> On page 8 of the New Scientist of 9th November there is a report of two
> Israelis, Eli Biham and Adi Shamir developing a device for breaking most long
> key encryption.
Attacks that involve tampering with cryptographic equipment are a hot topic
at present. Biham and Shamir's attack is elegant but not very practical; it
assumes that you can corrupt key bits without corrupting anything else (such
as software). This is unrealistic in most smart cards.
However there are a number of practical attacks, which you can read about in
www.cl.cam.ac.uk/users/rja14/tamper.html. This paper will come out on the 19th
November at a conference in California, and it will shake up the smart card
industry somewhat. The attacks described in it have enabled my coauthor to
MTV without a subscription. Now why any sane person would want to do that for
more than the time it takes to confirm a successful attack is beyond me, but
with the new government initiative to centralise all government databases and
give everyone access via a smartcard, it might be quite important.
`et ne quis possit emere aut vendere nisi qui habet caracter nomen bestiae aut
numerum nominis eius', if you had a Catholic education :-)
Ross
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|