4

I recently read some articles on EMV and the various ways in which it has been improved over the years. I then read this which shows that it has been possible for some time to exploit EMV via a man in the middle attack. In reading up on how that attack worked (and watching the YouTube video), I heard that it's not possible to copy an EMV chip.

Now I'm not an engineer by any stretch of the imagination, but I really don't understand how someone can be so sure that it's not possible to copy a chip? I mean it's a chip, it's there on my card for all of the world to see... I'm not debating the merits of doing this at all, my interest was peaked at the fact that people claim that a little bit of metal cannot be copied...

If you answer this by saying, it can/can't be copied please provide some references, as I'm looking to further my understanding of how this 'miracle' of modern day security really works! :)

Also, I have Googled my ass off trying to find more information, I even read the EMV 4.2 specification, but there is nothing which explains WHY it is truly secure.

I've tried to tag this question as best as possible, but I don't know enough about the topic to find all of the right tags... Anyway, please provide me with any insight you might have :-)

Gilles 'SO- stop being evil'
  • 50,912
  • 13
  • 120
  • 179
Faraday
  • 143
  • 4

1 Answers1

7

EMV is a communication protocol, and by implication it specifies what data must be stored on the credit/debt card. It doesn't specify what technical measures protect the card as a physical device. EMV is irrelevant to your question.

To understand why a chip isn't so easy to duplicate, read about the physical security of smart cards. There isn't much public literature on the subject, both because it's somewhat of a specialty topic and because some of the techniques are unpublished.

There is a good treatment of smart card security in Security Engineering by Ross Anderson, §14.16.2 in the chapter on physical tamper resistance (§16.6.3 in the second edition).

Cloning a circuit is not easy in the first place: you need some moderately expensive laboratory equipment. Smart cards are designed so that you can't extract their data from just connecting to their designated input/output ports: you have to reach inside the package. Tamper-resistance techniques, which you'll find at least in the more expensive smartcards (the ones used for credit cards tend to be more secure than more basic uses such as building access badges):

  • Random glue logic: randomizing the physical layout and adding extra circuits that don't contribute to the logic, to make reverse engineering the circuits harder.
  • Packaging made of chemical susbtances that cannot easily be peeled off, the idea being that stripping off the packaging is likely to damage the chip as well.
  • Self-tests in software that disable the card if something unexpected happens, which makes active attacks (that perturb the execution) harder to pull off.

The equipment cost for a bench to run active physical attacks on a smartcard ranges from $10K for a basic probing station (capable of probing the less resistant models) to “a year's delay, a budget of over a million dollar, and no certainty of success” (cost estimates by Ross Anderson).

Physical tamper resistance is usually not the weakest link in the chain. A lot of attacks are of one of two kinds:

  • Combined logical and physical attacks: observe the behavior of the chip in certain conditions. For example, measure the timing, the power consumption (including DPA) and the electromagnetic radiation emitted by the card. These are side channel attacks, often combined with execution perturbation (observe the chip while under unusual conditions such as extreme temperature, or bounce a laser to cause abnormal execution).
    Countermeasures involve a combination of hardware and software. For example, cryptographic primitives are implemented in such a way that the power consumption profile of a cryptographic primitive does not depend on the key. The code contains self-check that abort the execution or return safe wrong results (denying the transaction) or even mute the card if the hardware is not behaving as it should.
  • Attacks on protocols, not on the card itself. The attacks on EMV published by Anderson and others are of this kind.
Gilles 'SO- stop being evil'
  • 50,912
  • 13
  • 120
  • 179
  • that's very interesting. I still don't fully understand WHY it cannot be done, but that's just because I haven't read through your links just yet... In my mind, if you have access to the contact plate of the chip which can spit out information to a reader and program which spits out the data to the reader has access to the 'hidden' data, then it makes sense to me that from the contact plate you can access the underlying data! I'm going to read up more and more on this topic and try to further my understanding. I mean if I can make it more secure EMV must be willing to pay me! ;-) – Faraday Jun 13 '12 at 19:03
  • 1
    @Vijay It's not impossible, just very expensive. The chip has no apparent contact plate where you can read the memory: you have to find the memory circuits first, by peeling off the rest. The circuit design might make it months of work just to locate the memory. You also have to pierce any protective coating without damaging the electronics inside. – Gilles 'SO- stop being evil' Jun 13 '12 at 19:12
  • thanks for the clarification. As I said, I'm going to have a play, then try to figure out how to get in touch with EMV (any of the three would do ;-) to collect my reward! lol – Faraday Jun 13 '12 at 19:24
  • +1 for a superb answer. Vijay - Ross's team are probably the world leaders in this field (excluding government agencies) and even the hardware they have doesn't make it easy. Sometimes they need to infer circuitry from current draw under particular circumstances etc. – Rory Alsop Jun 14 '12 at 11:40
  • One clarification: A smartcard doesn't store "data". It is a small computer that communicates using a defined protocol with another computer. There are secret keys on this computer in the card, which are **never** sent to anyone. They are used to sign/encrypt data, but the key is never sent. – Josef Oct 11 '16 at 09:31
  • 1
    @Josef A smartcard *does* store data: it's a computer with persistent storage. It doesn't *only* store data, it also performs computation on that data, that's why getting the good stuff isn't just a matter of sending a “read data” command — you can only send commands like “validate this PIN (and after three failed tries the card goes mute)”. – Gilles 'SO- stop being evil' Oct 11 '16 at 11:02
  • @Gilles that's exactly what I meant. But many people know magnet stripe cards, which have just data stored on them and assume that a chip card is the same, just with the data on a "chip" and not a magnet stripe. – Josef Oct 11 '16 at 11:19