Hyin Technology Co.,Ltd

Tech-Exploit

Feedback

Expecting your recommendation for us to supply you better service

Update

Researchers hack popular smartcard used for access control

2011/11/1

 

     Researchers at a German university have successfully hacked a popular RFID smartcard used in many applications, including access control.

     The research team from the Horst Gortz Institute for IT Security at Germany''s Ruhr-University Bochum published a paper earlier this month that describes how they hacked the MIFARE DESFire MF3ICD40 model of RFID smartcards. The cards, manufactured by NXP Semiconductors, are used in numerous applications, including public transit fare cards and access control, including potentially by NASA, according to The Register, a UK-based IT news website. It''s unclear how many MF3ICD40 models of smartcards are in use, though NXP''s website states it has sold 3.5 billion smartcards.


     In simple terms, the hack utilizes a form of attack that is able to determine a smartcard''s secret key by either measuring its power consumption directly, or the electromagnetic radiation coming off the device, according to a notice from NXP.


     "Our methods can be put into practice at a low cost with standard equipment, thus posing a severe threat to many real-world applications that employ the DESFire MF3ICD40 smartcard," the German researchers wrote in their paper. "System integrators should be aware of the new security risks that arise from the presented attacks and can no longer rely on the mathematical security of the used 3DES cipher."


     NXP Semiconductors sent a notice to users on Sept. 28, 2011, informing them that its MF3ICD40 model''s security had been compromised. An end user''s susceptibility to attack will be based on the particular infrastructure of each system, NXP said. It recommended using diversified keys, in which case "a stolen or lost card can be disabled simply by the operator detecting the fraud and blacklisting the card."


     The German researchers said, "in order to avoid … manipulation or cloning of smartcards used in payment or access control solutions, proper actions have to be taken: On the one hand, multi-level countermeasures in the backend allow to [sic] minimize the threat even if the underlying RFID platform is insecure."


     NXP said the MF3ICD40 model will be discontinued at the end of 2011 and encouraged users to upgrade to the EV1 version of DESFire, which was introduced in 2008 as the successor of MF3ICD40, because it isn''t susceptible to the attack.

 

                                                                                                                  Extract From Security Director News