The mifare Classic is a contactless smart card that is used extensively in access control for office buildings, payment systems for public transport, and other applications. We reverse engineered the security mechanisms of this chip: the authentication protocol, the symmetric cipher, and the initialization mechanism. We describe several security vulnerabilities in these mechanisms and exploit these vulnerabilities with two attacks; both are capable of retrieving the secret key from a genuine reader. The most serious one recovers the secret key from just one or two authentication attempts with a genuine reader in less than a second on ordinary hardware and without any pre-computation. Using the same methods, an attacker can also eavesdrop the communication between a tag and a reader, and decrypt the whole trace, even if it involves multiple authentications. This enables an attacker to clone a card or to restore a real card to a previous state. © 2008 Springer Berlin Heidelberg.
CITATION STYLE
Garcia, F. D., De Koning Gans, G., Muijrers, R., Van Rossum, P., Verdult, R., Schreur, R. W., & Jacobs, B. (2008). Dismantling MIFARE classic. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5283 LNCS, pp. 97–114). Springer Verlag. https://doi.org/10.1007/978-3-540-88313-5_7
Mendeley helps you to discover research relevant for your work.