From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 10a146,99ff6776c4322f55,start X-Google-Attributes: gid10a146,public X-Google-Thread: fac41,99ff6776c4322f55,start X-Google-Attributes: gidfac41,public X-Google-Thread: 1108a1,99ff6776c4322f55,start X-Google-Attributes: gid1108a1,public X-Google-Thread: 10611e,99ff6776c4322f55,start X-Google-Attributes: gid10611e,public X-Google-Thread: fa0ae,99ff6776c4322f55,start X-Google-Attributes: gidfa0ae,public X-Google-Thread: 103376,99ff6776c4322f55,start X-Google-Attributes: gid103376,public X-Google-Thread: 109fba,99ff6776c4322f55,start X-Google-Attributes: gid109fba,public X-Google-ArrivalTime: 2001-11-09 17:26:07 PST Path: archiver1.google.com!news1.google.com!sn-xit-02!supernews.com!newsfeed.direct.ca!look.ca!news.maxwell.syr.edu!news1.optus.net.au!optus!spool01.syd.optusnet.com.au!spool.optusnet.com.au!210.49.20.118.MISMATCH!not-for-mail From: IsraelRT Newsgroups: comp.lang.c++,comp.lang.java.programmer,comp.object,nyc.food,comp.lang.eiffel,comp.lang.ada,comp.lang.perl.misc Subject: Extracting a 3DES key from an IBM 4758 Date: Sat, 10 Nov 2001 12:25:27 +1100 Message-ID: References: <3BEBD3D3.50A5D523@gmx.de> X-Newsreader: Forte Agent MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit NNTP-Posting-Host: 203.164.144.6 X-Trace: 1005355524 5036 203.164.144.6 Xref: archiver1.google.com comp.lang.c++:103036 comp.lang.java.programmer:109094 comp.object:24424 nyc.food:2057 comp.lang.eiffel:4882 comp.lang.ada:16183 comp.lang.perl.misc:77749 Date: 2001-11-10T12:25:27+11:00 List-Id: An amusing article , well worth reading: http://www.cl.cam.ac.uk/~rnc1/descrack/ "The IBM 4758 is an extremely secure crytographic co-processor. It is used by banking systems and in other security conscious applications to hold keying material. It is designed to make it impossible to extract this keying material unless you have the correct permissions and can involve others in a conspiracy. Until IBM fix the CCA software to prevent our attack, banks are vulnerable to a dishonest branch manager whose teenager has $995 and a few hours to spend in duplicating our work. We are able, by a mixture of sleight-of-hand and raw processing power, to persuade an IBM 4758 running IBM's ATM (cash machine) support software called the "Common Cryptographic Architecture" (CCA) to export any and all its DES and 3DES keys to us. All we need is: about 20 minutes uninterrupted access to the device one person's ability to use the Combine_Key_Parts permission a standard off-the-shelf $995 FPGA evaluation board from Altera about two days of "cracking" time" If your bank manager suddenly flies off to the south of France, this might explain it !