Abstract
For economic reasons, in spite of security problems, the commands of re-initializing the card and writing patch code are widely used in smart cards. The current software tester has difficulty in detecting these trapdoor commands by reason that trapdoors are not published and programmed sophisticatedly. Up to now the effective way to detect them is to completely reveal and analyze the entire code of the COS with applications such as the ITSEC. It is, however, very time-consuming and expensive processes. We propose a new approach of detecting trapdoors in smart cards using timing and power analysis. By experiments, this paper shows that this approach is a more practical method than the current methods.
This research was supported by the MIC(Ministry of Information and Communication), Korea, under the ITRC(Information Technology Research Center) support program supervised by the IITA(Institute of Information Technology Assessment).
Chapter PDF
Similar content being viewed by others
References
Trusted Computer Systems Evaluation Criteria, US DoD 5200.28-STD (December 1985)
Information Technology Security Evaluation Criteria, Version 1.2, Office for Official Publications of the European Communities (June 1991)
Common Criteria for Information Technology Security Criteria, Version 2.1 (August 1999)
VISA Corporation, Chip Card: Testing and Approval Requirements Version 7.0, Industry Services (December 2002)
Rankl, W., Effing, W.: Smart Card Handbook, 3rd edn. p. 244, pp.544-546, p.579, p.589. John Wiley & Sons, Ltd, Chichester (2003)
ISO/IEC 7816-3:1997, Identification cards - Integrated circuit(s) cards with contacts - Part 3: Electronic signals and transmission protocols
ISO/IEC 7816-4:1995, Identification cards - Integrated circuit(s) cards with contacts - Part 4: Interindustry commands for interchange
ISO/IEC 14443-3:2001, Identification cards. Contactless integrated circuit(s) cards. Proximity cards. Part 3: Initialization and anticollision
ISO/IEC 14443-4:2001, Identification cards. Contactless integrated circuit(s) cards. Proximity cards. Part 4: Transmission protocol
Kocher, P.: Timing Attacks on Implementation of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 IFIP International Federation for Information Processing
About this paper
Cite this paper
Lee, J.Y., Jung, S.W., Lim, J. (2005). Detecting Trapdoors in Smart Cards Using Timing and Power Analysis. In: Khendek, F., Dssouli, R. (eds) Testing of Communicating Systems. TestCom 2005. Lecture Notes in Computer Science, vol 3502. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11430230_19
Download citation
DOI: https://doi.org/10.1007/11430230_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-26054-7
Online ISBN: 978-3-540-32076-0
eBook Packages: Computer ScienceComputer Science (R0)