The first high-volume trusted computers were in fact not computers at all, but rather specialized electronic circuits with very limited functions. They were simple counters that were set to a predefined level at the factory, and then were decremented each time a person made a call on a public telephone. When the units of communication indicated by such a counter were depleted, the card containing the circuitry was discarded, and a new one purchased. This was in the 1980’s, before cellular phones. Public telephones were found throughout the world. Over time, phone cards would number in the billions. As we noted, the original card was a simple circuit coupled with electrical contacts. Through these contacts, power was provided to the card once it was inserted in the public phone reader apparatus. The contacts also allowed information interchange with the public telephone’s card reader. Power activated the circuitry at regular intervals during the phone call, causing the card to retire units accordingly from the counter implemented by the circuitry. Naturally, some people soon wanted to defeat the system. Initially, they simply tried to either duplicate the card mechanism, or to find ways to reset the counter. The latter was somewhat difficult, but the former was quite easy, since earlier communication sessions between the card and the public phone were easily recorded and replayed. More complex circuitry was subsequently built to defeat this threat, and so started the race that is still on-going between secure core security measures and counter-attacks. As far as phone cards are concerned, fraud would eventually diminish, not because of lack of inventiveness, but because the incentive for fraud disappeared as public phones were replaced by cellular phones.

The electronic phone card was invented by the French, who naturally thought of such cards when they helped design the GSM cellular phones that would eventually conquer the world. A challenge with cellular phones was to avoid repeating the initial experience of public phone card fraud. Fortunately, a great advance in secure core design intervened at about the same time as the GSM cellular phones were designed; that of the microprocessor card. By embedding a microprocessor, which is an electronic component providing computer capabilities, the cellular phone card was suddenly capable of complex operations that would make the information emanating from this secure core of the cellular phone very difficult, if not impossible, to crack. Since the SIM card would contain the information identifying the caller to the cellular phone network, the only way for the hacker to steal communication time was to defeat the card itself. The idea was to somehow dismantle the card so as to pick its inside, or perhaps to find ways to externally probe the circuitry such that it revealed the secrets it contained.

Attacks to a secure core can be non-destructive or destructive, and also external or internal. An example of a non-destructive external attack is to change the electric power feeding the card and see how the circuitry responds. If the secure core is not protected against such attack, its circuitry may react in ways that provide critical information to a would-be cyberburglar. Another non-destructive external attack involved measuring the response time of the secure computer when different data were entered. Consider that the hacker wanted to find the Personal Identification Number (PIN) that gives access to the card’s information. Each time the personal identification number was sent to the card, one could measure the response time. Depending on the correctness of the personal identification number’s digits, the circuitry inside the card would take certain paths, if some digits are not correct, it would take other paths. If the paths are of different lengths, it shows in the response time. In order to counter such an attack, the designers of the card’s inner working must make sure that the length of the circuitry is the same whether the digits are correct or not. While this is a cumbersome task, it is absolutely needed if the user of the cellular phone is to trust that no one can find out what the card contains and thus be able to make fraudulent calls that would eventually be found on the subscriber’s phone bill.

Book available at Midori Press (regular)
Book available at Midori Press (signed)
Book available at Amazon (regular)