Some two million new smartcards are rolled out every month, so the encrypted personal data that people store on these cards must be safe. Yet the security threat is growing, as the electronic devices capable of breaking the card codes become cheaper and more powerful.
“It takes little more than an oscilloscope and a standard PC to mount a digital attack on an unprotected smartcard,” says Klaus-Michael Koch. He is coordinator of the IST project SCARD, which aims to increase the security of chips on smart cards.
With equipment like this and some know-how, attackers can expose the content that a smart card is supposed to protect. Using techniques such as side-channel analysis (SCA), they can reveal part of a secret key, notably by examining a chip’s power leakage as it performs computations or by scrutinising its thermal or electromagnetic radiation. If the card’s owner is the attacker, he or she could upload money to an electronic purse, access a satellite TV system for free or claim to be someone else.
Under SCARD, the partners put together a ‘design flow’ that allows semi-automatic implementation of countermeasures. The design flow is the digital design of a chip – the specifications, modelling of performance, algorithms and functionality up until the stage when the chip developer can start the synthesizer and compiler. Typically, this design process is costly and may take several years.
In-chip countermeasures must be included during the design period. They cannot be simulated, so developers must experiment with the shielding of a card’s chip to limit temperature and voltage variations, or they must laboriously place transistors on it by hand.
For the hardware security issue, the partners developed prototypes of a design flow and carried out chip testing. They also paved the way for an automatic chip design process which would allow other companies to develop new and more secure chips.
“We succeeded in making the hardware more secure against side-channel analysis (SCA),” says Koch. “The chip we built was used to deduce the measurability limits, enabling us to assess the sort of countermeasures necessary against differential power attacks.”
To tackle leaky circuits, the SCARD partners developed two main countermeasures. The first introduces circuits with constant power consumption, irrespective of the tasks being performed. Says Koch, “Each clock cycle has the same energy. But these circuits must be perfectly executed, since even a three or four percent difference in energy can be seen.” The second involves adding random values to the chip, masking the circuit’s real values. Noise could also be added, though this is not currently feasible in smartcards due to energy-loss restrictions.
They have also developed an eight-bit test chip, featuring both unprotected and protected versions of the same circuit. The chip includes a microcontroller, is fully programmable and has reduced leakage. It is also capable of resisting over 500,000 attempted measurements, as opposed to the 15,000-measurement threshold for an unprotected chip. As a result, researchers can for the first time directly compare the effect of certain countermeasures on unprotected or protected versions of the same circuit.
“Our new chip is not one hundred percent secure,” acknowledges Koch. “However, it is far more difficult to crack than existing unprotected versions and represents a quantum leap forward in security.”
The new chip was produced using the project’s own design flow, taking just one year from specification to production. “We demonstrated that our chip design flow – our set of tools and methods – really works,” he notes.
Two partners, Institut für Angewandte Informationsverarbeitung und Kommunikationstechnologie (IAIK, Austria) and Infineon, have applied for international patents stemming from their project work. These include countermeasures with new secure logic styles that cover innovative transistor circuits. Some of the countermeasure technology developed is also being used in IAIK’s security crypto-modules.
The project results are now being disseminated through teaching – since some of the project partners are universities or technical small and medium-sized enterprises.
Source: Based on information from SCARD
Jernett Karensen | alfa
Powerful IT security for the car of the future – research alliance develops new approaches
25.05.2018 | Universität Ulm
Supercomputing the emergence of material behavior
18.05.2018 | University of Texas at Austin, Texas Advanced Computing Center
The more electronics steer, accelerate and brake cars, the more important it is to protect them against cyber-attacks. That is why 15 partners from industry and academia will work together over the next three years on new approaches to IT security in self-driving cars. The joint project goes by the name Security For Connected, Autonomous Cars (SecForCARs) and has funding of €7.2 million from the German Federal Ministry of Education and Research. Infineon is leading the project.
Vehicles already offer diverse communication interfaces and more and more automated functions, such as distance and lane-keeping assist systems. At the same...
A research team led by physicists at the Technical University of Munich (TUM) has developed molecular nanoswitches that can be toggled between two structurally different states using an applied voltage. They can serve as the basis for a pioneering class of devices that could replace silicon-based components with organic molecules.
The development of new electronic technologies drives the incessant reduction of functional component sizes. In the context of an international collaborative...
At the LASYS 2018, from June 5th to 7th, the Laser Zentrum Hannover e.V. (LZH) will be showcasing processes for the laser material processing of tomorrow in hall 4 at stand 4E75. With blown bomb shells the LZH will present first results of a research project on civil security.
At this year's LASYS, the LZH will exhibit light-based processes such as cutting, welding, ablation and structuring as well as additive manufacturing for...
There are videos on the internet that can make one marvel at technology. For example, a smartphone is casually bent around the arm or a thin-film display is rolled in all directions and with almost every diameter. From the user's point of view, this looks fantastic. From a professional point of view, however, the question arises: Is that already possible?
At Display Week 2018, scientists from the Fraunhofer Institute for Applied Polymer Research IAP will be demonstrating today’s technological possibilities and...
So-called quantum many-body scars allow quantum systems to stay out of equilibrium much longer, explaining experiment | Study published in Nature Physics
Recently, researchers from Harvard and MIT succeeded in trapping a record 53 atoms and individually controlling their quantum state, realizing what is called a...
25.05.2018 | Event News
02.05.2018 | Event News
13.04.2018 | Event News
25.05.2018 | Event News
25.05.2018 | Machine Engineering
25.05.2018 | Life Sciences