NXP RFID Cracked 111
kamlapati sends us to EETimes for news that the Chaos Computer Club in Germany and researchers from the University of Virginia have cracked the encryption scheme used in a common RFID chip, NXP's Mifare Classic. According to the article the device is used in many contactless smartcard applications including fare collection, loyalty cards, and access control cards. NXP downplays the significance of the hack, saying that that model of RFID card uses old technology and they do a much better job these days.
Yeah, but... (Score:5, Insightful)
I don't doubt for a minute that NXP does a much better job on security these days. But based on past performance, you can bet a lot of the old ones are still floating around, and will be for a long, long time to come.
This is why RFID is bad (Score:4, Insightful)
Sure it MIGHT be slightly more convenient, but I would rather take the 3 seconds to swipe the card and not have to deal with fraud and identity theft which will take up more time.
RFID is a terrible concept, but at the very least they should make cards with an off switch.
Re:Frustrating, but not really... (Score:3, Insightful)
downplaying the white elephant (Score:4, Insightful)
NXP downplays the significance of the hack, saying that that model of RFID card uses old technology and they do a much better job these days.
...except that more than half of the world's largest transit systems use MiFare Classic- they're all truly fucked, and it wouldn't surprise me if the mafia are already cloning/selling counterfeit cards, especially in Asia. Also, apparently in some countries MiFare Classic cards are as prevalent as HID Proxcards are in the US for building access.
Also, for those of you claiming read distance is enough protection- sure, the reader on the bus can only read your card at an inch or two. Well, see- there are commercial solutions that can do much more. HID, for example, makes a one-foot-square reader capable of reading proximity cards at a distance of over a foot, sometimes almost two feet. Antenna size (for receiving the card response) and power levels (for energizing the card) are all that matter here, really.
Now, think about how close you get to people as you board a bus and grab a seat at the back- how many pocketbooks and wallets you can easily come within a foot (or less.) Now think about how big an antenna you could put in a bookbag or briefcase...
Re:This is why RFID is bad (Score:2, Insightful)
Re:Transit passes... (Score:3, Insightful)
Re:Frustrating, but not really... (Score:5, Insightful)
I guess making the encryption barely good enough is a nice way to ensure you get future orders. Their customers can upgrade for a moderate fee or spend a hell of a lot more to go elsewhere.
Re:This is why RFID is bad (Score:2, Insightful)
The fault lies not in RFID, but in a lousy security implementation.
The same principle applies to cards that use metal contacts.
(Did you see the ATM hack in Terminator 2?)
My college has that type of cards, only with direct electrical contacts.
It was only slightly harder to analyse (dummy card & card holder to tap the signal),
but the encryption on it was simply impossible.
Don't blame RFID on the things it's (ab)used for.
Those radio-gates at stores are based on RFID.
Modern (Computer) factories use RFID to track orders, instead of barcodes.
RFID is a read-write barcode. As long as it's used in a closed, secure system, it's just fine.
Re:Security implications? (Score:5, Insightful)
I don't think that CRYPTO1 use is limited to contactless (RFID) cards. Presumably, any smart card (whether wireless or not) that uses CRYPTO1 to protect data is now compromised.
It's tough to pinpoint the security implications because it depends on what cards out there in the world (and there are a TON of Mifare cards in use!)
The fun, for the years ahead, will be in discovering where these implementations exist in the real world. In the software world we know that people are slow enough updating compromised software. Well this is HARDWARE we're talking about, with millions (or more?) deployed vulnerable smart cards, in a variety of potentially vulnerable settings.
Re:Security implications? (Score:3, Insightful)
http://video.google.com/videoplay?docid=4252367680974396650&hl=en [google.com]
Re:Frustrating, but not really... (Score:3, Insightful)
That's not really fair. When MIFARE "classic" was first released, it wasn't really possible to get strong encryption in a passive, contactless form factor. Not only that, there were also cryptography import/export regulations that limited the key size to 40 bits. As technology has progressed, the MIFARE brand has grown to include other technologies which are very secure and don't use proprietary algorithms. Current-generation devices use AES, for example.
Many customers of the various contactless smart card vendors have continued choosing MIFARE "classic", in spite of the fact that the security industry has been telling them for years that it wasn't a good idea. Why? Cost. The old technology was very simple, which translates to low silicon real-estate requirements, which translates to cheap.
If NXP and other vendors of MIFARE classic chips are at fault in any way, it's just for not being a little more aggressive in trying to talk customers out of choosing the cheap option. In many cases, the customers' business model couldn't accommodate a more expensive chip, so telling them not to use crappy security would have meant losing the business entirely. Personally, I told my clients not to use MIFARE classic even if it torpedoed the project, but others were more... "sales-oriented" is a nice way of putting it.
Re:RFID Limited Range? Ha, Ha, Ha! (Score:3, Insightful)
You should do it, then, and make a name for yourself. The maximum range that anyone has been able to communicate with these chips is about three meters, and that in a carefully-controlled, RF-damped lab environment[*].
Part of the thing that makes it so difficult is that the card is powered by inductance from the reader's field. Since power delivered to the card decreases with the cube of distance, this means that as range increases the power requirements go up dramatically. Another part of the problem is that the signal transmitted by the card is very weak and omnidirectional. While the reader can use a directional antenna to increase the effective range at which it can deliver sufficient power and a strong signal, the card does no such thing, meaning its signal rapidly falls below the noise floor as the distance increases.
[*] There are some papers floating around that demonstrate ability to communicate with a contactless smart card from arbitrary distances, but they do it by putting a powered repeater right next to the card.