Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Don't push it: Breaking iButton security

 
: Brandt, C.; Kasper, M.

:

Danger, J.-L.:
Foundations and practice of security. 6th international symposium, FPS 2013 : La Rochelle, France, October 21 - 22, 2013; Revised selected papers
Cham: Springer International Publishing, 2014 (Lecture Notes in Computer Science 8352)
ISBN: 978-3-319-05301-1 (Print)
ISBN: 978-3-319-05302-8 (Online)
S.369-387
International Symposium on Foundations and Practice of Security (FPS) <6, 2013, La Rochelle>
Englisch
Konferenzbeitrag
Fraunhofer SIT ()

Abstract
Maxims iButtons are small portable (steel) tokens that can be attached to objects (e.g., keys, fobs) and are deployed in various applications from access control to devices and buildings to asset management and electronic cash. So far, the security and privacy aspects of iButtons have been widely unexplored. The so-called Secure iButtons are advocated for security critical applications for e.g., micropayment, authentication or feature activation. In this paper we present for the first time a detailed security analysis of the Secure iButtons DS1963S. Although no technical details are publicly available, Secure iButtons have a variety of physical and cryptographic built-in measures to protect against physical tampering as well as unauthorized access to cryptographic material. We developed methods to bypass all these protection mechanisms of the manufacturer. We present a differential fault attack and implementation attack on the SHA-1-enabled iButton (DS1963S chip). Beside the emulation and impersonation, our attacks succeed in extracting the secret keys stored in the iButton. Our methods allow an infinite rollback to the initial state, which is crucial when targeting micropayment systems based on iButtons. We also demonstrate our attacks on Maxims reference platform of a micropayment system. Our best attack requires a minimal financial invest and take less than ten minutes, including target preparation, while the pure attack on all eight 64-bit keys is completed in a few seconds.

: http://publica.fraunhofer.de/dokumente/N-301944.html