Bellcore: Crypto keys on smart cards at risk

Investigators at network research company Bell Communications Research Inc. (Bellcore) Morristown N.J. have posited that cryptographic keys used to secure data on smart cards could be cracked if a hacker could induce a card's microprocessor to make errors in computation. But some industry executives said the finding may not affect the adoption of smart cards in the federal sector.

According to a theoretical threat model developed by Bellcore information encrypted on smart cards using public keys including the algorithm developed by RSA Data Security Inc. could be vulnerable if a card is tampered with and the mathematical basis for its encryption keys deciphered. Bill Barr executive director of information networking with Bellcore said the company is researching whether its theory translates into any real physical threats to smart cards or other secure tokens such as PC Cards.

Other industry sources have dismissed Bellcore's finding as hypothetical and said that even if the theory holds it's unlikely to set back federal agency plans to use smart cards in a host of public and internal government applications. Last week's CardTech SecurTech '96 Government conference in Washington D.C. provided a showcase for potential federal smart- card applications. The Bellcore report was a topic of discussion at the conference.

Although a selling point for smart cards has been that they are supposedly tamperproof Gerald Hubbard a marketing executive with Micro Card Technologies said his firm produces "millions of cards a year and they are always under attack. We're developing a new security architecture to counter these types of attacks."

John Moore a Financial Management Services computer specialist who heads the Federal Smart Card Users Group said officials would have to study the model "in conjunction with the entire security infrastructure" to determine if it is something federal users need to worry about.

"We don't depend entirely on the encryption " he said. "We have other measures" for securing systems.According to the model cards can be placed under physical stress such as heat radiation incorrect voltage or unusual clock speeds to induce processors to make invalid calculations.

If these miscalculations could be made to occur while the card is processing security-related information someone could compare them against the correct calculations to deduce the encryption keys used by the card.

A fact sheet published by Bellcore said smart cards would be easier to compromise than larger systems because they are small and portable.

Barr said that whether such an attack would be a threat to a specific smart card application would depend on the environment in which the cards are used and what other security mechanisms are in place.

The model was tested on three public key encryption schemes: RSA Rabin's Signature Scheme and the Fiat-Shamir Identification Scheme. Barr said the model does not apply to encryption schemes that use only private keys such as the Data Encryption Standard which are still the most widely used cryptographic methods applied to smart cards.

The General Services Administration is developing a security infrastructure for the government based upon public key cryptography. Phil Mellinger chief engineer with the Federal Security Infrastructure Program said the system is being based upon commercially available cryptography but is designed to be "token independent" to guard against faults in one or another type of hardware.

Mellinger said he wasn't aware of the Bellcore announcement which was made late last month. But in a presentation last week about the project at last week's conference he noted that all types of cryptographic tokens and software have some deficiencies.

Lynn McNulty a computer security consultant and president of McNulty and Associates said the issues raised by Bellcore are "obviously something people will have to take into account " adding that agencies "can't place total reliance on a piece of hardware."

Kurt Stammberger director of technology marketing with RSA rejected the Bellcore announcement as a "publicity stunt" to advertise the company's security testing services and said the theory had no bearing on the strength of RSA's algorithm.

Bellcore's Barr responded that the findings came out of the firm's "normal cryptographic research program" and that its "goal is to make systems more secure.