Ming-Yang Chih,Jie-Ren Shih,Bo‐Yin Yang,Jin-Tai Ding,Chen-Mou Cheng

DOI: https://doi.org/10.29615/cisc.201005.0126

2010-01-01

Abstract:MIFARE Classic is a proprietary contactless smart card technology widely used in public transportation ticketing systems of cities across the world. MIFARE Classic's cryptographic protection to the stored data has been reverse-engineered and broken in a recent series of papers. In this paper, we report our experience attacking a real MIFARE Classic system. Specifically, we have implemented a brute-force search using NVIDIA graphics cards to verify the claims in the literature. Moreover, we have achieved a tremendous improvement over an existing sniffer-based attack that takes advantage of other design and implementation flaws of CRYPTO-1, MIFARE Classic's proprietary cipher. To our best knowledge, this is the first report in the literature of a practical long-range attack. These attacks disarm all cryptographic protection of MIFARE Classic, making it extremely difficult to secure transactions. Lastly, we take up the challenge and present our ideas how to defend against most attacks using practical mechanisms that do not require any hardware changes. Our proposed mechanisms can be easily implemented on a variety of MIFARE Classic readers on the market and only require commodity PCs be used in the backend system with intermittent network connectivity.

Yi-Hao Chiu,Wei-Chih Hong,Li-Ping Chou,Jintai Ding,Bo-Yin Yang,Chen-Mou Cheng

DOI: https://doi.org/10.1007/978-3-319-12087-4_10

2014-01-01

Abstract:MIFARE Classic is the world's most widely deployed RFID (radio-frequency identification) technology. It was claimed to be cryptographically protected by the proprietary Crypto-1 stream cipher. However, it proved inadequate after weaknesses in the design and implementation of Crypto-1 and MIFARE Classic started surfacing since late 2007 [7,8,12-17]. Some operators of MIFARE Classic-based systems reacted by upgrading to more secure alternatives such as MIFARE DESFire. However, many (especially in Asia) opted to "patch" MIFARE Classic instead. Their risk analysis might have gone as follows: "The most serious threat comes from efficient card-only attacks, where the attacker only needs an off-the-shelf reader and a PC to tamper a target tag. All efficient card-only attacks depend on certain implementation flaws. Ergo, if we just fix these flaws, we can stop the most serious attacks without an expensive infrastructure upgrade." One such prominent case is "EasyCard 2.0," today accepted in Taiwan as a means of electronic payment not only in public transportation but also in convenient stores, drug stores, eateries, cafes, supermarkets, book stores, movie theaters, etc. Obviously, the whole "patching" approach is questionable because Crypto-1 is fundamentally a weak cipher. In support of the proposition, we present a new card-only attack based on state-of-the-art algebraic differential cryptanalytic techniques [1,2]. Still using the same cheap reader as previous attacks, it takes 2-15 min of computation on a PC to recover a secret key of EasyCard 2.0 after 10-20 h of data collection. We hope the new attack makes our point sufficiently clear, and we urge that all MIFARE-Classic operators with important transactions such as electronic payment upgrade their systems to the more secure alternatives soon.

Ya Liu,Dawu Gu,Bailan Li,Bo Qu

DOI: https://doi.org/10.1016/j.mcm.2012.07.020

2013-01-01

Mathematical and Computer Modelling

Abstract:MIFARE Classic is a contactless smart card which is widely used in several public transport systems. The researchers had presented different methods to clone a card in a practical card-only scenario. Among them, they recover the second or subsequent sector key by trying to accurately estimate the time information between two consecutive authentication attempts in a nested authentication. In this paper, we study the security of the MIFARE Classic in another practical scenario, where the adversary only communicates with a legitimate reader. The worst scenario to recover the second or subsequent sector key in a nested authentication only requires about 8 authentication attempts to the legitimate reader on average and the off-line search in about 328 s on Garcia's ordinary computer without estimating the time information between two consecutive authentications. Following this result, it is possible for the attackers to simulate or forge a legal card to authenticate successfully with a legitimate reader. To avoid this weakness, the reader must verify some information on the legal card at the beginning and it requires to be protected in some sense. (C) 2012 Elsevier Ltd. All rights reserved.

