Sciweavers

CARDIS
2008
Springer

A Practical Attack on the MIFARE Classic

14 years 2 months ago
A Practical Attack on the MIFARE Classic
The mifare Classic is the most widely used contactless smart card in the market. Its design and implementation details are kept secret by its manufacturer. This paper studies the architecture of the card and the communication protocol between card and reader. Then it gives a practical, low-cost, attack that recovers secret information from the memory of the card. Due to a weakness in the pseudo-random generator, we are able to recover the keystream generated by the CRYPTO1 stream cipher. We exploit the malleability of the stream cipher to read all memory blocks of the first sector of the card. Moreover, we are able to read any sector of the memory of the card, provided that we know one memory block within this sector. Finally, and perhaps more damaging, the same holds for modifying memory blocks.
Gerhard de Koning Gans, Jaap-Henk Hoepman, Flavio
Added 12 Oct 2010
Updated 12 Oct 2010
Type Conference
Year 2008
Where CARDIS
Authors Gerhard de Koning Gans, Jaap-Henk Hoepman, Flavio D. Garcia
Comments (0)