Sciweavers

CCS
2015
ACM

Ciphertext-only Cryptanalysis on Hardened Mifare Classic Cards

8 years 8 months ago
Ciphertext-only Cryptanalysis on Hardened Mifare Classic Cards
Despite a series of attacks, mifare Classic is still the world’s most widely deployed contactless smartcard on the market. The Classic uses a proprietary stream cipher crypto1 to provide confidentiality and mutual authentication between card and reader. However, once the cipher was reverse engineered, many serious vulnerabilities surfaced. A number of passive and active attacks were proposed that exploit these vulnerabilities. The most severe key recovery attacks only require wireless interaction with a card. System integrators consider such card-only attacks as one of the most serious threat vectors to their mifare Classic-based systems, since it allows the adversary to avoid camera detection, which is often present at an access control entrance or public transport gate. However, all card-only attacks proposed in the literature depend on implementation mistakes which can easily be mitigated without breaking backwards compatibility with the existing reader infrastructure. Consequen...
Carlo Meijer, Roel Verdult
Added 17 Apr 2016
Updated 17 Apr 2016
Type Journal
Year 2015
Where CCS
Authors Carlo Meijer, Roel Verdult
Comments (0)