Posted by zeitcontrol
(220.127.116.11) on March 29, 2004 at 12:14:24:
In Reply to: BasicCard safe against side-channel attacks? posted by christian on March 29, 2004 at 06:05:41:
A well skilled and well equiped attacker will probably be able to use this attack against a BasicCard. With software countermeasures inside the encryption algorithm you can make this more difficult, but you will probably never prevent this 100%.
There is one countermeasure a BasicCard developer can use and should use. Typically you need a lot of encryption/decryption operations to be executed before the attacker has enough data from side channel attack to calculate the probable key. This is why the attack needs several minutes, in this time you can do a lot of encryption operations. So you as the card developer must prevent the attacker from having the chance to execute as many encryption operations as he needs to find the key. For this the BasicCard provides a Key Error Counter. This counter (if activated) is decremented each time a key within BasicCard is used with invalid (wrong) terminal key. If the counter is reaching the value of 0, the key is locked and cannot be used anymore. See BasicCard manual chapter 3.17.5 Key Error Counter.