Marco Alecci,Luca Attanasio,Alessandro Brighente,Mauro Conti,Eleonora Losiouk,Hideki Ochiai,Federico Turrin

DOI: https://doi.org/10.1145/3607199.3607243

2023-07-12

Abstract:Today, we rely on contactless smart cards to perform several critical operations (e.g., payments and accessing buildings). Attacking smart cards can have severe consequences, such as losing money or leaking sensitive information. Although the security protections embedded in smart cards have evolved over the years, those with weak security properties are still commonly used. Among the different solutions, blocking cards are affordable devices to protect smart cards. These devices are placed close to the smart cards, generating a noisy jamming signal or shielding them. Whereas vendors claim the reliability of their blocking cards, no previous study has ever focused on evaluating their effectiveness. In this paper, we shed light on the security threats on smart cards in the presence of blocking cards, showing the possibility of being bypassed by an attacker. We analyze blocking cards by inspecting their emitted signal and assessing a vulnerability in their internal design. We propose a novel attack that bypasses the jamming signal emitted by a blocking card and reads the content of the smart card. We evaluate the effectiveness of 11 blocking cards when protecting a MIFARE Ultralight smart card and a MIFARE Classic card. Of these 11 cards, we managed to bypass 8 of them and successfully dump the content of a smart card despite the presence of the blocking card. Our findings highlight that the noise type implemented by the blocking cards highly affects the protection level achieved by them. Based on this observation, we propose a countermeasure that may lead to the design of effective blocking cards. To further improve security, we released the tool we developed to inspect the spectrum emitted by blocking cards and set up our attack.

Cryptography and Security

ming sze angela wong,weidong liu

2010-01-01

Abstract:The Mifare Classic card is the most widely used contactless smart card in the world. Since the Mifare Classic card was cracked, how to protect data in Mifare Classic card becomes a big challenge. In this paper, a novel data protection scheme for this RFID card is presented. By combining Arnold transform for data hiding and SHA-1 and Arnold transform based auth code for tamper and counterfeit detection, it can guarantee data integrity and confidentiality in Mifare Classic card.

Yuanchao Shu,Yu Gu,Jiming Chen

DOI: https://doi.org/10.1109/MASS.2012.6502522

2012-01-01

Abstract:Access card authentication is critical and essential for many modern access control systems, which have been widely deployed in various government, commercial and residential environments. However, due to the static identification information exchange among the access cards and access control clients, it is very challenging to fight against access control system breaches due to reasons such as loss, stolen or unauthorized duplications of the access cards. Although advanced biometric authentication methods such as fingerprint and iris identification can further identify the user who is requesting authorization, they incur high system costs and access privileges can not be transferred among trusted users. In this work, we introduce a sensory-data-enhanced authentication for access control systems. By combining sensory-data obtained from onboard sensors on the access cards as well as the original encoded identification information, we are able to effectively tackle the problems such as access card loss and stolen. Our solution is backward-compatible with existing access control systems and significantly increases the key spaces for authentication. We theoretically demonstrate the potential key space increases with simple sensor data and empirically demonstrate simple rotations can increase key space by more than 30, 000 times with an authentication accuracy of 95%. We performed extensive simulations under various environment settings and implemented our design on WISP to experimentally verify the system performance.

Zheng Zhou,Weiming Zhang,Nenghai Yu

DOI: https://doi.org/10.48550/arXiv.1902.00676

2019-05-19

Abstract:Radio-frequency identification(RFID) technology is widely applied in daily human life. The RFID cards are seen everywhere, from entrance guard to consumption. The information security of RFID cards, such as data confidentiality, tag anonymity, mutual authentication etc, has been fully studied. In the paper, using the RFID cards in MIFARE Classic and DESFire families, a bidirectional covert channel via multipurpose RFID cards between service providers is built to leak sensitive data between two simulation systems. Furthermore, by calculations and experiments, the daily channel capacity to leak data of the channel is obtained. Although the storage capacity of a single RFID card is very small, a large user base can still bring about a considerable amount to leak data. Then, the reasons for the existence of such channels are discussed. To eliminate this type of covert channels, a new authentication protocol between RFID cards and card readers are proposed. Our experimental results show a significant security improvement in prevention of such covert communications while keeping user convenience.

