Dissertation: security analysis of contactless payment cards

Posted on Thursday, February 27th, 2014 in reversed, RFID, security, wireless by the machinegeek

Here’s an interesting academic document we found related to hardware hacking. In this published doctoral dissertation, Timo Kasper from the Ruhr-University Bochum, Germany, presents in detail his efforts in analyzing the security of Mifare smart cards. “The tools are first employed for analyzing a contactless payment application, which is based on Mifare Classic technology, with more than one million issued cards. This thesis illustrates an implementation for extracting the cryptographic keys of the cards in seconds and then, how to (wirelessly) modify the content of any card in the system. An unskilled adversary can in consequence produce virtual currency on her card (or others’ cards), without paying real money, and carry out payments with a fraudulently increased credit balance. The main flaw in this system is a fatal lack of key derivation, i.e., the same secret keys are used for all cards in the system.”

The 381-page PDF can be downloaded from Ruhr-Universität Bochum. (Page 42 reminds us of our own university days…)

This entry was posted on Thursday, February 27th, 2014 at 5:04 pm and is filed under reversed, RFID, security, wireless. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

One Response to “Dissertation: security analysis of contactless payment cards”

  1. Tom P. says:

    No caffeine, no thesis.

Leave a Reply

Notify me of followup comments via e-mail. You can also subscribe without commenting.

Recent Comments

  • Drone: So these go for around $330 USD and NO published calibration procedure online or otherwise? Given what's inside - I don't think I'll be considering...
  • Pekka Akselin: This is ridiculous!? :-) We are back at 256(!) byte EPROMs that needed multiple, a handful, of voltages to run! :-(
  • KH: Let's try a back-of-envelope calc balancing energies. From MCP1700 datasheet, there are graphs for a 200mA load step. Estimate the energy shortfall as 12uJ. Say...
  • Daniel: It's been a week and my comment is still awaiting moderation. Apparently the CIA doesn't want their involvement known?
  • KH: Agree, so okay, I guess he must have learned from somewhere. 100nF and 1000uF is so far apart, that was jarring; it's more magic incantation...