Dumb Smart Cards fail as e-Cash

An e-Cash (well, sort of) system used for parking payments in San Francisco and other US cities has been analysed and broken. It uses chip cards, but the chip cards do not authenticate themselves and therefore are pretty useless. This particular attack would have been impossible if the chip cards were authenticated properly.

It is a nice example for a scalable attack: If the security has been broken for one parking meter it is broken for all of them. This is a design error in a security application.

On a sidenote, in Germany and many other countries there is an e-Cash system which does not have these problems, it is called 'Geldkarte' (moneycard).

Tempest Reloaded

Italian hackers found out that key presses on PS/2 keyboards can be sniffed out by measuring traces of the signals on the neutal line of the power supply of the computer they are connected to.

However, ATMs used where I live have a secure pinpad which also encrypts the PIN before it is sent to the bank for checking. I find it hard to believe that such a device leaks out the PIN so easily. A quick google query shows that there are such and such keyboards. Please note that the ones with PS/2 seem to lack VISA approval.

Massive Credit Card Data Theft

Credit card data of more than half a million people have been stolen. I don't think that such events can be avoided unless the architecture of web servers is fundamentally changed to make them more error-resilient.

SWIFT

As many news outlets report, the European Commision starts negotiations with the USA about sharing financial data from SWIFT transactions with the USA.

Once the data are in USA it will be quite hard to ensure that the data are only used as intended. The security of these data does not only depend on the present US government, but only on all future governments.

This underlines and old and wellknown rule of data security: Mimimize the amount of data given at any time. Applied to this case, give SWIFT as few as possible.

iPhones' Hardware encryption without Key Management

Jonathan Zdziarski claims that the "hardware encryption" of the new iPhone 3Gs can be bypassed by removing the PIN that somehow manages said hardware encryption.

I don't know how this is implemented, but given that the iPhone OS is not unbreakable, it seems recommendable to manage the key for that encryption in the hardware encryption device, too.

Anyway, if Jonathan can recover the files without giving the PIN (we have to take his word here, as the clip does not really demonstrate it) something is really wrong there.

German Health Smart Card Troubles

The German health smart card is in trouble. My take on that is: On one hand, there are real issues like terminals being too expensive, on the other hand it looks like the doctors who are supposed to use these cards are a little technophobic.

We learn that if security comes with embracing technology it still hard to achieve wide acceptance, at least in germany.

Signature Software for MacOS with CommonCriteria

Intarsys' signature software for MacOS X has been evaluated by the german ffice for information security with the security level EAL3+. It's good that Mac users get something, now we're looking forward to EAL4+.

CAcert Auditor Resigned

This is a long story. There is a not-for-profit certification authority, CAcert, with the idea to apply the "web of trust" to a public key infrastructure. This is a good idea, as many security issues boil down to getting people's identities and having a large network of assurers checking people's IDs and passports is still at least as good as having a large corporation check that someone has access to somebody's email (and oldstyle-mailbox, if done a little more securely).

However, they want their certificate in the default installation of popular browsers, in particular firefox. This requires a security audit. And this means that they have to have the "Infrastructure" in PKI audited, which is extremely painful and led me to the trigger of this post. Some days ago, their auditor has resigned.

The quick way out of this is to say "PKI is too complex" and send people back to classic web of trust. I don't think so. PKI is worth it's complexity if it comes to longterm operation. I should think of a way to help beyond making an assurance here and there (I'm humble number 1592 on their assurer list).

E-Cash Coming Back?

The European Commission has started an new attempt at introducing electronic money. The organsiatational requirements , in particular initial capital, are reduced "with the objective of removing barriers to market entry". Not much on technology.

Will there be innovative implementations of E-cash? New busines models? Pay-per-view websites? Hmmm....

Webcam Security

A collegue has asked me to make a webcam accessible to his iPhone. Unfortunately, the images from the webcam are displayed by a Java applet, if the browser announces itself as a "mozilla". So I had to take a look at the protocol.

Passwords are sent in cleartext. Upon a successful login the client receives a "key", also in cleartext, which is then used as a directory on the web server. Fortunately, no sensitive data is protected by this mechanism...

Elliptic Curves Tested in Lausanne

Researchers at École Polytechnique Fédérale de Lausanne have cracked a 112 bit encryption based on elliptic curves (more exactly secp112r1) using 700 machine-months of the Sony playstation PS3.

Experiments of this sort are important to judge the security of real-life applications: At the moment elliptic curves betwen 160 and 256 bits are used. As the number of processor cycles required for a brute-force-attack grows exponentially with the number of bits there is quite some headroom left.

Joanna Rutkowska on Processor-Level Security

Tomshardware runs an interview with Joanna Rutkowska on malware targetet against the BIOS and even the processor firmware. The issue here is that the operating system can't defend itself against malware targetting lower layers of the system like the processor firmware. Here Joanna sees a task for the vendors of BIOSes and firmware.