Cryptography and Security

Fan Dang,Pengfei Zhou,Zhenhua Li,Yunhao Liu

DOI: https://doi.org/10.1109/infcomw.2017.8116391

2017-01-01

Abstract:Automated fare collection (AFC) systems have been widely applied to practical transportation due to their convenience. Although there are many potential threats of NFC such as eavesdropping, data modification, and relay attacks, NFC based AFC systems are considered secure, due to the limited 10cm communication distance. Nevertheless, the proliferation of NFC-equipped mobile phones make such system venerable. We introduce and implement an attack on AFC cards that permits an attacker to top up his smart card and get a refund. We also propose possible countermeasures to defend against these attacks.

Jun Guo,Liji Wu,Xiangmin Zhang,Xiangyu Li

DOI: https://doi.org/10.1109/cis.2012.150

2012-01-01

Abstract:Fault attack is a kind of attack that the attacker injects faults into the hardware and the secret key is likely to be revealed. The paper will describe a fault attack platform for smart card. This platform includes PC terminal serial console software, smart card interface circuits, and smart card reader fault attack circuits. Then the fault platform could communicate with the contact smart card or the smart card reader by complying with the protocol of ISO/IEC 7816. Using this fault platform, we can inject any glitches on power and clock when the smart card is running the encryption command. And then the fault attack platform can send wrong ciphertext to the PC terminal console software through by serial port. We can analyze the fault data by MATLAB or software programming to crack the key of the smart card. So, the security of smart card could be verified. The glitch of voltage range could be from 0v to 5v. And the scope of clock frequency can be from 1HZ to 50 MHZ.

Kun Gu,Liji Wu,Xiangyu Li,Xiangxin Zhang

DOI: https://doi.org/10.1109/cis.2011.149

2011-01-01

Abstract:Information security is very important for the smart cards. Electromagnetic analysis (EMA) attack is a common method of side channel attacks which is a serious threat for the security of smart cards. So it is necessary to build a system to estimate the ability of the smart card to resist EMA attack. In this paper, an automatic EMA system for smart cards is designed and implemented. This system can measuring the electromagnetic field of smart card and can also carry out EMA attack. To verify the effectiveness of this system, an EMA attack was successfully carried out by it on a FPGA which 3DES cryptographic algorithm was loaded and implemented. 3DES is widely used in bank IC card and USB key. It is important to make sure of the safety of these financial IC cards. The experimental results showed that the applicable electromagnetic field signal can be traced to estimate the ability of the security device to resist EMA attack.

Yun Tian,Gongliang Chen,Jianhua Li

2013-01-01

Abstract:Radio frequency identification (RFID) has a variety of applications and has raised more and more attention. On the other hand, privacy and security problem limits the large-scale use of RFID. The most flexible and effective way to settle this problem is to adopt authentication protocols. However, many proposed RFID authentication protocols have certain weakness. This paper aims to find the possible desynchronization attacks in the design of RFID mutual authentication protocols. We specified the system model and the abilities of adversaries. In order to launch the attack, we proposed the framework of a class of 3-round RFID mutual authentication protocols. It is proved that the protocol will be vulnerable to the desynchronization attack if tag impersonation attack is feasible in the protocol.

