|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
Cloning MiFare Classic rail and building passes, anywhere, anytime
If you have a question about this talk, please contact Joseph Bonneau.
MiFare Classic is the most popular contactless smart card with some 200 millions copies in circulation world- wide. At Esorics 2008 Dutch researchers showed that the underlying cipher Crypto-1 can be cracked in as little as 0.1 seconds if the attacker can eavesdrop the RF communications with the (genuine) reader. We discovered that a MiFare classic card can be cloned in a much more practical card-only scenario, where the attacker only needs to be in the proximity of the card for a number of minutes, therefore making usurpation of identity through pass cloning feasible at any moment and under any circumstances. For example, anybody sitting next to the victim on a train or on a plane is now be able to clone his/her pass. Other researchers have also (independently from us) discovered this vulnerability (Garcia et al., 2009) however our attack is different and does not require any precomputation. In addition, we discovered that a yet unknown proportion of MiFare Classic cards are even weaker, and we have in our possession a MiFare Classic card from a large Eastern-European city that can be cloned in seconds.
This talk is part of the Computer Laboratory Security Seminar series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsTCM Journal Club BMCS Postgraduate Symposium for Biological and Medicinal Chemists Cambridge Italian Research Network
Other talksContemplative neuroscience and the limits of talking about experience Myelination - the developmental pattern in the mouse neocortex and its role in learning Using Bayesian Networks to Analyze What Experts Need to Know (and When they Know Too Much) “How can I be a Management Consultant when I have no Experience?” Learning to know: the educations of Richard Hakluyt and Thomas Harriot Motility and Invasion of apicomplexan parasites: What do we know?