Fault attacks on “secure” Smart Card

If you need an accessible version of this item, please email your request to digschol@iu.edu so that they may create one and provide it to you.
Date
2013-04-05
Language
American English
Embargo Lift Date
Department
Committee Members
Degree
Degree Year
Department
Grantor
Journal Title
Journal ISSN
Volume Title
Found At
Office of the Vice Chancellor for Research
Abstract

Today’s software engineers are faced with the problem of building secure systems from untrustworthy components, which used widely in everyday life. A Smart Card is a popular security token, with applications integrated in many areas including: credit cards, bank cards, cellular communications, electronic cash, banking, satellite TV and Government identifications. Smart cards are often touted as “secure” portable devices. Applications often assume that information (keys) stored on the card will be securely stored, and access control to the information will be properly maintained. Unfortunately, it has been repeatedly proven that Smart Cards are not as secure as they are commonly supposed to be. For example consider the following scenario, you go to restaurant and pay your bill with a Smart Card (type of bank card), when you pay the bill, do you constantly monitor/observe the card as the waiter uses the card? After the waiter takes the card into their possession, it is possible that they continue to swipe your card in a manner to purposely induce faults and record all the faulty/error information outputted. By analyzing the faulty output later off-line they can retrieve all secret keys, and construct a clone of your card, using it for their needs at your expense. This technique, based on fault injections which modify the behavior of the application, is named “Fault Attack”. Fault attacks on Smart Cards may be diverse in nature but successful nevertheless. In this project using fault attack, we have simulated the process of key recovery for both Elliptic Curve Cryptography (ECC) and RSA systems. Our work investigates both attacks and countermeasure to the attacks.

Description
poster abstract
item.page.description.tableofcontents
item.page.relation.haspart
Cite As
Ling, J., King, B. (2013, April 5). Fault attacks on “secure” Smart Card. Poster session presented at IUPUI Research Day 2013, Indianapolis, Indiana.
ISSN
Publisher
Series/Report
Sponsorship
Major
Extent
Identifier
Relation
Journal
Source
Alternative Title
Type
Other
Number
Volume
Conference Dates
Conference Host
Conference Location
Conference Name
Conference Panel
Conference Secretariat Location
Version
Full Text Available at
This item is under embargo {{howLong}}