RFID Hacked (Again)

[Tuckerfan]

Why anyone thinks these things are a good idea is beyond me, since they’re pretty vulnerable, but now, perhaps people are really starting to wake up to that fact.

A student at the University of Virginia has discovered a way to break through the encryption code of RFID chips used in up to 2 billion smart cards used to open doors and board public transportation systems.

Karsten Nohl, a graduate student working with two researchers based in Germany, said the problem lies in what he calls weak encryption in the MiFare Classic, an RFID chip manufactured by NXP Semiconductors. Now that he’s broken the encryption, Nohl said he would only need a laptop, a scanner and a few minutes to get the cryptographic key to an RFID door lock and create a duplicate card to open it at will.

These “smart cards” are also used as part of locks of “secure” government facilities. According to the article, the news has so spooked an EU nation that they’re posting armed guards.

[Otto]

I have a friend who works for the state Department of Transportation. She was telling me the other day about some of the new requirements for state IDs and drivers licenses that are going to be implemented under some federal mandate or other that grew out of the 9/11 Commission’s recommendations. One of them is that RFID chips will be embedded in every license and ID and the state won’t do anything to prevent anyone with a reader from scanning strangers’ cards. This is still several years in the future but I’m thinking when the day comes I’ll invest in a lead wallet.

[chappachula]

it looks like the problem isn’t with the RFID chip, it’s with the programming.

from the cited article:

The MiFare chip was first introduced in 1994. At the time, the security level was very high …The 48-bit key lengths for encryption was state of the art."
… the company has other, more secure chips in its product portfolio these days, but the MiFare Classic is a relatively inexpensive, entry-level chip

the majority of the smart cards with this chip are used as bus or subway cards

So the real question is why some high-security facilities are using a bus-fare card to protect themselves.

[Tuckerfan]

chappachula:

it looks like the problem isn’t with the RFID chip, it’s with the programming.

Yeah, but RFIDs are really easy to hack and/or clone. The subject of their insecurity has come up here a number of times. I wouldn’t trust those things to protect my pron collection, much less my personal info or secure a building with them.

So the real question is why some high-security facilities are using a bus-fare card to protect themselves.

Because the people in charge of making the purchases of such things don’t understand the technology involved and just believe the crap the salesborgs spew at them, that’s why.

[Projammer]

chappachula:

So the real question is why some high-security facilities are using a bus-fare card to protect themselves.

I’m going to have to go with low bidders and ignorance.

Obviously no one involved with the process was a Doper.

[gotpasswords]

It’s not RFID cards in and of themselves that’s been hacked. The cards are no more or less secure than what they’ve been programmed with. In the case of the Mifare cards, they appear to have been programmed to use a double ROT-13 algorithm.

Once again, it’s people taking things into their own hands and trying to create their own cryptography process, rather than using something that’s been publically scrutinized for years like RSA, 3DES or AES.

chappachula:

So the real question is why some high-security facilities are using a bus-fare card to protect themselves.

Good point. The US Military’s CAC (Common Access Card) is looking to be a pretty well-designed smartcard with security better than what you’d need to ride a bus.