2008 | OriginalPaper | Buchkapitel
A Practical Attack on the MIFARE Classic
verfasst von : Gerhard de Koning Gans, Jaap-Henk Hoepman, Flavio D. Garcia
Erschienen in: Smart Card Research and Advanced Applications
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
The
mifare
Classic is the most widely used contactless smart card in the market. Its design and implementation details are kept secret by its manufacturer. This paper studies the architecture of the card and the communication protocol between card and reader. Then it gives a practical, low-cost, attack that recovers secret information from the memory of the card. Due to a weakness in the pseudo-random generator, we are able to recover the keystream generated by the CRYPTO1 stream cipher. We exploit the malleability of the stream cipher to read
all
memory blocks of the first sector of the card. Moreover, we are able to read
any
sector of the memory of the card, provided that we know
one
memory block within this sector. Finally, and perhaps more damaging, the same holds for
modifying
memory blocks.