Posts Tagged ‘crypto1’

Some RFID Cards Cracked

March 11, 2008

I don’t understand why people develop proprietary encryption. Seems like a lot of effort for no gain. AES is rock solid and there are a number of secure hashing standards… and they’re free to use.

Here’s the reason this issue has come up. NXP Semiconductors, an RFID access card manufacturer, have sold over a billion of their ‘Mifare Classic’ RFID cards. Recently, some University of Virginia researchers physically opened one of these cards and, using a microscope to analyse the physical logic gates, worked out the proprietary algorithm. It’s called ‘Crypto1’.

Turns out Crypto1 is a dud. It produces cryptographically weak output allowing an attacker to guess the key in a matter of minutes. Because its RFID, an attacker doesn’t even need physical access to the card. Seeing as these cards are potentially used as access tokens for buildings around the world, this could potentially be a threat to your company’s security. We may never know how big this issue becomes, seeing as it would be unwise to publicly announce that you use a broken security technology.

The point here is that companies shouldn’t use proprietary security. They should use opens standards like AES, which has been pounded on, without fault, for years. Security through obscurity is a poor practice.

To the credit of NXP, they have now released the ‘Mifare Plus‘, which is backwards-compatible with the ‘Classic’ system, and supports AES. It ain’t a free upgrade though.