Thursday, September 25, 1997

Hacking Smart Card Chips: At What Cost?

by Mo Krochmal

LONDON -- Mondex International, developer of one of the world's leading electronic cash cards, has come under fire from a security expert for allegedly underestimating the ability of criminals to hack into its products. The E-cash pioneer, which is controlled by MasterCard International, announced Monday its latest chip, the H8/3109 device developed by Hitachi. E-cash cards let users pay for goods and services with electronic tokens that can be freely exchanged for paper money and coins money in banks.

Mondex, which said it plans to market 5 million E-cash cards by the end of 1998, said in a statement that the chip had undergone "fault-analysis interrogation by some of the leading chip and security laboratories in the world."

But Mondex was criticized Monday by a leading academic cryptography expert for underestimating the risks of the card being hacked. Ross Anderson, a professor at Cambridge University in England, said the technical sophistication of the security measures taken by Mondex do not reflect the high level of technology and skills available to criminals.

"I think Mondex picked an inappropriate time to go for a world launch. There are too many new attacks -- people are looking at things all the time", Anderson said. "If something is released today, there is no guarantee it will be good three months from now. In five or 10 years, things will have stabilized."

The Mondex card was the subject of rumors earlier this month that it had been successfully hacked, following a presentation at the Eurocrypt cryptography conference this summer. The Eurocrypt presentation showed that the surface wiring of a silicon chip, which was not identified by name, could be manipulated in a way that allowed access to the information stored inside.

According to a document posted on the Web, Mondex was the subject of the attack described at Eurocrypt. The anonymous posting said an ion beam was used to reconnect a link on the surface of a Mondex chip, letting the memory be output to the card's serial port. Mondex denied the claim Wednesday.

John Beric, head of security at Mondex, said the type of attack described at Eurocrypt had not been state-of-the-art for many years. He added that the Mondex chip design was adapted in 1992 to take into account such an attack. Mondex chips are still tested for attacks such as those described in the anonymous posting, he said.

"No system is perfect. We go on the contingency that something horrible is going to happen, and we have contingency plans so we can tolerate a loss and stem it where we can", Beric said.

Mondex and chip manufacturers argue that the high cost of hacking into a single chip, "a process which requires skill and expensive equipment", means hacking cards is uneconomic, because breaking one chip's security doesn't necessarily breaking into other chips.

"Any chip can be compromised, the question is: How much money does it cost to compromise the chip? The goal is to make the cost of compromising the chip greater than the value of compromising the chip", said Thomas Horton, smart card microchip product manager at Hitachi.

But some academics said the chip industry's cost-benefit argument is flawed.

Hacking, or reconfiguring a chip, "is a routine process", according to John Orloff, a professor at the Laboratory for Ion Beam Research and Applications at the University of Maryland, in College Park.

Orloff said a technician with access to a focused ion-beam machine and intimate knowledge of a chip could "lay down a few microns" and reconstitute something such as a severed link on a chip in just 30 minutes. The machinery to do something like that is not cheap, Orloff said, but it is common in semiconductor labs and universities.

Copyright © 1997 by CMP Media Inc. All Rights Reserved. Reprinted with permission.