12:55 AM
The two teams said they took special care to protect against two types of attacks that are plaguing modern-day RFID chips deployed with chip-n-PIN credit cards.
These attacks are known under the names of side-channel attacks and power glitch attacks.
Protection against side-channel attacks
Side-channel attacks occur when nearby attackers can watch, record, or analyze data from cryptographic operations performed by the chip. They can watch for fluctuations in power usage during these tasks, and by collecting enormous ammounts of information, they can later extract the cryptographic key used to run the chip's secure transactions.
MIT and TI researchers say their new chip will regularly change the cryptographic key based on a random-number generator, which will also run on the bank's server. The two will work in tandem and would generate unique cryptographic keys for each card transaction.
The solution researchers chose makes side-channel attacks "almost" impossible to carry out because they won't have enough data to analyze and extract the cryptographic key. But...
Protection against power glitch attacks
Researchers did reveal that despite adding side-channel attack protection, the chip could still be hacked by power glitch attacks.
This type of attack works when attackers cut the chip's electrical power supply, right before the chip wants to generate a new cryptographic key. When power returns, the chip would use the old cryptographic key, and forget about generating a new one.
By doing this repeatedly, attackers could force the chip to work with the same encryption key until they amassed enough information to carry out a side-channel attack.
The MIT and TI teams resolved this issue by adding a 3.3-volt capacitor made of ferroelectric crystal that can store extra energy that would allow it to finish as many operations as it can after any power supply was abruptly removed, and then send any data to 571 different 1.5-volt storage cells.
When power returns to the chip, it would first recharge the 3.3-volt capacitor, and then retrieve its previous data from the 1.5-volt cells, continuing from where it was interrupted.
After going through a testing phase, MIT and TI researchers said the chips performed as designed. Their work is only at a prototype stage right now, and will not be ready for production for many years. Researchers presented their work at this year's International Solid-State Circuits Conference, held in San Francisco.
