Tuesday, July 5, 2016

Ambient Computer Noise Leaks Your Encryption Keys

[Daniel, Adi, and Eran], ~~students~~ researchers at Tel Aviv University and the Weizmann Institute of Science have successfully extracted 4096-bit RSA encryption keys using only the sound produced by the target computer. It may sound a bit like magic, but this is a real attack – although it’s practicality may be questionable. The group first described this attack vector at Eurocrypt 2004. The sound used to decode the encryption keys is produced not by the processor itself, but by the processor’s power supply, mainly the capacitors and coils. The target machine in this case runs a copy of GNU Privacy Guard (GnuPG).
During most of their testing, the team used some very high-end audio equipment, including Brüel & Kjær laboratory grade microphones and a parabolic reflector. By directing the microphone at the processor air vents, they were able to extract enough sound to proceed with their attack. [Daniel, Adi, and Eran] started from the source of GnuPG. They worked from there all the way down to the individual opcodes running on the x86 processor in the target PC. As each opcode is run, a sound signature is produced. The signature changes slightly depending on the data the processor is operating on. By using this information, and some very detailed spectral analysis, the team was able to extract encryption keys. The complete technical details of the attack vector are available in their final paper (pdf link).
Once they had the basic methods down, [Daniel, Adi, and Eran] explored other attack vectors. They were able to extract data using ground fluctuations on the computers chassis. They even were able to use a cell phone to perform the audio attack. Due to the cell phone’s lower quality microphone, a much longer (on the order of several hours) time is needed to extract the necessary data.
Thankfully [Daniel, Adi, and Eran] are white hat hackers, and sent their data to the GnuPG team. Several countermeasures to this attack are already included in the current version of GnuPG.

http://hackaday.com/2013/12/20/ambient-computer-noise-leaks-your-encryption-keys/

Monday, July 4, 2016

converting from to Please use the automated test vector button above to generate sample data, or if you prefer, you can fill out the form below and click the individual action buttons to decrypt, convert and encrypt the PIN block. You can copy ready to use test data from the bottom.

Incoming PINBlock

Incoming PAN

Incoming ZPK

Incoming Clear PINBlock

Outgoing Clear PINBlock

Outgoing PAN

Outgoing ZPK

This site is run by members of the Security Group at the University of Cambridge Computer Laboratory.

EMV® is a registered trademark of EMVCo LLC. This site and its operators are not affiliated or associated with or endorsed by EMVCo. All other trademarks and registered trademarks are the property of their respective owners.

http://www.emvlab.org/pinblock/

COPY A SMART CARD

Copy smart cards.docx by Elsa Cristina David

Copy smart cards

z/OS Cryptographic Services ICSF TKE Workstation User's Guide
SA23-2211-08

This function allows you to copy keys and key parts from one TKE smart card to another TKE smart card. You can copy these types of keys:

Crypto adapter logon key
TKE authority signature key
ICSF operational key parts
ICSF master key parts
Crypto adapter master key parts

Notes:

The two TKE smart cards must be enrolled in the same zone; otherwise the copy will fail. To display the zone of a TKE smart card, exit from the TKE application and use either the Cryptographic Node Management Utility or the Smart Card Utility Program found in the Trusted Key Entry category's Applications list on the TKE Workstation Console. See Cryptographic Node Management Utility (CNM) or Smart Card Utility Program (SCUP).
To copy ECC key parts, the applet version of the target smart card must be 0.6 or greater.

To copy a smart card:

Select Copy smart card contents... from the Utilities menu. A message box prompts you to “Insert source TKE smart card in smart card reader 1”.
Insert the source TKE smart card in smart card reader 1 and press OK. A message box prompts you to “Insert target TKE smart card in smart card reader 2”.
Insert the target TKE smart card in smart card reader 2 and press OK. The utility reads the TKE smart card contents. This may take some time. The card ID is displayed, followed by the card description. Verify that these are the TKE smart cards you want to work with.
The Copy smart card contents window lists the following information for a TKE smart card:

Card ID

Identification of TKE smart card

Zone description

Description of the zone in which the TKE smart card is enrolled

Card description

Description of the TKE smart card; entered when the smart card was personalized

Card contents

Key type, Description, Origin, MDC4, SHA1, ENC-Zero, AES-VP, Control Vector or Key Attributes (for operational keys only), and Length.
Highlight the keys that you want to copy. By holding down the control button on the keyboard, you can select specific entries on the list with your mouse. By holding down the shift button on the keyboard, you can select a specific range of entries on the list with your mouse. Click on the Copy button or right click and select Copy.

Note:

Smart card copy does not overwrite the target TKE smart card. If there is not enough room on the target TKE smart card, you will get an error message. You can either delete some of the keys on the target TKE smart card (see Manage smart cards) or use a different TKE smart card.

Figure 86. Select keys to copy
At the prompts, enter the PINs for the TKE smart cards on the smart card reader PIN pads. The keys will then be copied to the target TKE smart card. The target TKE smart card contents panel is refreshed.

Note:

You can display the key attributes associated with a CIPHER, EXPORTER, or IMPORTER AES operational key part stored on either the source or target smart card. Left click to select the key part, then right click to display a popup menu. Select the Display key attributes option to display the key attributes.

Friday, July 1, 2016

IMAGINE YOU PICK A MICROCONTROLLER OVER ANY CREDIT CARD...AND YOU WANT TO ACCESS THE BANKING URL THAT FOR THIS SPECIFIC USE IS NOT PROTECTED WITH FIREWALL

How to implement 2 serial port for interfacing with a single UART microcontroller

I am designing an interface board based on a single UART 8051 family microcontroller.The interface needs two serial port;one for system serial bus and another for networking through a serial-ethernet converter.Is it possible to implement a software UART using two normal pin of micro?Is there any way to share the single UART of the micro for the two puposes?

http://www.keil.com/forum/6104/

well...another subject I've been trought is how to restart an ATM machine! Let's first go to sabotage operandis; when you overheat the ATM electronic circuit, it gives an error! the same process, to give error, is for instance to block the printer with any clip.
(The thermal head of the receipt printer is overheated before the receipt printer starts to operate.)
How to fix the problem:1. Check and replace the thermal printer head.
2. Check logic related to the TPH of the PR board.

But this here its much more geek, and much more effective, and really fucks the system: induction loop on the phone line of the modem! and this is what you need , radio fans :) and this, darlings, restarts the operative the system. I have some old news, what this frequency is about, is national cover :) Então Ciber??? então SIED? absolutly vodka!!!! Ladies and gentlemen, I just BLOW UP, world security, from banking to airports! from up their ass, to my glory! (I'm over for today stay well)

HERE'S THE BABE:
Optimod-FM 8500 Rear Panel

http://www.orban.com/products/radio/fm/8500/specifications/