Yinzhi Cao,Xiang Pan,Yan Chen

DOI: https://doi.org/10.1109/cns.2015.7346825

2015-01-01

Abstract:Existing magnetic cards adopt plain text to store confidential information, thus being vulnerable to an untrusted credit card reader or a skimming device. To tackle the problem, researchers have proposed several new techniques such as integrated circuit card (IC card) and mobile wallet applications [1]; however, none of them can support existing magnetic card readers thereby facing backwards compatibility issue. In this paper, to combat such credit card information leakages and remain backwards compatible, we propose SafePay, a system that transforms disposable credit card information to electrical current and drives a magnetic card chip to simulate the behavior of a physical magnetic card. We have implemented a prototype system of SafePay by a mobile phone and a prototype magnetic card chip. In the evaluation, we show that the current cost is about $0.5 excluding the phone, and the cost can be even lowered if manufactured in large scale. We also evaluated the prototype in experimental environment such as oscilloscope and real-world scenarios such as vending machines. The results show that the physical signal in oscilloscope is the same as the theoretical value, and meanwhile, we can successfully buy products in all the tested real-world scenarios.

Zhihui Zhu,Wei Liu,Xiangyu Li,Liji Wu,Xiangming Zhang

DOI: https://doi.org/10.1109/ICSICT.2012.6467633

2012-01-01

Abstract:An electromagnetic (EM) analysis and attacks system has been designed for cryptographic Radio Frequency Identification Devices (RFID). The system has the function of carrier removing in analog front-end with adaptive carrier obtain and EM shielding, finding the best acquisition position base on multiple feedback judgment, preprocessing and analysis with drift elimination and noise reduction. Analysis is performed on a practical 13.56M RFID, the Triple-DES (3DES) operation time is located with 1400 curves, and the key of 3DES is recovered with 14000 curves using preprocessing with drift elimination and noise reduction.

Ding Wang,Chunguang Ma,Sendong Zhao,ChangLi Zhou

DOI: https://doi.org/10.1007/978-3-642-35606-3_13

2012-01-01

Abstract:Understanding security failures of cryptographic protocols is the key to both patching existing protocols and designing future schemes. Recently, Yeh et al. showed that Hsiang and Shih's password-based remote user authentication scheme is vulnerable to various attacks if the smart card is nontamper resistant, and proposed an improved version which was claimed to be efficient and secure. In this study, however, we find that, although Yeh et al.'s scheme possesses many attractive features, it still cannot achieve the claimed security goals, and we report its following flaws: (1) It cannot withstand offline password guessing attack and key-compromise impersonation attack under their non-tamper resistance assumption of the smart card; (2) It fails to provide user anonymity and forward secrecy; (3) It has some other minor defects. The proposed cryptanalysis discourages any use of the scheme under investigation in practice. Remarkably, rationales for the security analysis of password-based authentication schemes using smart cards are discussed in detail. © IFIP International Federation for Information Processing 2012.

Xiang Gao,Yiqiang Zhao,Haocheng Ma

DOI: https://doi.org/10.3390/s18093034

IF: 3.9

2018-01-01

Sensors

Abstract:Information system security has been in the spotlight of individuals and governments in recent years. Integrated Circuits (ICs) function as the basic element of communication and information spreading, therefore they have become an important target for attackers. From this perspective, system-level protection to keep chips from being attacked is of vital importance. This paper proposes a novel method based on a fringing electric field (FEF) sensor to detect whether chips are dismantled from a printed circuit board (PCB) as system-level protection. The proposed method overcomes the shortcomings of existing techniques that can be only used in specific fields. After detecting a chip being dismantled from PCB, some protective measures like deleting key data can be implemented to be against attacking. Fringing electric field sensors are analyzed through simulation. By optimizing sensor’s patterns, areas and geometrical parameters, the methods that maximize sensitivity of fringing electric field sensors are put forward and illustrated. The simulation is also reproduced by an experiment to ensure that the method is feasible and reliable. The results of experiments are inspiring in that they prove that the sensor can work well for protection of chips and has the advantage of universal applicability, low cost and high reliability.

H. M. Sun,S. M. Chen,K. H. Wang

2011-01-01

Abstract:There are increasing concerns on the security of RFID usages. Recently, Lu et al. presented ACTION, a privacy preservative authentication protocol for RFID. It is claimed that it achieves high level of security even if a large number of tags is compromised. However, we found that this protocol is vulnerable to two severe attacks : Desynchronizing attacks and Tracking attacks. In this pape r, we present how these two attacks work even if the protocol parameters are moderated.

