Advertisement

Dismantling MIFARE Classic

  • Flavio D. Garcia
  • Gerhard de Koning Gans
  • Ruben Muijrers
  • Peter van Rossum
  • Roel Verdult
  • Ronny Wichers Schreur
  • Bart Jacobs
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5283)

Abstract

The mifare Classic is a contactless smart card that is used extensively in access control for office buildings, payment systems for public transport, and other applications. We reverse engineered the security mechanisms of this chip: the authentication protocol, the symmetric cipher, and the initialization mechanism. We describe several security vulnerabilities in these mechanisms and exploit these vulnerabilities with two attacks; both are capable of retrieving the secret key from a genuine reader. The most serious one recovers the secret key from just one or two authentication attempts with a genuine reader in less than a second on ordinary hardware and without any pre-computation. Using the same methods, an attacker can also eavesdrop the communication between a tag and a reader, and decrypt the whole trace, even if it involves multiple authentications. This enables an attacker to clone a card or to restore a real card to a previous state.

Keywords

Authentication Protocol Linear Feedback Shift Register Authentication Request Authentication Session Precomputed Table 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [HHJ+06]
    Hoepman, J.-H., Hubbers, E., Jacobs, B., Oostdijk, M., Wichers Schreur, R.: Crossing borders: Security and privacy issues of the European e-passport. In: Yoshiura, H., Sakurai, K., Rannenberg, K., Murayama, Y., Kawamura, S.-i. (eds.) IWSEC 2006. LNCS, vol. 4266, pp. 152–167. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  2. [ISO01]
    ISO/IEC 14443. Identification cards - Contactless integrated circuit(s) cards - Proximity cards (2001)Google Scholar
  3. [JW08]
    Jacobs, B., Wichers Schreur, R.: Mifare Classic, logical formalization and analysis, PVS code (manuscript, 2008)Google Scholar
  4. [Ker83]
    Kerckhoffs, A.: La cryptographie militaire. Journal des Sciences Militaires IX, 5–38 (1883)Google Scholar
  5. [KHG08]
    de Koning Gans, G., Hoepman, J.-H., Garcia, F.D.: A practical attack on the MIFARE Classic. In: Proceedings of the 8th Smart Card Research and Advanced Application Workshop (CARDIS 2008). LNCS, vol. 5189, pp. 267–282. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  6. [NESP08]
    Nohl, K., Evans, D., Starbug, Plötz, H.: Reverse-engineering a cryptographic RFID tag. In: USENIX Security 2008 (2008)Google Scholar
  7. [NP07]
    Nohl, K., Plötz, H.: Mifare, little security, despite obscurity. In: Presentation on the 24th Congress of the Chaos Computer Club. Berlin (December 2007)Google Scholar
  8. [ORSH95]
    Owre, S., Rushby, J.M., Shankar, N., von Henke, F.: Formal verification for fault-tolerant architectures: Prolegomena to the design of PVS. IEEE Transactions on Software Engineering 21(2), 107–125 (1995)CrossRefGoogle Scholar
  9. [TN08]
    Teepe, W., Nohl, K.: Making the best of MIFARE Classic (manuscript, 2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Flavio D. Garcia
    • 1
  • Gerhard de Koning Gans
    • 1
  • Ruben Muijrers
    • 1
  • Peter van Rossum
    • 1
  • Roel Verdult
    • 1
  • Ronny Wichers Schreur
    • 1
  • Bart Jacobs
    • 1
  1. 1.Institute for Computing and Information SciencesRadboud University NijmegenThe Netherlands

Personalised recommendations