At the 24th Chaos Communication Congress, which took place recently, two gentlemen by the names of Karsten Nohl and Henryk Plötz demonstrated something that would send a shockwave through the mediascape: the widely used MIFARE RFID technology contains serious security flaws. The slides used and a video of the presentation, titled “Little Security, Despite Obscurity”, are available online (or on Google Video).
Since this technology claims to be both cheap and secure, it has been used in many applications, including the public transportation systems of London (UK), Perth (AUS) and, as planned from January 2009, The Netherlands. For many media, this was reason to make mountains out of molehills. Time to set things straight.
Unwinding MIFARE’s CRYPTO1
Let’s start by looking at what exactly Karsten Nohl and Henryk Plötz did and what they found. This is a little technical, but if you dig this, be sure to check the video. In their presentation, they explain how they took a MIFARE Classic chip apart under a microscope and looked at it. This type of RFID chip is advertised as being encrypted, while still small and cheap. How exactly this encryption, dubbed CRYPTO1, works is being kept secret by NXP, a company formerly part of Philips. This made Karsten and Henryk curious about its inner workings.
By looking at microscopic images of the chip’s innards, they were able to deduct a number of things from the gate layouts. I won’t go into too much detail here, you should definitely check the video, but among others, they discovered two fatal weaknesses in the CRYPTO1 implementation: the core of the encryption cypher used is a 48 bits Linear Feedback Shift Register, which is weak by any standard, and even worse: the component used to generate random numbers is only 16 bits, which means it can generate only 65536 unique numbers before it repeats itself (which is guaranteed to happen in less than 0,7 seconds!). To make matters worse, the random number generators in both the tag and the reader use only the time since they were powered on as a basis for their output. This means that they generate the same number every time you query them, as long as the timing is right. In other words: they stop being random and start being useless.
With this information, the authentication between the reader and the tag can be compromised. But there is more. Karsten and Henryk also discovered a weakness in the calculation of the initial cypher state, which allows spoofing of any card using a different card, without the reader noticing (unless it is explicitly looking for it). And still, this requires no knowledge about the cryptographic algorithm used.
When the cryptographic algorithm does get known, it opens up a lot more possibilities. Instead of having only one slow tag to work with, the circuit can then be programmed on multiple faster chips, like FPGA’s, and because the random number generator can be controlled, brute forcing can be scaled up to whatever a cracker’s budget allows. This is exactly what Karsten and Henryk claim is possible. To give people who are relying on the security of this technology some time, however, they have not yet published this, but will do so soon.
So, MIFARE classic’s CRYPTO1 has been broken, or at least severely crippled. What does this mean? Essentially, it only affects the secure communication between the reader and the chip, thus reducing any “secure” MIFARE classic tag using this CRYPTO1 system to a regular unsecured tag, which can be read, copied and, if you make a writable copy, written. Contrary to some sources on the internet, this does not apply to, for instance, the MIFARE MIFARE DESFire, which uses DES for its cryptography. Only the MIFARE Standard 1k and 4k are affected. Let’s see what this means for the Dutch OV-chipkaart.
We’ll almost inevitably be travelling for free. If not by spoofing someone else’s OV-chipkaart (this might be detected), then by simply obtaining the cypher key of an anonymous rechargeable card and load it with credit without actually paying for it. Since there is not a lot known about the implementation of the OV-chipkaart (again, only a a matter of time), it is hard to say what can be read from or written to the card, but we need to assume that anything on the card can be read by anyone who can spend enough time with it. The manufacturer claims that no personal information is stored on the card, so there shouldn’t be a lot to gain anyway. As long as no transaction or travelling logs are stored on the card, losing an OV-chipkaart should not be anything worse than losing a regular ticket or subscription card.
Personally, I still have some hope for the OV-chipkaart. Either the MIFARE 4k needs to be traded for a slightly more expensive alternative, like the DESFire, or the whole concept of keeping the credit (or for that sake: any information) should be discarded, reducing the card to nothing more than a number that only has meaning to the back-end system. To prevent spoofing of the cards (and thus stealing credit from others or travelling on someone else’s subscription), the reading hardware should explicitly check the card’s identifiers and these should be unique for every customer.
Let’s hope TransLink, the company responsible for the OV-chipkaart takes a lesson from this, because if Karsten and Henryk have proven one thing it’s this: there is still no security through obscurity. There is always someone crazy or determined enough to completely slice up your product and dig around long enough to uncover your dirty little secrets. Sure, in the case of the OV-chipkaart it’s tax money, but please let some experts look at it while there is still something to save :)