Tianjie Cao,Peng Shen,Elisa Bertino

DOI: https://doi.org/10.4304/jcm.3.7.20-27

2008-01-01

Journal of Communications

Abstract:Two effective attacks, namely de-synchronization attack and impersonation attack, against Ha et al.’s LCSS RFID authentication protocol, Song and Mitchell’s protocol are identified. The former attack can break the synchronization between the RFID reader and the tag in a single protocol run so that they can not authenticate each other in any following protocol run. The latter can impersonate a legal tag to spoof the RFID reader by extracting the ID of a specific tag during the authentication process. An impersonation attack against Chen et al.’s RFID authentication scheme is also identified. By sending malicious queries to the tag and collecting the response messages emitted by the tag, the attack allows an adversary to extract the secret information from the tag and further to impersonate the legal tag.

Wang Feiyu,Li Xiangyu,Wu Liji,Zhang Xiangmin

DOI: https://doi.org/10.16526/j.cnki.11-4762/tp.2012.09.032

2012-01-01

Abstract:In order to enhance the security of contact smartcards,an embedded system for practical security analysis which is an opening programming platform for generating trigger signals of the chip is designed.Detail design of the embedded system is presented,and the design of contact smartcards interface circuit,card reader interface circuit and the control module are described particularly.This design can be used to communicate with smartcards or card reader,at the same time implementing Man-in-the-MiddleAttack,generating trigger signals for Side-Channel attack or disturbing power supply or clock of the smartcards.Furthermore,it can test and verify the chip design of contact smartcards by FPGA.The result shows us it is not only flexibility,low cost and high efficiency,but also utilized in many fields such as Side-Channel attack,fault attack and security testing in cryptographic chip.

Yinan Zhu,Chunhui Duan,Xuan Ding,Zheng Yang

DOI: https://doi.org/10.1109/secon55815.2022.9918585

2022-01-01

Abstract:Unauthorized access attack has always been a critical problem in RFID systems since any illegitimate reader can conduct access commands on tags without authorization and leave no trace. Past solutions for reader authentication require either modifications on EPC-global Gen2 protocol, which are inapplicable to existing infrastructures, or numerous extra customized devices as communication monitors, which incur high overhead. In this paper, we present a universal, low-cost and effective system to authenticate RFID readers, namely ReaderPrint, which only requires an extra passive tag array and is fully compatible with Gen2 protocol. The key insight behind ReaderPrint is that the impedance mismatch degrees (IMD) of different reader antennas across channels are distinguishable. We verify this mechanism through empirical studies using vector network analyzer and further propose two brand-new forms of hardware fingerprints, i.e., IMD-induced transmission power attenuation (ITPA) and phase shifts (IPS) across channels to quantify the IMD. Besides, to address the negative impacts of environmental changes, well-refined fingerprint matching algorithms are designed accordingly. We implement a prototype of ReaderPrint and evaluate it on 96 different readers in three indoor scenarios. Experimental results show that ReaderPrint can achieve fairly high authentication accuracy of up to 97.2%, regardless of environmental or device conditions.

Tianjie Cao,Peng Shen

DOI: https://doi.org/10.6633/ijns.200907.9(1).12

2009-01-01

Abstract:Radio frequency identification (RFID) technologies have many advantages in applications such as object tracking and monitoring, ticketing, supply-chain management, contactless payment systems. However, the RFID system may bring about various security and privacy problems. In this paper we present our security analysis of the LAK protocol and the CWH protocol. First, we show that the LAK protocol cannot resist replay attacks, and there- fore an adversary can impersonate a legal tag. Next, we present a full-disclosure attack on the CWH protocol. By sending malicious queries to a tag and collecting the response messages emitted by the tag, the full-disclosure attack allows an adversary to extract the secret information from the tag.