Smartcard flaw opens door to identity theft

The Government may be forced to rethink its plans to introduce a national identity smartcard after scientists revealed details of...

The Government may be forced to rethink its plans to introduce a national identity smartcard after scientists revealed details of a low-cost attack that could allow criminals to read and copy confidential data.

Researchers at Cambridge University's computer laboratory have shown that they can extract confidential information, including private encryption keys, from the memories of smartcards, using a £20 camera flash and a laboratory microscope.

Their findings, which they say could pose a big problem for smartcard manufacturers, will raise questions about use of smartcards in security-sensitive applications, such as the transmission of encrypted data, secure access to IT systems, and the Government's proposed national ID card.

Computer Weekly revealed last year that the Home Office has completed feasibility studies into a smartcard passport that would act as a de facto voluntary ID card. The card is likely to contain encoded biometric data, such as fingerprints and retinal scans, to identify the owner.

The European airline industry also has plans to introduce smartcards carrying biometric data to speed airport check-in procedures for frequent flyers and to counter the threat from terrorism.

Simon Moore, one of the Cambridge research team, told Computer Weekly that he was concerned that the Government was failing to address the risks that smartcards would pose to the security and privacy of the public in a national ID card scheme.

"What really concerns me about the ID card proposals is that smartcards will be widely used and easily copied.

"If you can create a fake card, you can create a fake person. If someone copies your smartcard, they become you, and they have access to all sorts of information," he said.

The scientists say that the attack potentially allows cards to be read and copied with such precision that smartcard manufacturers will have to upgrade existing security measures.

The group, led by Ross Anderson, has withheld publication of its findings for a year, to give it time to develop counter-measures which smartcard manufacturers could incorporate into future designs.

The weakness came to light when Russian postgraduate student Sergei Skorobogatov noticed that a chip he examined under a microscope stopped working when the microscope's light was turned on.

Using a second-hand camera flash, he discovered that he could set individual bits of the SRam memory in a smartcard to a zero or a one. By observing the response on the chip, it was possible to deduce the original contents of the memory.

"The immediate effect of this work is that many attacks on computer systems that were developed as theoretical possibilities by the research community in the 1990s have suddenly become practical," said Anderson.

Simple shielding will not protect a smartcard from attack, the group said. It is developing a new circuitry design and other counter-measures.

Read more on IT risk management