11/13/2022 0 Comments Desfire ev1 ev2 difference![]() The most serious of them retrieves a secret key in under a second. The stream cipher CRYPTO1 used by the Classic has recently been reverse engi- neered and serious attacks have been proposed. The Mifare Classic is the most widely used contactless smartcard on the market. We hope the new attack makes our point sufficiently clear, and we urge that all MIFARE-Classic operators with important transactions such as electronic payment upgrade their systems to the more secure alternatives soon. Still using the same cheap reader as previous attacks, it takes 2–15 min of computation on a PC to recover a secret key of Eas圜ard 2.0 after 10–20 h of data collection. In support of the proposition, we present a new card-only attack based on state-of-the-art algebraic differential cryptanalytic techniques. Obviously, the whole “patching” approach is questionable because Crypto-1 is fundamentally a weak cipher. Ergo, if we just fix these flaws, we can stop the most serious attacks without an expensive infrastructure upgrade.” One such prominent case is “Eas圜ard 2.0,” today accepted in Taiwan as a means of electronic payment not only in public transportation but also in convenient stores, drug stores, eateries, cafes, supermarkets, book stores, movie theaters, etc. All efficient card-only attacks depend on certain implementation flaws. ![]() Their risk analysis might have gone as follows: “The most serious threat comes from efficient card-only attacks, where the attacker only needs an off-the-shelf reader and a PC to tamper a target tag. However, many (especially in Asia) opted to “patch” MIFARE Classic instead. Some operators of MIFARE Classic-based systems reacted by upgrading to more secure alternatives such as MIFARE DESFire. However, it proved inadequate after weaknesses in the design and implementation of Crypto-1 and MIFARE Classic started surfacing since late 2007. ![]() It was claimed to be cryptographically protected by the proprietary Crypto-1 stream cipher. MIFARE Classic is the world’s most widely deployed RFID (radio-frequency identification) technology. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |