevant.
In any case, I notice that the claim has changed. Before, it was claimed, speciously, that modern cryptography could solve this problem. Now it is claimed that the security of the system depends entirely on keeping the user from breaking in to a piece of equipment that they have physical possession of. Pretty different story, eh?
The original scenario outlined how strong cryptography could be used to authorize pay per view in a manner which was not vulnerable to obvious hacking. The successful use of strong cryptography depends upon keeping certain key information secret, and it was postulated as part of the scenario that this could be done within a smart card. An endless metaphysical quibble over whether God can create a smart card he can't peek into does not serve to further illuminate the cryptographic issues under discussion. -- Mike Duvos $ PGP 2.6 Public Key available $ mpd@netcom.com $ via Finger. $
Mike Duvos writes:
We aren't talking about IC masks here. We are talking about electrostatic charges which would instantly leak away if the insulation around them were in the least bit compromised.
I was under the impression charges had associated fields which could be detected without physically touching the charged object. Silly me. Incidently, EEPROMs don't work by simply charging a capacitor or something silly like that. No insulator is perfect, no dielectric is perfect, and charge would eventually leak away were that the case. However, if it were, it would be fairly easy to determine the state of a cell without having to get particularly close to it. Beyond that, there is this insane notion you seem to have that a charged object will lose its charge if the "insulator" is "stripped off" -- I wasn't under the impression a vacuum, for instance, was a particularly good charge carrier.
Such data wouldn't even survive the preparation for scanning microscopy, much less the actual inspection process.
I believe you are operating on some sort of weird faith here rather than in reality. Reality is that even the extraordinarily well built circuits on the Capstone and similar chips that the NSA is trusting the Skipjack algorithm to aren't believed to be uncompromisable -- I believe the words were something to the effect of "it would take the resources of a national laboratory to reverse engineer" or some such. In any case, I don't care to debate this further. I am coming to believe very strongly that you just don't know what you are talking about.
They aren't immune to the laws of physics. If it can be put together, it can be taken apart. I can even surmise HOW it can be taken apart.
If you put something fragile inside a container which cannot be breached without exposing the fragile thing to a destructive environment, then the fragile thing is very unlikely to be retrieved intact.
If a container contains some protective gas, you can pressurize the exterior with the same at the same pressure. If the container contains a vacuum, you can open the container in a vacuum. If the contents are light sensitive, you can open the container in the dark. This is a problem like copy protection. Yes, you can make things arbitrarily hard, but you can't make them hard enough.
The Americans trust their money to the notion that no counterfeiter can afford to pay a million or so for an intaglio press.
It is neither likely nor relevant.
No, its relevant. You cut out what I quoted, which was you saying "the europeans trust smartcards for storing money", to which I noted, basically, "so what; people trust even more easily forged things like paper, with nothing standing between a forgery and the forger than some special paper and an intaglio press." You brought it up, not me.
An endless metaphysical quibble over whether God can create a smart card he can't peek into does not serve to further illuminate the cryptographic issues under discussion.
The point is that men can't create an impenetrable smart card. Perry
"Perry E. Metzger" <perry@piermont.com> writes:
I was under the impression charges had associated fields which could be detected without physically touching the charged object. Silly me.
Uh huh.
Incidently, EEPROMs don't work by simply charging a capacitor or something silly like that. No insulator is perfect, no dielectric is perfect, and charge would eventually leak away were that the case. However, if it were, it would be fairly easy to determine the state of a cell without having to get particularly close to it. Beyond that, there is this insane notion you seem to have that a charged object will lose its charge if the "insulator" is "stripped off" -- I wasn't under the impression a vacuum, for instance, was a particularly good charge carrier.
Uh huh.
I believe you are operating on some sort of weird faith here rather than in reality. Reality is that even the extraordinarily well built circuits on the Capstone and similar chips that the NSA is trusting the Skipjack algorithm to aren't believed to be uncompromisable -- I believe the words were something to the effect of "it would take the resources of a national laboratory to reverse engineer" or some such.
Uh huh.
In any case, I don't care to debate this further. I am coming to believe very strongly that you just don't know what you are talking about.
High praise, considering the source. ----- Now I am certainly not going to waste any more time trying to explain solid state physics, how EEPROMs are put together, that the tamper-resistant packaging of Capstone is designed to thwart the reverse engineering of an algorithm contained on the masks used to make the chips, or impuning the supposed powers of "national laboratories." However, I will observe that whenever technology is put forth for criticism on this list, there are always a few people who insist upon maintaining that anything can be easily defeated. "All you have to do is <blank>" they exclaim, where <blank> may be replaced by "Quantum Factoring", "SQUIDs", "Scanning Tunneling Microscopy", "NP=P", "The EPR Effect", "Nanomachines", or some other exotic notion which would be lucky if it had even achieved a laboratory demonstration under carefully controlled conditions much less a practical application to the problem in question. Common to all such claims is a gross underappreciation of the engineering difficulties involved, in this case those related to reading logic states buried in a densely integrated digital device without destroying them. Something that isn't easy to do even if the device has been designed specifically for the purpose of permitting such observation in a laboratory environment. Such distractions, unfortunately, are why good physics rarely gets discussed in sci.physics, and why discussions on this list about nuclear bomb design, tampering, and hacking frequently take off in the crackpot direction. The bad eventually drives out the good, and few of the competent posters are going to continue to comment on a thread which has degenerated into the "You don't know anything. Mr. Squid can read your smart card and your brain waves too" level of interaction. Somewhere amongst all the noise here was the interesting disclosure that DSS had been compromised, and the beginnings of a good discussion about current "scrambling" protocols and their vulnerabilities. Let's see if we can recapture that discussion, and let the rants about obscure technologies magickally defeating all conceivable forms of tamper-resistant packaging drop. -- Mike Duvos $ PGP 2.6 Public Key available $ mpd@netcom.com $ via Finger. $
participants (2)
-
mpd@netcom.com -
Perry E. Metzger