Upload
xcusez
View
28
Download
6
Embed Size (px)
Citation preview
HACKER5 | . 100/-
Inside
03
04
05
N CBNEWSMAKERS BROADCASTING & COMMUNICATION PVT LTD
OCT 2010 | HACKER508
OCT 2010 | HACKER5 09
OCT 2010 | HACKER510
Cy
erH
acki
ngb
C
yber
Hac
kngi
yC
ber H
acki
ng
21OCT 2010 | HACKER5
22 OCT 2010 | HACKER5
24 OCT 2010 | HACKER5
25OCT 2010 | HACKER5
27OCT 2010 | HACKER5
28 OCT 2010 |HACKER5
30 OCT 2010 |HACKER5
31OCT 2010 | HACKER5
33OCT 2010 | HACKER5
34 OCT 2010 |HACKER5
7SEP 2010 | CY83R GH057
39OCT 2010 | HACKER5
NBCNEWSMAKERS BROADCASTING & COMMUNICATION PVT LTD
43OCT 2010 | HACKER5
44 OCT 2010 | HACKER5
48 OCT 2010 | HACKER5
How Safe Is Your Swipe?Thinking Like Hackers, Programmers Find SecurityLoopholes in Secure' Microchips
sed in a variety of products from credit cards to satellite televisions, Usecure chips are designed to keep
encoded data safe. But hackers continue to develop methods to crack the chips' security codes and access the information within.
Thinking like hackers, Prof. Avishai Wool and his Ph.D. student Yossi Oren of Tel Aviv University's School of Electrical Engineer-ing have developed an innovative way of extracting information from chip technol-ogy. By combining modern cryptology methods with constraint programming -- an area of computer science designed to solve a series of complex equations -- Prof. Wool and Oren were able to extract more information from secure chips. Their research, which could lead to important new advances in computer security, was recently presented at the 12th Workshop on Cryptographic Hardware and Embed-ded Systems (CHES) in Santa Barbara, CA.
Prof. Wool explains that cryptologists like himself try to stay one step ahead of attackers by thinking the way they do. "Companies need to know how secure
their chip is, and how it can be cracked," he explains. "They need to know what they're up against."
Blocking out the "noise"According to the researchers, the Achil-
les-heel of contemporary secure chips can be found in the chip's power supply. When a chip is in use, says Prof. Wool, it employs a miniscule amount of power. But the amount of this power, and how it fluctuates, depends on the kind of infor-mation the chip contains. By measuring the power fluctuations with an oscillo-scope, a standard piece of lab equipment, and analyzing the data using appropriate algorithms, a potential hacker could deci-pher the information that the chip con-tains.
But extracting information in this way, through what the researchers call a "side channel," can be complex. When you do a power trace, says Prof. Wool, there is a lot of "noise" -- inaccuracies that result from the different activities the chip is doing at the time. He and Oren have now identified a method for blocking out the "noise" that has proved to be more effective than
previous methods.When applied to information gathered
from a power source, a computer program like the one Prof. Wool and Oren have cre-ated can sort through this "noise" to deliver a more accurate analysis of a chip's secret contents. Their program is based in "constraint programming" -- the same computer programming approach used for complex scheduling programs like those used in the travel industry.
Knowing your enemyNo chip can be 100% secure, Prof. Wool
admits. But he also stresses that it's impor-tant to explore the boundaries of how secure information can be extracted from these chips. An attacker could have access to a variety of computer technologies and equipment -- so researchers need to know the type of resources required to break a code, explains Prof. Wool. He has provided information to U.S. passport authorities on how to make the chips in passports more secure.
"We need to think like the attackers," he says, "in order to raise the bar against them.
50 OCT 2010 | HACKER5
51OCT 2010 | HACKER5
53OCT 2010 | HACKER5
54 OCT 2010 | HACKER5
S e ra Le nei r o ,s fe t o n ry toa s c u t s r inte n tu f r e
58 OCT 2010 | HACKER5
Is the 'best' malware ever?Stuxnet
60 OCT 2010 | HACKER5
ma 'S rt Workwhard ork
'Sar
t Wor
k
m d
o
har
wrk
61OCT 2010 | HACKER5
62 OCT 2010 | HACKER5
63OCT 2010 | HACKER5
65OCT 2010 | HACKER5
66 OCT 2010 | HACKER5
What's a hacker's biggest fear?
68 OCT 2010 | HACKER5
70 OCT 2010 | HACKER5
71OCT 2010 | HACKER5
72 OCT 2010 | HACKER5
73OCT 2010 | HACKER5
77OCT 2010 | HACKER5