Security issues and organization of smart card protection

Smart cards are a rapidly developing field of information technology, which has its own security problems. Let’s first look at the security issues that are common to both contact and contactless smart cards. With regard to smart card technologies, there are currently three main areas for which you can specify typical attacks and appropriate counter-measures:

  1. The main component of a smart card is a silicon chip, which is an embedded piece of hardware. Accordingly, when evaluating the security of a smart card, a deliberate or unintentional attack of any kind on the hardware must be taken into account;
  2. The operating system and software levels in the microprocessor may be of interest to the hacker. These components should be protected by existing mechanisms;
  3. the application layer of systems with smart cards is the subject of close attention of intruders. To ensure the security of application systems using smart cards, it is necessary to rationally use modern methods and means of information protection, paying special attention to cryptographic means.

Effective protection of smart cards can be provided only by using a set of modern methods, measures and means of protection at all phases of the smart card life cycle. The purpose of physical protection is to prevent attempts to directly extract or modify the information of the smart card’s microprocessor (MP) by bypassing the provided interface. So, this month, our company put into commercial operation an employee identification system based on individual smart access cards for the company “Promresurs Service”, which offers a wide range of rubber technical products, and special attention was paid to data protection tools on smart cards.

There are two main strategies for extracting information:

  1. direct removal of information from the crystal surface;
  2. intentionally caused failures, that is, the input of the MP in an abnormal mode of operation by external influences.

Direct removal of information from the crystal can be performed using methods used in the semiconductor industry to analyze the functioning of solid-state integrated circuits. The most valuable information for the intruder is contained in the non-volatile electrically erasable memory of the MP (ESP memory), and it is the most likely object of attack. However, the executable code stored in the ROM is also of interest, since it is quite difficult to analyze the dump taken from the EEPROM without it. Another possible scenario is the tracing of information on the internal trunk, on the internal registers or interfaces of the arithmetic logic device (ALU), etc. directly during the operation of the MP and the subsequent analysis of the trace. Special attention should be paid here to the internal control contact pads and similar “windows” usually left by developers.

Main counteraction measures:

  1. Developers of microcomputers (MC) must consciously ensure that it is impossible to analyze the operation of their own product by bypassing the standard software interface. The search and correction of errors that are unavoidable in the development process should be carried out using machine modeling or the production of test, more “open” crystals.
  2. The rejection of the crystals on the plate must be carried out by the internal self-test module. In fact, the crystal itself must make a decision about its own suitability or unfitness.
  3. Measures should be taken to make it difficult to remove information from various types of memory blocks. For example, physically storing information floating gates of the EEPROM, available for studying the charge relief, must be either removed deep under the surface, or closed from above with a second layer of metallization, etc.
  4. It is desirable to make it as difficult as possible to compare the physical location of the storage elements with their logical order, in other words, to avoid a clear connection of addresses with coordinates on the surface. The same applies to stored data – the real picture of the state of cells in storage devices does not have to correspond to the data from the point of view of the processor. Hardware or software encryption of data can be used for the duration of its storage in the EEPROM.
  5. It is necessary to take measures against removing information from the crystal “on the fly”. In particular, it should be prohibited to operate at a frequency below a certain, sufficiently high threshold. This can also include transparent encryption of data on highways for the program.
  6. You can use autopsy sensors, such as sensors that detect external light.
  7. To complicate the work of the violator, you can try to confuse the topology, introduce hidden and imaginary topological elements, apply custom command codes and other similar measures.
  8. Sophisticated programming techniques may be used to make it difficult to understand the OS code, such as the use of side effects of commands, etc.Administrative measures must be taken to ensure the confidentiality of design documentation, permanent storage dump, photo templates, and other critical information.

Another method of unauthorized access to information can be deliberately caused failures of the MP, in which there is a possibility of issuing closed information to the MP, allowing normally prohibited operations and other deviations, possibly in a favorable direction for the violator. For example, there are methods for cryptographic analysis of ciphers by inducing random failures in one bit of intermediate data for each encryption. A series of such studies of a single data block is carried out, as a result of which the key is revealed.

The methods of creating failures include the effect on the circuit through the supply voltage supplied from the outside, the clock frequency, the reset signal, the increase or decrease in the temperature of the crystal, or the effect of ionizing radiation. Counteraction measures:

  1. External signals that ensure the operation of the MP (power, clock frequency, etc.) should not be considered as something unshakable, which can be relied on, but as analyzed external influences, for which arbitrary values are provided. Despite the fact that the standards governing the use of smart cards set very specific values and methods for sending external signals, the response of the MP to certain spikes on the reset line and similar abnormal situations should be predictable. A sensor system should be provided to assess the impact. If there is a threat of a failure, it should be pre-empted, for example, by a regular restart.
  2. In microcontrollers, there should be no uncertainty when applying power without resetting. There should be no loss of control during any start sequence.
  3. The MC must have temperature range sensors and radiation exposure sensors. In general, any impacts that may affect the operation of the MP should be pre-empted as much as possible.
  4. The control program of the MC must contain elements of self-control of the crystal (checking checksums, running the control sequence of commands, testing the main blocks), as well as recovery tools after an unexpected “cold reboot”.

Of course, the listed set of security measures bypassing the standard interface is not exhaustive. It is hardly possible to completely protect the crystal from hacking. The task is to make it as difficult as possible for the violator to work and eventually bring his costs of effort and resources to the level where they will no longer pay off.