Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit Cards
Nathaniel Borenstein <nsb@nsb.fv.com> wrote:
Programs needing secure entry create a "secure entry field" which is really just an imagemap with the digits (and alphas if required) placed randomly about. The user then uses the mouse to click on these numerals. Ideally the graphics that represent the numerals would be drawn from a random pool and are misformed to thwart any OCR attempts. The graphics could be made even more difficult to OCR by mixing in words and pictures to represent the numbers. If any particular program for doing this came into widespread use, we could engineer an attack, similar to our keystroke attack, based on the specific properties of the approach used.
You could try but I don't think you would succeed. I have problems doing OCR on faxes with a top of the line OCR program. Don't tell me your trojan horse is going to be able to OCR images that are designed to be hard to OCR. Here is an example of an imagemap for secure number entry. http://www.l0pht.com/~weld/numbers.html Since this is inherently a visual thing, I thought I would cook up a graphic on the web siince you cannot do this via email easily. Weld Pond - weld@l0pht.com - http://www.l0pht.com/ L 0 p h t H e a v y I n d u s t r i e s Technical archives for the people - Bio/Electro/Crypto/Radio L0pht Open House 2/3/96 at 8:00pm - Live on irc #l0pht - write root@l0pht.com for details.
Excerpts from mail.cypherpunks: 30-Jan-96 Re: FV Demonstrates Fatal F.. Weld Pond@l0pht.com (1503*)
Here is an example of an imagemap for secure number entry.
I *really* like this example. That's because it demonstrates so clearly the security/usability tradeoff that I keep trying to hammer home to people. Yes, with something like this -- and a LOT of variation, so it wasn't the same every time -- you could avoid an attack like ours. But you'd also have a user interface that was virtually unusable. The focus of the attack we outlined was one particular, naive approach to Internet commerce that sacrificed a lot of security for usability. If the net result of what we've done is to force them to find a better balance, it was well worth the effort. Or, to put it another way, I'm not too worried about competing with software-encrypted credit card numbers if they use an imagemap technique like the one you've outlined. -------- Nathaniel Borenstein <nsb@fv.com> Chief Scientist, First Virtual Holdings FAQ & PGP key: nsb+faq@nsb.fv.com
The "keyboard sniffer" of FV is really troublesome, and the extension of this threat will hamper the Internet Commerce tremendously, I believe. The thing that might have made it hard to accept the threat for cypherpunkers is that it was presented together with a plug for the FV scheme, (which may or may not be valid btw.) But more generally, I see the following happening. The factors that now are "harmonizing" are; * the tremendous growth of Inet commerce; Digicash, encrypted CardNo's etc. Many of the now proposed schemes have no independant "evidence" mechanism, whereby you can settle a disputed transaction fairly. You will have to choose to believe one of the parts, and that is very often the service provider/bank/card company. * The decline of the "ordinary" card fraud market, VISA/Europay/Mastercard is rapidly finishing their forthcoming smart card systems. I'd guess this "market" is gone within 2-3 years. Some "big organisations" might start to move into the new "fraud markets" soon. * The fact that the PC are such an extremely used platform, and that the need for back compatibility will make it almost impossibe to add substantial security to it now. * The fact that anti-virus tools haven't been able to eradicate the virii problem even before the "forthcoming surge" in virus writing that I believe will come. According to a survey by Information Week (Nov 27 -95) 67% of the companies had been hit by a virus the last year, and 12% of the companies had suffered financial loss caused of it. (1293 companies surveyed). Admittedly there are social problems behind the continued spread of virii too, but that alone doesn't make them go away. Take a look at the article "Virus Authors strike Back" by Alan Solomon in "Computers and Security" 11 (1992) 602-606. The state of anti-virus tools seemed to be in a rather sad state back then, and I really wonder whether they are any better now. * The knowledge about how to write virii has been spread rather far - a college kid can get his hands on one of the polymorphic virus generators, and start to output new self-encrypting virii with the same action routine regularly. Also, note that this new kind of virii ("virii with a mission") would start to cost immediately, in contrast with the "old kind" that only cost when you have to clean them out, or if they wipe un-backuped data. (your fault - core dumped) * All PC's will be net-connected... Embed a public key in the virus, let it encrypt the loot and post it to Usenet in the group junk.erotica. You can then harvest the group with the secret key anywhere in the world. (Be generous, let the virus go away automatically if it has "contributed" enough money.) The pay-off of continously updating your virus to cope with new protection mechanisms would be enormous. Lets assume that I employ 10 programmers 2 years from now, that writes new action routines and develop new virus types... I bet I could get a decent living quite soon. Also assume I settle down in a suitable country with lax enough laws, do you believe that I would be a criminal then? What is the legal status of virii, and what is this concept of "electronic money" anyway? :-) I promise, I wont do that. It's not a bet.
I am rather shocked that after wading through hundreds of msgs of abuse of Nathaniel and FV I haven't seen one message of support; but perhaps I missed it. I agree that the original post seemed very self-serving and was poorly worded for this audience. However, that doesn't excuse people from reading it carefully and thinking about the implications. FV has argued time and again that their basic strength is that CC number aren't available for systematic secretive purloinage. The concern about collecting CC# on a large scale is one of the argument given for the importance of using encryption throughout the internet. Otherwise tapping the internet backbone has much the same properties. I thought we had already agreed that dumpster diving is a fundamentally smaller threat to the CC system than backbone tapping. FV is just pointing out that another systematic weakness exists in the CC/internet scheme. Whether this is a new, serious concern for internet commerce seems to be a useful and important topic for discussion. Fortunately, the discussion, acrimonious as it has been has produced fruit. It looks like Weld Pond's suggestion of using a random imagemap is an effective antidote. Making the attack harder by an order of magnitude at least. Ted Anderson
participants (4)
-
Christian Wettergren -
Nathaniel Borenstein -
Ted Anderson -
Weld Pond