전기학회논문지 (The Transactions of The Korean Institute of Electrical Engineers)

  • 제65권12호
  • /
  • Pages.2240-2250
  • /
  • 2016
  • /
  • 1975-8359(pISSN)
  • /
  • 2287-4364(eISSN)
대한전기학회 (The Korean Institute of Electrical Engineers)
권호 표지
DOI QR코드

DOI QR Code

실제 환경에 최적화된 MIFARE Classic 공격 절차

Optimal MIFARE Classic Attack Flow on Actual Environment

  • Ahn, Hyunjin (Dept. of Financial Information Security, Kookmin University) ;
  • Lee, Yerim (Dept. of Financial Information Security, Kookmin University) ;
  • Lee, Su-Jin (Dept. of Financial Information Security, Kookmin University) ;
  • Han, Dong-Guk (Dept. of Mathematics, Kookmin University)
  • 투고 : 2016.10.19
  • 심사 : 2016.11.16
  • 발행 : 2016.12.01
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

MIFARE Classic is the most popular contactless smart card, which is primarily used in the management of access control and public transport payment systems. It has several security features such as the proprietary stream cipher Crypto 1, a challenge-response mutual authentication protocol, and a random number generator. Unfortunately, multiple studies have reported structural flaws in its security features. Furthermore, various attack methods that target genuine MIFARE Classic cards or readers have been proposed to crack the card. From a practical perspective, these attacks can be partitioned according to the attacker's ability. However, this measure is insufficient to determine the optimal attack flow due to the refined random number generator. Most card-only attack methods assume a predicted or fixed random number, whereas several commercial cards use unpredictable and unfixable random numbers. In this paper, we propose optimal MIFARE Classic attack procedures with regards to the type of random number generator, as well as an adversary's ability. In addition, we show actual attack results from our portable experimental setup, which is comprised of a commercially developed attack device, a smartphone, and our own application retrieving secret data and sector key.

키워드

참고문헌

  1. N. T. Courtois, "The Dark Side of Security by Obscurity - and Cloning MiFare Classic Rail and Building Passes, Anywhere, Anytime," In: International Conference on Security and Cryptography, SECRYPT, pp. 331-338, Milan, Italy, 2009.
  2. N. T. Courtois, K. Nohl, S. O'Neil, "Algebraic attacks on the Crypto-1 stream cipher in MiFare Classic and Oyster Cards," Cryptology ePrint Archive, Report 2008/166, 2008.
  3. G. de Koning Gans, J.-H. Hoepman, F. D. Garcia, "A practical attack on the MIFARE Classic," In G. Grimaud, F.-X. Standaert (eds.) CARDIS 2008, LNCS, vol. 5189, pp. 267-282. Springer, Heidelberg, 2008.
  4. F. D. Garcia, G. de Koning Gans, R. Muijrers, P. van Rossum, R. Verdult, R. W. Schreur, B. Jacobs, "Dismantling MIFARE Classic," In: S. Jajodia, J. Lopez (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 97-114. Springer, Heidelberg, 2008.
  5. F. D. Garcia, P. van Rossum, R. Verdult, R. W. Schreu, "Wirelessly Pickpocketing a Mifare Classic Card," In: 30th IEEE Symposium on Security and Privacy, pp. 3-15. IEEE Press, Berkeley, CA, 2009.
  6. NIST, FIPS 46-3, "Data Encryption Standard (DES)," http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
  7. NIST, FIPS 197, "Advanced Encryption Standard AES," http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
  8. K. Nohl, D. Evans, Starbug, H. Plotz, "Reverse-Engineering a Cryptographic RFID Tag," In: 17th USENIX Security Symposium, pp. 185-193. San Jose, CA, 2008.
  9. K. Nohl, H. Plotz, "Mifare: Little security, despite obscurity," In: 24th Chaos Communication Congress, 24C3, Berlin, Germany, 2007.
  10. NXP application note, "MIFARE ISO/IEC 14443 PICC Selection Rev. 3.0," http://www.nxp.com/documents/application_note/130830.pdf
  11. NXP application note, "MIFARE Type Identification Procedure Rev. 3.5," http://www.nxp.com/documents/application note/AN10833.pdf
  12. NXP application note, "NFC Type MIFARE Classic Tag Operation," http://www.nxp.com/documents/application_note/AN1304.pdf
  13. NXP product data sheet, "MIFARE Classic EV 1K - Mainstream contactless smart card IC for fast and easy solution development Rev. 3.0," http://www.nxp.com/documents/data_sheet/MF1S50YYX_V1.pdf
  14. NXP product short data sheet, "MF1PLUSx0y1 - Mainstream contactless smart card IC for fast and easy solution development Rev. 3.2," http://www.nxp.com/documents/short_data_sheet/MF1PLUSX0Y1_SDS.pdf
  15. NXP product short data sheet, "MF1SPLUSx0y1 - Mainstream contactless smart card IC for fast and easy solution development Rev. 3.2," http://www.nxp.com/documents/short_data_sheet/MF1SPLUSX0Y1_SDS.pdf
  16. NXP short form specification, "P5CD072 - Secure Dual Interface PKI Smart Card Controller Rev. 1.2," http://www.searchdatasheet.com/datasheets-1/nxp/P5CD072EV0_TVSRRFFO.pdf