The MIFARE Classic story
نویسندگان
چکیده
The MIFARE Classic product from NXP Semiconductors has been much maligned over recent years and whilst some of the criticism is well justified by virtue of the inherent security problems, it is by no means the weakest card/RFID in use today. In this article we give a brief overview of the MIFARE Classic card, its use, design and security. We start by looking at the range of card and RFID products and placing the MIFARE Classic in its intended position. The process of risk assessment is then discussed as a means of choosing “appropriate” products and solutions. We then discuss the history of the MIFARE Classic, its design, security features and associate attacks. The long-lasting effects of the attacks and publicity are considered with respect to not only the MIFARE Classic, but for similar products risk reviews.
منابع مشابه
The Fall of a Tiny Star
This short paper gives a combined technical-historical account of the fate of the world’s most-used contactless smart card, the MIFARE Classic. The account concentrates on the years 2008 and 2009 when serious security flaws in the MIFARE Classic were unveiled. The story covers, besides the relevant technicalities, the risks of proprietary security mechanisms, the rights and morals wrt. publishi...
متن کاملMaking the Best of Mifare Classic Update
What would you do if you would be instructed to make a secure application built on the Mifare Classic? Arguably, due to the vulnerabilities shown in [5] and hinted at on [6], this is rather difficult and it may be easier to use to another chip. This document explores what the best is you can get, if the only option is Mifare Classic. We propose countermeasures against state restoration and agai...
متن کاملThe Dark Side of Security by Obscurity
MiFare Classic is the most popular contactless smart card with some 200 millions copies in circulation worldwide. At Esorics 2008 Dutch researchers showed that the underlying cipher Crypto-1 can be cracked in as little as 0.1 seconds if the attacker can eavesdrop the RF communications with the (genuine) reader. We discovered that a MiFare classic card can be cloned in a much more practical tota...
متن کاملLogical Formalisation and Analysis of the Mifare Classic Card in PVS
The way that Mifare Classic smart cards work has been uncovered recently [2,4] and several vulnerabilities and exploits have emerged. This paper gives a precise logical formalisation of the essentials of the Mifare Classic card, in the language of a theorem prover (PVS). The formalisation covers the LFSR, the filter function and (parts of) the authentication protocol, thus serving as precise do...
متن کاملThe Dark Side of Security by Obscurity - and Cloning MiFare Classic Rail and Building Passes, Anywhere, Anytime
MiFare Classic is the most popular contactless smart card with about 200 millions copies in circulation worldwide. At Esorics 2008 Dutch researchers showed that the underlying cipher Crypto-1 can be cracked in as little as 0.1 seconds if the attacker can access or eavesdrop the RF communications with the (genuine) reader. We discovered that a MiFare classic card can be cloned in a much more pra...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Inf. Sec. Techn. Report
دوره 15 شماره
صفحات -
تاریخ انتشار 2010