Fwd: Security Theater Seminar - Sunday 10.3.13 at 14:00 (room 146): Milking the Digital Cash Cow - Extracting Secret Keys of Contactless Smartcards
21 views
Skip to first unread message
Yossi Oren
Mar 5, 2013, 10:31:31 AM3/5/13
to security-theater-announcements
Sunday, 10 March 2013, at 14:00
Room 146, Labs Build.
Title: Milking the Digital Cash Cow - Extracting Secret Keys of Contactless
Smartcards
Abstract:
Contactless smartcards have become widespread for applications such as
ticketing, access control, identification and payments. Side-channel
analysis (SCA) is a powerful type of passive implementation attack that
enables to extract the secret keys of cryptographic devices. At the example
of NXP's Mifare DESfire MF3ICD40 smartcards we demonstrate that SCA attacks
can be applied to cryptographic RFID devices: By exploiting the
electro-magnetic information leakage of the cards, its cryptographic keys
are revealed.
We introduce our open-source tools for analyzing contactless smartcards,
i.e., an ISO 14443 RFID reader (http://sourceforge.net/projects/reader14443)
and the card emulator Chameleon
(http://sourceforge.net/projects/chameleon14443). We then present the
probably worst realization of a commercial contactless payment system ever
and detail on various real-world attacks on this widespread (in Germany)
system, e.g., how to 'milk the digital cash cow' by modifying the credit
balance and convert zeros and ones into real money.
The content of the talk is joint work with Ingo von Maurich, David Oswald
and Christof Paar.
Speaker Bio:
Timo Kasper studied electrical engineering and information technology at the
Ruhr-University Bochum and at the University of Sheffield, UK. In 2006, his
Diploma thesis "Embedded Security Analysis of RFID Devices" won the first
place award for IT security (CAST, Darmstadt). Timo Kasper has been research
assistant at the Chair for Embedded Security of the Horst Görtz Institute
for IT Security (HGI) since October 2006. He completed his studies 2011 with
a PhD in Engineering. In 2012, his PhD thesis "Security Analysis of
Pervasive Wireless Devices - Physical and Protocol Attacks in Practice" won
the first place award for IT security (CAST, Darmstadt). Timo is co-founder
of Kasper & Oswald GmbH offering innovative products and services for
security engineering.
His field of research covers the security of embedded cryptographic systems
such as smartcards, microcontrollers, and FPGAs, with a focus on RFID and
wireless applications. Timo Kasper has experience with security analyses and
penetration testing, implementation attacks (side-channel analysis, fault
injection), reverse engineering, and system-level approaches such as
man-in-the-middle attacks. He is skilled in implementing cryptography on
embedded systems and efficiently securing them with countermeasures. His
publications demonstrate various security vulnerabilites of real-world
applications, e.g., by breaking an access control system (KeeLoq, Crypto
2008), a payment system (Financial Crypto 2010), and the security mechanism
of widespread FPGAs (ACM CCS 2011).
Recorded at the 29th Chaos Communication Congress (29c3), 27.12.2012,
Hamburg Germany.
http://events.ccc.de/congress/2012/Fahrplan/events/5393.en.html
Room 146, Labs Build.
Title: Milking the Digital Cash Cow - Extracting Secret Keys of Contactless
Smartcards
Abstract:
Contactless smartcards have become widespread for applications such as
ticketing, access control, identification and payments. Side-channel
analysis (SCA) is a powerful type of passive implementation attack that
enables to extract the secret keys of cryptographic devices. At the example
of NXP's Mifare DESfire MF3ICD40 smartcards we demonstrate that SCA attacks
can be applied to cryptographic RFID devices: By exploiting the
electro-magnetic information leakage of the cards, its cryptographic keys
are revealed.
We introduce our open-source tools for analyzing contactless smartcards,
i.e., an ISO 14443 RFID reader (http://sourceforge.net/projects/reader14443)
and the card emulator Chameleon
(http://sourceforge.net/projects/chameleon14443). We then present the
probably worst realization of a commercial contactless payment system ever
and detail on various real-world attacks on this widespread (in Germany)
system, e.g., how to 'milk the digital cash cow' by modifying the credit
balance and convert zeros and ones into real money.
The content of the talk is joint work with Ingo von Maurich, David Oswald
and Christof Paar.
Speaker Bio:
Timo Kasper studied electrical engineering and information technology at the
Ruhr-University Bochum and at the University of Sheffield, UK. In 2006, his
Diploma thesis "Embedded Security Analysis of RFID Devices" won the first
place award for IT security (CAST, Darmstadt). Timo Kasper has been research
assistant at the Chair for Embedded Security of the Horst Görtz Institute
for IT Security (HGI) since October 2006. He completed his studies 2011 with
a PhD in Engineering. In 2012, his PhD thesis "Security Analysis of
Pervasive Wireless Devices - Physical and Protocol Attacks in Practice" won
the first place award for IT security (CAST, Darmstadt). Timo is co-founder
of Kasper & Oswald GmbH offering innovative products and services for
security engineering.
His field of research covers the security of embedded cryptographic systems
such as smartcards, microcontrollers, and FPGAs, with a focus on RFID and
wireless applications. Timo Kasper has experience with security analyses and
penetration testing, implementation attacks (side-channel analysis, fault
injection), reverse engineering, and system-level approaches such as
man-in-the-middle attacks. He is skilled in implementing cryptography on
embedded systems and efficiently securing them with countermeasures. His
publications demonstrate various security vulnerabilites of real-world
applications, e.g., by breaking an access control system (KeeLoq, Crypto
2008), a payment system (Financial Crypto 2010), and the security mechanism
of widespread FPGAs (ACM CCS 2011).
Recorded at the 29th Chaos Communication Congress (29c3), 27.12.2012,
Hamburg Germany.
http://events.ccc.de/congress/2012/Fahrplan/events/5393.en.html
Reply all
Reply to author
Forward
0 new messages