Reverse-engineering a cryptographic RFID tag
SS'08 Proceedings of the 17th conference on Security symposium
Crossing borders: security and privacy issues of the european e-passport
IWSEC'06 Proceedings of the 1st international conference on Security
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Advances in Ultralightweight Cryptography for Low-Cost RFID Tags: Gossamer Protocol
Information Security Applications
Dismantling SecureMemory, CryptoMemory and CryptoRF
Proceedings of the 17th ACM conference on Computer and communications security
E-ticketing scheme for mobile devices with exculpability
DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
Chameleon: a versatile emulator for contactless smartcards
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
Identity verification schemes for public transport ticketing with NFC phones
Proceedings of the sixth ACM workshop on Scalable trusted computing
All you can eat or breaking a real-world contactless payment system
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Cube cryptanalysis of hitag2 stream cipher
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
PUF-Based RFID authentication protocol against secret key leakage
APWeb'12 Proceedings of the 14th Asia-Pacific international conference on Web Technologies and Applications
Gone in 360 seconds: Hijacking with Hitag2
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Mass transit ticketing with NFC mobile phones
INTRUST'11 Proceedings of the Third international conference on Trusted Systems
Threshold-Based Location-Aware Access Control
International Journal of Handheld Computing Research
Cryptanalytic attacks on MIFARE classic protocol
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
EnGarde: protecting the mobile phone from malicious NFC interactions
Proceeding of the 11th annual international conference on Mobile systems, applications, and services
Cryptoanalysis and improvement of smart prepayment meter protocol in standard Q/GDW 365
International Journal of Grid and Utility Computing
Elliptic curve-based RFID/NFC authentication with temperature sensor input for relay attacks
Decision Support Systems
| Hi-index | 0.00 |
The mifareClassic is the most widely used contactless smart card in the market. Its design and implementation details are kept secret by its manufacturer. This paper studies the architecture of the card and the communication protocol between card and reader. Then it gives a practical, low-cost, attack that recovers secret information from the memory of the card. Due to a weakness in the pseudo-random generator, we are able to recover the keystream generated by the CRYPTO1 stream cipher. We exploit the malleability of the stream cipher to read allmemory blocks of the first sector of the card. Moreover, we are able to read anysector of the memory of the card, provided that we know onememory block within this sector. Finally, and perhaps more damaging, the same holds for modifyingmemory blocks.