Browse > Article
http://dx.doi.org/10.5370/KIEE.2016.65.12.2240

Optimal MIFARE Classic Attack Flow on Actual Environment  

Ahn, Hyunjin (Dept. of Financial Information Security, Kookmin University)
Lee, Yerim (Dept. of Financial Information Security, Kookmin University)
Lee, Su-Jin (Dept. of Financial Information Security, Kookmin University)
Han, Dong-Guk (Dept. of Mathematics, Kookmin University)
Publication Information
The Transactions of The Korean Institute of Electrical Engineers / v.65, no.12, 2016 , pp. 2240-2250 More about this Journal
Abstract
MIFARE Classic is the most popular contactless smart card, which is primarily used in the management of access control and public transport payment systems. It has several security features such as the proprietary stream cipher Crypto 1, a challenge-response mutual authentication protocol, and a random number generator. Unfortunately, multiple studies have reported structural flaws in its security features. Furthermore, various attack methods that target genuine MIFARE Classic cards or readers have been proposed to crack the card. From a practical perspective, these attacks can be partitioned according to the attacker's ability. However, this measure is insufficient to determine the optimal attack flow due to the refined random number generator. Most card-only attack methods assume a predicted or fixed random number, whereas several commercial cards use unpredictable and unfixable random numbers. In this paper, we propose optimal MIFARE Classic attack procedures with regards to the type of random number generator, as well as an adversary's ability. In addition, we show actual attack results from our portable experimental setup, which is comprised of a commercially developed attack device, a smartphone, and our own application retrieving secret data and sector key.
Keywords
RFID security; Mifare classic attack;
Citations & Related Records
연도 인용수 순위
  • Reference
1 N. T. Courtois, "The Dark Side of Security by Obscurity - and Cloning MiFare Classic Rail and Building Passes, Anywhere, Anytime," In: International Conference on Security and Cryptography, SECRYPT, pp. 331-338, Milan, Italy, 2009.
2 N. T. Courtois, K. Nohl, S. O'Neil, "Algebraic attacks on the Crypto-1 stream cipher in MiFare Classic and Oyster Cards," Cryptology ePrint Archive, Report 2008/166, 2008.
3 G. de Koning Gans, J.-H. Hoepman, F. D. Garcia, "A practical attack on the MIFARE Classic," In G. Grimaud, F.-X. Standaert (eds.) CARDIS 2008, LNCS, vol. 5189, pp. 267-282. Springer, Heidelberg, 2008.
4 F. D. Garcia, G. de Koning Gans, R. Muijrers, P. van Rossum, R. Verdult, R. W. Schreur, B. Jacobs, "Dismantling MIFARE Classic," In: S. Jajodia, J. Lopez (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 97-114. Springer, Heidelberg, 2008.
5 F. D. Garcia, P. van Rossum, R. Verdult, R. W. Schreu, "Wirelessly Pickpocketing a Mifare Classic Card," In: 30th IEEE Symposium on Security and Privacy, pp. 3-15. IEEE Press, Berkeley, CA, 2009.
6 NIST, FIPS 46-3, "Data Encryption Standard (DES)," http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
7 NIST, FIPS 197, "Advanced Encryption Standard AES," http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
8 NXP application note, "MIFARE ISO/IEC 14443 PICC Selection Rev. 3.0," http://www.nxp.com/documents/application_note/130830.pdf
9 K. Nohl, D. Evans, Starbug, H. Plotz, "Reverse-Engineering a Cryptographic RFID Tag," In: 17th USENIX Security Symposium, pp. 185-193. San Jose, CA, 2008.
10 K. Nohl, H. Plotz, "Mifare: Little security, despite obscurity," In: 24th Chaos Communication Congress, 24C3, Berlin, Germany, 2007.
11 NXP application note, "MIFARE Type Identification Procedure Rev. 3.5," http://www.nxp.com/documents/application note/AN10833.pdf
12 NXP application note, "NFC Type MIFARE Classic Tag Operation," http://www.nxp.com/documents/application_note/AN1304.pdf
13 NXP product data sheet, "MIFARE Classic EV 1K - Mainstream contactless smart card IC for fast and easy solution development Rev. 3.0," http://www.nxp.com/documents/data_sheet/MF1S50YYX_V1.pdf
14 NXP product short data sheet, "MF1PLUSx0y1 - Mainstream contactless smart card IC for fast and easy solution development Rev. 3.2," http://www.nxp.com/documents/short_data_sheet/MF1PLUSX0Y1_SDS.pdf
15 NXP short form specification, "P5CD072 - Secure Dual Interface PKI Smart Card Controller Rev. 1.2," http://www.searchdatasheet.com/datasheets-1/nxp/P5CD072EV0_TVSRRFFO.pdf
16 NXP product short data sheet, "MF1SPLUSx0y1 - Mainstream contactless smart card IC for fast and easy solution development Rev. 3.2," http://www.nxp.com/documents/short_data_sheet/MF1SPLUSX0Y1_SDS.pdf