THE DARK SIDE OF SECURITY BY OBSCURITY
and Cloning MiFare Classic Rail and Building Passes, Anywhere, Anytime
anonymous submission
position paper
Keywords:
Access control, RFID, contactless smart cards, MiFare Classic, London Oyster card, OV-Chipcard, trade
secrets, secure hardware devices, reverse-engineering, electronic subversion, covert channels, implementation
backdoors, critical application development management, information assurance, crime science.
Abstract:
MiFare Classic is the most popular contactless smart card with some 200 millions copies in circulation world-
wide. At Esorics 2008 Dutch researchers showed that the underlying cipher Crypto-1 can be cracked in as
little as 0.1 seconds if the attacker can eavesdrop the RF communications with the (genuine) reader.
We discovered that a MiFare classic card can be cloned in a much more practical totally off-line scenario,
where the attacker only needs to be in the proximity of the card for a number of minutes, therefore making
usurpation of identity through pass cloning feasible at any moment and under any circumstances. For exam-
ple, anybody sitting next to the victim on a train or on a plane is now be able to clone his/her pass. Other
researchers have also (independently from us) discovered this vulnerability (Garcia et al., 2009). In addition,
we discovered that a yet unknown proportion of MiFare Classic cards are even weaker, and we have in our
possession a MiFare classic card from a large Eastern-European city that can be cloned in seconds.
The main security vulnerability that we need to address with regard to MiFare Classic is
not
about cryptogra-
phy, RFID protocols and software vulnerabilities. It is a systemic one: we need to understand how much our
economy is vulnerable to sophisticated forms of electronic subversion where potentially one smart card devel-
oper can intentionally (or not), but quite easily in fact, compromise the security of of governments, businesses
and financial institutions worldwide.
1
INTRODUCTION
The MiFare classic contact-less smart card is the most
popular RFID card that is used to protect access to
buildings worldwide and in public transportation. For
more than 10 years, due to the secrecy of the speci-
fication, nobody was able to realize how weak these
products actually are. When in 2008, two teams of re-
searchers (Nohl et al., 2008; de Koning Gans et al.,
2008) have more or less independently reverse en-
gineered this card and discovered
several
very seri-
ous vulnerabilities: an incredibly weak cipher broken
in 0.1 s, two extremely weak Random Number Gen-
erators (RNG), both in the card and in the readers,
and the resulting possibility to reproduce the same
keystream.
In all key recovery attacks proposed so
far the attacker must somewhat “approach” the vic-
tim, or be able to install an RF interception equipment
inside a building. Can a system that is so badly com-
promised be shown to be even more insecure? The
answer is yes, and we discovered yet another very
serious vulnerability of MiFare Classic cards.
This
This
preview
has intentionally blurred sections.
Sign up to view the full version.
This is the end of the preview.
Sign up
to
access the rest of the document.
- Spring '11
- morganjones
- Information Security, Computer Security, smart card, mifare classic
-
Click to edit the document details
