Attack of the [phone] clones (fwd: The Register)

ukcrypto ukcrypto at ttfn35.freeserve.co.uk
Thu, 9 May 2002 17:27:44 +0000 (GMT) 

   The Register

   Attack of the clones

   By John Leyden

   Posted: 09/05/2002 at 13:05 GMT

   Hackers can clone mobile phone SIM cards in minutes, and make calls at
   their victims' expense.

   In  theory,  at  any  rate:  IBM researchers have uncovered a process,
   dubbed  partitioning  attacks,  which lets crackers extract secret key
   information  from SIM cards by monitoring side-channels, such as power
   consumption and electromagnetic emanations.
   This is much easier than breaking the cryptographic algorithms used by
   the  card  or  using  intrusive  attacks  to  extract the key from the
   microchip.  According  to  IBM,  key  information  can be extracted in
   minutes  using  partitioning  attacks - against hours needed for older
   attacks.

   Codebreaker

   Some  information  about the internal working of computing devices can
   be  derived  by  looking  at  power  consumption  and  electromagnetic
   emanations. This is well known.
   Many chip cards which perform cryptographic algorithms are designed to
   resist  such  information  leakage.  SIM  cards  deployed  in many GSM
   networks  use  the COMP128 cryptographic algorithms or its derivatives
   for   user   identification   and  for  achieving  communications  and
   transaction security.

   The  IBM  Research  team  discovered  a new way to quickly extract the
   COMP128  keys  in  SIM  cards  using  side channels - despite existing
   protections.  The  COMP128  algorithm  requires  the  lookup  of large
   tables,  which is achieved only in a complicated way on simple devices
   (such as SIM cards leaking a lot of sensitive information).
   The  attack  is  accomplished  easily  by  making the card perform the
   algorithm just seven times with the unknown key, IBM researchers say.
   To  combat  this,  IBM  has  designed a way of protecting table lookup
   operations from side channel attacks.

   IBM  say  this  is  easy  to  implement in cell phones as the proposed
   technique uses little RAM for the ancillary table.
   Cell  phone  users can also protect themselves against such attacks by
   taking  precautions such as: not lending their phones to strangers; or
   leaving them unattended.

   A  technical  paper  on  IBM's  work,  Partitioning Attacks: Or how to
   rapidly clone some GSM cards, by Josyula R Rao, Pankaj Rohatgi, Helmut
   Scherzer  and  Stefan Tinguely will be presented at the IEEE Symposium
   on Security and Privacy, in Oakland, California next week. ®

			http://www.theregister.co.uk/content/59/25216.html



PS. Sorry for not replying sooner, but thank you all for your comments
regarding my previous posting.