Efficient hardware and software implementations for the DES
Proceedings of CRYPTO 84 on Advances in cryptology
Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
Structure in the S-boxes of the DES
Proceedings on Advances in cryptology---CRYPTO '86
Fast DES Implementation for FPGAs and Its Application to a Universal Key-Search Machine
SAC '98 Proceedings of the Selected Areas in Cryptography
DES Cracking on the Transmogrifier 2a
CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
Attacks on Cryptoprocessor Transaction Sets
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
SELS: a secure e-mail list service
Proceedings of the 2005 ACM symposium on Applied computing
A fast pipelined multi-mode DES architecture operating in IP representation
Integration, the VLSI Journal
Attacking and fixing PKCS#11 security tokens
Proceedings of the 17th ACM conference on Computer and communications security
Sparse Boolean equations and circuit lattices
Designs, Codes and Cryptography
An introduction to security API analysis
Foundations of security analysis and design VI
Breaking ciphers with COPACOBANA –a cost-optimized parallel code breaker
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
Type-Based analysis of PKCS#11 key management
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Type-based analysis of key management in PKCS#11 cryptographic devices
Journal of Computer Security - Security and Trust Principles
| Hi-index | 0.00 |
This paper describes the authors' experiences attacking the IBM 4758 CCA, used in retail banking to protect the ATM infrastructure. One of the authors had previously proposed a theoretical attack to extract DES keys from the system, but it failed to take account of real-world banking security practice. We developed a practical scheme that collected the necessary data in a single 10-minute session. Risk of discovery by intrusion detection systems made it necessary to complete the key "cracking" part of the attack within a few days, so a hardware DES cracker was implemented on a US$995 off-the-shelf FPGA development board. This gave a 20-fold increase in key testing speed over the use of a standard 800 MHz PC. The attack was not only successful in its aims, but also shed new light on the protocol vulnerabilities being exploited. In addition, the FPGA development led to a fresh way of demonstrating the non-randomness of some of the DES S-boxes and indicated when pipelining can be a more effective technique than replication of processing blocks. The wide range of insights we obtained demonstrates that there can be significant value in implementing attacks "for real".