Microchip hack 'absolutely' a worry

Having recently cracked an Infineon chip with Trust Platform Module, security researcher raises alert about microchip's widespread use and vulnerability.
Written by Vivian Yeo, Contributor

A security researcher who highlighted at the Black Hat DC Conference 2010 last week that he had cracked an Infineon microchip, is warning customers that they should be "absolutely" worried.

Christopher Tarnovsky, principal engineer and owner of Flylogic Engineering, told ZDNet Asia that the chip is "one of the most popular" and used in a myriad devices including the latest e-passports.

Citing InformationWeek, Tarnovsky added that the U.K. government also certified Infineon's chips for use in classified devices.

In his presentation at the annual hacker event, Tarnovsky detailed his exploit of the Infineon SLE 66 CL PE, a chip widely used in computers, gaming systems, identity cards and other electronics, according to a report in Dark Reading.

The researcher said he was able to bypass the security defenses of the chip and gain access to data such as encryption keys and unique manufacturing information. With the data, counterfeit systems are possible, he pointed out.

The Infineon chip is based on the Trusted Computing Group's (TCG) Trusted Platform Module and had been certified in December 2009 by the Group. In response to Tarnovsky's claims, TCG said the feat "would be exceedingly difficult" to achieve in a real-world context.

The organization explained in a blog post that TPM was designed to be a robust defense against complex software-based attacks. In contrast, the "attack, unlike a software attack, requires the physical possession of the PC".

TCG noted that "it was conducted by someone with extensive skills in reverse engineering, intricate knowledge of semiconductors and access to specialized equipment. Few individuals in a real-world setting could replicate this attack.

"Breaking a single TPM in this manner grants access to one machine--a one-time hack that would need to be physically replicated for every machine, offering no further advantage in accessing the rest of the 300 million TPM chips on PCs around the world".

Tom Halfhill, senior analyst at In-Stat, concurred. "How likely is it that a criminal would spend nine months cracking the chip, and then make a counterfeit chip?

"Counterfeiting would cost millions of dollars, and take at least a year or two even for a skilled engineering team," he pointed out. "Seems like there are other criminal enterprises more rewarding than this."

The effort took Tarnovsky between six and nine months, but he clarified in an e-mail to ZDNet Asia that most of the time was spent learning to use the equipment involved and not actually writing the code.

His success with cracking the Infineon chip, he added, should put other vendors on alert.

"Infineon is stronger than their other popular counterparts--Atmel, NXP [and STMicro]," he said. "A demonstration of a successful attack against the Infineon SLE 66 PE family will send a message home to the other manufacturers as well."

Tarnovsky said Infineon had included him in an e-mail announcement sent to customers last Friday, but he did not disclose the content of the message.

Industry reaction
Mathias Wagner, head of crypto and security and a fellow at NXP Semiconductors, said the company is "permanently monitoring academic research and latest attack scenarios related to the security of microchips". Based on such findings, its team of experts on tamper resistance regularly challenges the security and protection of its current chip portfolio.

NXP has the policy of having independent third parties validate the security of its chips, he added in an e-mail. "This approach comprises certification according to Common Criteria by the German Federal Office for Information Security and security reviews from universities.

"Additionally, NXP works regularly with laboratories and security experts to review and challenge certain security and protection aspects of its products," he explained.

Microsoft, responding to e-mail queries from ZDNet Asia, also confirmed that Infineon's chip security technology is used in its Xbox 360. The game system was cited by Tarnovsky as one of the products that could be affected by the hack.

According to a spokesman from the Singapore Xbox team: "Microsoft uses security measures, including security technology in the Infineon chips, in the Xbox 360 in order to protect the quality and security of the gameplay experiences of our users.

"Unauthorized accessories that circumvent security protocols are not certified to meet our safety and compliance standards, and can be used to cheat on Xbox LIVE. Microsoft supports a rich ecosystem of licensed third-party accessories that meet our quality and security standards."

Editorial standards