ECE 4112 Smart Card Security Nicholas Dorsey Steven

ECE 4112 Smart Card Security Nicholas Dorsey Steven Hurst April 28 2005

Smart Cards and Networks • What do smart cards have to do with networks? • Does small = Secure? • The focus of our presentation is on the TI TMS 370 smart card that was previously used in pay TV system.

History Of Hacking Smart Cards • Sinception all US pay TV smart cards have been hacked • Early 1990’s smart cards made their way into pay TV systems, only to be hacked months later. • Each generation of smart card has had increased security features. • With each enhancement to security, more robust hacks have been developed. • Early hacks made use of “write-holes”. • More modern hacks make use of buffer overflow style attacks.

Methods of Attacking Smart Cards • Microprobing -Physically attack the microprocessor to facilitate a dump of its contents -Expensive -Requires skill and expensive equipment -Destructive • Glitching -Use a device to manipulate the clock speed and voltage to dump the contents of the card. -Devices are cheap (around $50) -May be destructive, and very time consuming • Buy trade secrets from developers of the technology

Glitching Attacks • Clock Bursts -Momentary, rapid increase in clock frequency -Causes instructions to be skipped, because execution routine does not have enough time to finish when the new clock cycle occurs. • Voltage Glitch -Momentary drop in voltage from about 4. 5 V to. 5 V -Causes instructions to be decoded incorrectly • These attacks can occur at the same time

Devices used to Attack Smart Cards • Called by several names (unloopers, glitchers, card readers) • Originally developed to repair corrupted EPROMs • In the early 1990 s Directv® sent an update to all the smart cards. This caused most hacked cards to enter into an infinite loop on startup. • The intention was to end smart card hacking for good by destroying the cards used by hackers. • The result was a hacking revolution • Two foreign groups emerged with devices to repair the cards called unloopers. Fast Eddie (Dean Love) and Vo. N (Chris Tarnovsky)

Devices Contd • The loop was similar to the following Code: 8000: jump $8005 …. 8005: jump $8000 …. . more code The unloopers applied a glitch at address 8005 causing the jump instruction to be skipped, or interpreted as a NOP.

Devices • The sale of these devices would fund satellite hacking for the next decade • As time went on the devices became more precise, and eventually became stand alone devices. • Today most glitchers use an Atmel AT 90 s 2313 AVR to control the clock and voltage glitches. • Newest generation of smart cards are not susceptible to clock and voltage glitches (directly).

How to go from Access to A Hack • Dump the card • Disassemble ROM and EPROM routines • Find code in EPROM that can be modified to give access to what you want • If pay TV hack, prevent hashing

Pay TV Hacks • Two types • Activation -cloning your neighbors card to watch TV for free • 3 Ms -one for all and all for one -modify code in the EPROM to enable all channels

What is Hashing • Some smart cards have routines that execute programs (hashes) from the data stream. • Hashes calculate a checksum of the EPROM and use this checksum as part of video decryption • New video packets are sent about every 8 sec • If the correct signature is not calculated, then the video cannot be decrypted • Anyone have any idea how to defeat a Hash?

What you will do in lab • Use a smart card programmer to passively get data from a smart card • Use glitching features to forcefully gain access to EPROM data • Use glitching features to repair corrupted Eprom data • Explore different utilities that do the above tasks. (Xtreme. HU and Win. Explorer)

News Flash Has the latest security card in use by Directv® been hacked?

References • www. interesting-devices. com • Excellent source for History and ongoing advances in smart card technology.