German Researchers Crack Mifare RFID Encryption

jfruhlinger writes "The long-running security battle has seesawed against RFID cards, as German researchers revealed a way to clone one type of card currently used for a variety of purposes, from transit fares to opening doors in NASA facilities." According to the article, "NXP Semiconductors, which owns Mifare, put out an alert to customers warning that the security had been cracked on its MIFARE DESFire (MF3ICD40) smartcard but saying that model would be discontinued by the end of the year and encouraging customers to upgrade to the EV1 version of the card." This response may sound familiar.

Re:RFID cracked? Shocking!

[IamTheRealMike]

Or, there's an even simpler explanation: the attack in question is based on side-channel attacks that are not easy to exploit. From TFA:

It takes about seven hours to crack the security on one card and get its 112-bit encryption key, the researchers said. It only works if you've already spent months profiling the card's architecture, behavior and responses.

I think selling cards that aren't resistant to side channel attacks like this is a perfectly reasonable decision. Lots of hardware is vulnerable to this kind of ultra-intensive probing (eg, the Xbox).

Like anything in engineering, these cards boil down to a cost/benefit analysis. If you use these cards in your canteen, how likely are you to go up against a team of people who spend months doing blackbox analysis of the cards? If that isn't likely, it makes sense to save money.

I am not even sure this counts as a "crack". Unless the German team release absolutely everything, the basic analysis would have to be repeated by whoever wants to recreate the attack. If you have that much money and expertise, there are probably easier ways into a secure facility than hacking the door locks (eg, bribing/blackmailing someone on the inside).