[论文解读] Chip and Skim: cloning EMV cards with the pre-play attack
本文揭示了EMV(芯片与密码)支付系统中的一个关键漏洞:ATM机和销售点终端中随机数生成机制存在缺陷,导致攻击者可在无需物理接触卡片的情况下实施‘重放攻击’,从而克隆卡片。该攻击利用了本应不可预测的‘不可预测数’——用于确保交易新鲜度——通过预先计算有效的认证码,造成难以察觉的欺诈行为,而银行却错误地将其归因于客户失误或串通行为。
EMV also known as “Chip and PIN”, is the leading system for card payments worldwide. It is used throughout Europe and much of Asia, and is starting to be introduced in North America too. Payment cards contain a chip so they can execute an authentication protocol. This protocol requires point-of-sale (POS) terminals or ATMs to generate a nonce, called the unpredictable number, for each transaction to ensure it is fresh. We have discovered two serious problems: a widespread implementation flaw and a deeper, more difficult to fix flaw with the EMV protocol itself. The first flaw is that some EMV implementers have merely used counters, timestamps or home-grown algorithms to supply this nonce. This exposes them to a “pre-play” attack which is indistinguishable from card cloning from the standpoint of the logs available to the card-issuing bank, and can be carried out even if it is impossible to clone a card physically. Card cloning is the very type of fraud that EMV was supposed to prevent. We describe how we detected the vulnerability, a survey methodology we developed to chart the scope of the weakness, evidence from ATM and terminal experiments in the field, and our implementation of proof-of-concept attacks. We found flaws in widely-used ATMs from the largest manufacturers. We can now explain at least some of the increasing number of frauds in which victims are refused refunds by banks which claim that EMV cards cannot be cloned and that a customer involved in a dispute must therefore be mistaken or complicit. The second problem was exposed by the above work. Independent of the random number quality, there is a protocol failure: the actual random number generated by the terminal can simply be replaced by one the attacker used earlier when capturing an authentication code from the card. This variant of the pre-play attack may be carried out by malware in an ATM or POS terminal, or by a man-in-the-middle between the terminal and the acquirer. We explore the design and implementation mistakes that enabled these flaws to evade detection until now: shortcomings of the EMV specification, of the EMV kernel certification process, of implementation testing, formal analysis, and monitoring customer complaints. Finally we discuss countermeasures. More than a year after our initial responsible disclosure of these flaws to the banks, action has only been taken to mitigate the first of them, while we have seen a likely case of the second in the wild, and the spread of ATM and POS malware is making it ever more of a threat.
研究动机与目标
- 调查尽管协议声称具备安全性,但为何EMV卡片欺诈仍无法被检测到的根本原因。
- 揭示EMV终端中可预测的‘不可预测数’如何导致重放攻击,从而模拟卡片克隆行为。
- 证明在广泛部署的ATM机和POS终端中,随机数生成机制的缺陷严重破坏了整个EMV安全模型。
- 倡导在责任划分、证据保存和监管监督方面进行系统性改革,以保护消费者并纠正行业实践。
提出的方法
- 收集ATM机和POS终端的交易日志,分析‘不可预测数’(UN)字段的模式。
- 开发数据采集卡,从现场实际ATM机中提取UN序列。
- 对通过eBay购买的二手ATM机开展实地实验,测试其随机数生成质量。
- 对EMV终端实现进行逆向工程与密码学分析,识别出可预测的UN生成模式。
- 通过预测未来UN值并伪造交易认证码,模拟重放攻击。
- 向卡组织、银行及供应商实施负责任的漏洞披露,记录其回应及行业抵制态度。
实验结果
研究问题
- RQ1为何尽管协议声称具备不可克隆性,EMV卡片欺诈案件仍被银行拒绝受理?
- RQ2EMV终端中可预测的‘不可预测数’如何导致重放攻击并逃避检测?
- RQ3EMV规范、认证流程及实现测试中存在哪些系统性缺陷,致使该漏洞长期存在?
- RQ4为何银行通常在90至180天内销毁交易日志,这如何破坏争议解决机制并削弱消费者保护?
- RQ5为防止未来在密码保护支付系统中发生大规模欺诈,需采取哪些治理与技术改革措施?
主要发现
- 许多ATM机和POS终端中的‘不可预测数’(UN)使用简单计数器或时间戳生成,导致其可预测,易受重放攻击影响。
- 实地实验确认,主流厂商生产的广泛使用ATM机中,UN值以可预测的计数器模式递增,每三分钟循环一次。
- 概念验证攻击表明,攻击者若曾短暂接触卡片,即可预先计算出未来交易的有效认证码。
- 该漏洞不仅限于物理克隆;即使EMV内核具备防篡改能力,攻击者仍可通过中间人攻击或终端内植入恶意软件实现攻击。
- 许多银行在90至180天内销毁交易日志,严重削弱争议解决能力,使银行得以在存在欺诈证据的情况下拒绝承担责任。
- 行业回应普遍轻视或不合作,多数组织拒绝以实名方式参与沟通,表明已知漏洞存在系统性掩盖现象。
更好的研究,从现在开始
从论文设计到论文写作,大幅缩短您的研究时间。
无需绑定信用卡
本解读由 AI 生成,并经人工编辑审核。