Tamper resistance: a cautionary note

An increasing number of systems from pay-TV to electronic purses, rely on the tamper resistance of smartcards and other security processors. We describe a number of attacks on such systems -- some old, some new and some that are simply little known outside the chip testing community. We conclude that trusting tamper resistance is problematic; smartcards are broken routinely, and even a device that was described by a government signals agency as 'the most secure processor generally available' turns out to be vulnerable. Designers of secure systems should consider the consequences with care.

[1]  Bruce Schneier,et al.  Applied cryptography : protocols, algorithms, and source codein C , 1996 .

[2]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[3]  Bruce Schneier,et al.  Applied cryptography (2nd ed.): protocols, algorithms, and source code in C , 1995 .

[4]  Gustavus J. Simmons,et al.  Subliminal channels; past and present , 2010, Eur. Trans. Telecommun..

[5]  Ross J. Anderson Crypto in Europe - Markets, Law and Policy , 1995, Cryptography: Policy and Algorithms.

[6]  J. M. Wisenfeld Electro-optic sampling of high-speed devices and integrated circuits , 1990 .

[7]  A. J. Linenthal,et al.  Past and present. , 1987, The Pharos of Alpha Omega Alpha-Honor Medical Society. Alpha Omega Alpha.

[8]  Beatrice Fraboni,et al.  Layout reconstruction of complex silicon chips , 1993 .

[9]  Steve H. Weingart Physical Security for the μABYSS System , 1987, 1987 IEEE Symposium on Security and Privacy.

[10]  Steve R. White,et al.  ABYSS: ATrusted Architecture for Software Protection , 1987, 1987 IEEE Symposium on Security and Privacy.

[11]  Peter Gutmann,et al.  Secure deletion of data from magnetic and solid-state memory , 1996 .

[12]  K. Gordon,et al.  Conducting filament of the programmed metal electrode amorphous silicon antifuse , 1993, Proceedings of IEEE International Electron Devices Meeting.

[13]  Ross J. Anderson,et al.  On the Reliability of Electronic Payment Systems , 1996, IEEE Trans. Software Eng..

[14]  Ross J. Anderson Liability and Computer Security: Nine Principles , 1994, ESORICS.

[15]  Dennis G. Abraham,et al.  Transaction Security System , 1991, IBM Syst. J..

[16]  Ernst Bovelander,et al.  Smartcards and biometrics: an overview☆ , 1995 .

[17]  Ross J. Anderson,et al.  Programming Satan's Computer , 1995, Computer Science Today.

[18]  Ross J. Anderson,et al.  Robustness Principles for Public Key Protocols , 1995, CRYPTO.

[19]  Ross J. Anderson Why cryptosystems fail , 1994, CACM.

[20]  Matt Blaze,et al.  Protocol failure in the escrowed encryption standard , 1994, CCS '94.