I recently read the following sentence in an email and was alarmed: "Hackers can extract cryptographic keys from smart-card enabled credit cards and payment devices by monitoring the card's power consumption while in use." It turns out that this vulnerability was discovered in the mid-1990s. "There are elements of it that have been reasonably well solved by the payments industry and there are elements where the story is not yet finished," says Benjamin Jun, vice president of technology at Cryptography Research, which originally discovered the power-based fraud, which is technically known as DPA, for Differential Power Analysis. Jun spoke to Bank Systems & Technology this afternoon in a phone interview.There are phones and cards still out there from which a criminal can extract a password by measuring power emissions, according to Jun. "If you measure the amount of power consumed by a computing device while it's operating, the power consumption of that device is going to be correlated to what that device is doing," he says. "On an elementary level, this is obvious: a laptop runs out of batteries faster when you're using it more. But by taking power measurements using very simple equipment, you can plot the amount of power consumed while the device is operating in a graph similar to an EKG. By measuring that heartbeat, we were able to run simple statistics and extract the keys that were being used by the device." With keys in hand, fraudsters could bypass the entire security of a card or phone.
Taking the power measurements is easier than it sounds. Smart cards typically have several gold pads on them, one of which is a power pad. "You interrupt the power and you can go in and put in power meter," Jun says. Getting high resolution measurements from a payment terminal or smart phone generally involves opening the device up or taking measurements using radio frequency emissions. "Both of those techniques are very repeatable and even if the data you collect isn't perfect, you can compensate for it with your math," Jun points out. A few thousand papers have been published about this type of attack, he says.
However, the payment card industry has done a good job of trying to make sure that their devices are safe, Jun says. "This year, there are about 4.5 billion cards that ship annually that use countermeasures against these kinds of attacks," he explains. Such countermeasures include adding noise to the cryptographic keys, making them more difficult to read, and using randomness in the computation.
To bankers thinking of experimenting with mobile payments or smart cards, "One of the things to be very careful with is any time you take an existing piece of infrastructure designed for one purpose and try to use it for something else, you must be aware of where security might be jeopardized," Jun cautions. He advises bankers to make sure the way a new platform has been validated or certified is comparable to the most mature platforms that exist today. "There are pilot programs involving e-payments that don't have the full set of security protocol review, and there are also questions about the underlying hardware itself. There's hardware out there being used that is leakier than it should be in terms of DPA. The appropriate questions need to be asked before someone greenlights something beyond a pilot."
A series of common criteria protection profiles are helpful, Jun says. When vendors have certified that their devices match these profiles, that can give a customer some assurance that they're safe. The products should be certified by testing labs, he says and bankers should also ask about differential power analysis.