An RFID Distance Bounding Protocol
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
Security analysis of a cryptographically-enabled RFID device
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
A Practical Attack on the MIFARE Classic
CARDIS '08 Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Transport ticketing security and fraud controls
Information Security Tech. Report
Attacking smart card systems: Theory and practice
Information Security Tech. Report
Performance Issues of Selective Disclosure and Blinded Issuing Protocols on Java Card
WISTP '09 Proceedings of the 3rd IFIP WG 11.2 International Workshop on Information Security Theory and Practice. Smart Devices, Pervasive Systems, and Ubiquitous Networks
EPC RFID tag security weaknesses and defenses: passport cards, enhanced drivers licenses, and beyond
Proceedings of the 16th ACM conference on Computer and communications security
An introduction to implementation attacks and countermeasures
MEMOCODE'09 Proceedings of the 7th IEEE/ACM international conference on Formal Methods and Models for Codesign
Trust in RFID-enabled Supply-Chain Management
International Journal of Security and Networks
Neural network approach to locating cryptography in object code
ETFA'09 Proceedings of the 14th IEEE international conference on Emerging technologies & factory automation
Low-power sub-threshold design of secure physical unclonable functions
Proceedings of the 16th ACM/IEEE international symposium on Low power electronics and design
A Java based component identification tool for measuring the strength of circuit protections
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Security analysis of India's electronic voting machines
Proceedings of the 17th ACM conference on Computer and communications security
Dismantling SecureMemory, CryptoMemory and CryptoRF
Proceedings of the 17th ACM conference on Computer and communications security
Cryptanalysis of the DECT standard cipher
FSE'10 Proceedings of the 17th international conference on Fast software encryption
Defeating any secret cryptography with SCARE attacks
LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
Low-resource hardware design of an elliptic curve processor for contactless devices
WISA'10 Proceedings of the 11th international conference on Information security applications
Practical eavesdropping and skimming attacks on high-frequency RFID tokens
Journal of Computer Security - 2010 Workshop on RFID Security (RFIDSec'10 Asia)
A versatile framework for implementation attacks on cryptographic RFIDs and embedded devices
Transactions on computational science X
Exposing iClass key diversification
WOOT'11 Proceedings of the 5th USENIX conference on Offensive technologies
Logical formalisation and analysis of the mifare classic card in PVS
ITP'11 Proceedings of the Second international conference on Interactive theorem proving
Chameleon: a versatile emulator for contactless smartcards
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
Breaking mifare DESFire MF3ICD40: power analysis and templates in the real world
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
All you can eat or breaking a real-world contactless payment system
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Peeling away layers of an RFID security system
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Power analysis of atmel cryptomemory --- recovering keys from secure EEPROMs
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Side-channel analysis of cryptographic RFIDs with analog demodulation
RFIDSec'11 Proceedings of the 7th international conference on RFID Security and Privacy
Cube cryptanalysis of hitag2 stream cipher
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
Design challenges for secure implantable medical devices
Proceedings of the 49th Annual Design Automation Conference
Optimization schemes for protective jamming
Proceedings of the thirteenth ACM international symposium on Mobile Ad Hoc Networking and Computing
Gone in 360 seconds: Hijacking with Hitag2
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Neighborhood watch: security and privacy analysis of automatic meter reading systems
Proceedings of the 2012 ACM conference on Computer and communications security
Security Risks Associated with Radio Frequency Identification in Medical Environments
Journal of Medical Systems
Simple photonic emission analysis of AES: photonic side channel analysis for the rest of us
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Cryptanalytic attacks on MIFARE classic protocol
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
Breaking and entering through the silicon
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Optimization Schemes for Protective Jamming
Mobile Networks and Applications
Hi-index | 0.00 |
The security of embedded devices often relies on the secrecy of proprietary cryptographic algorithms. These algorithms and their weaknesses are frequently disclosed through reverse-engineering software, but it is commonly thought to be too expensive to reconstruct designs from a hardware implementation alone. This paper challenges that belief by presenting an approach to reverse-engineering a cipher from a silicon implementation. Using this mostly automated approach, we reveal a cipher from an RFID tag that is not known to have a software or micro-code implementation. We reconstruct the cipher from the widely used Mifare Classic RFID tag by using a combination of image analysis of circuits and protocol analysis. Our analysis reveals that the security of the tag is even below the level that its 48-bit key length suggests due to a number of design flaws. Weak random numbers and a weakness in the authentication protocol allow for pre-computed rainbow tables to be used to find any key in a matter of seconds. Our approach of deducing functionality from circuit images is mostly automated, hence it is also feasible for large chips. The assumption that algorithms can be kept secret should therefore to be avoided for any type of silicon chip.