Abstract MIFARE Classic is a contactless smart card which is widely used in several public transport systems. The researchers had presented different methods to clone a card in a practical card-only scenario. Among them, they recover the second or subsequent sector key by trying to accurately estimate the time information between two consecutive authentication attempts in a nested authentication. In this paper, we study the security of the MIFARE Classic in another practical scenario, where the adversary only communicates with a legitimate reader. The worst scenario to recover the second or subsequent sector key in a nested authentication only requires about 8 authentication attempts to the legitimate reader on average and the off-line search in about 328 s on Garcia’s ordinary computer without estimating the time information between two consecutive authentications. Following this result, it is possible for the attackers to simulate or forge a legal card to authenticate successfully with a legitimate reader. To avoid this weakness, the reader must verify some information on the legal card at the beginning and it requires to be protected in some sense.
[1]
Nicolas Courtois,et al.
The Dark Side of Security by Obscurity - and Cloning MiFare Classic Rail and Building Passes, Anywhere, Anytime
,
2009,
SECRYPT.
[2]
Flavio D. Garcia,et al.
Security Flaw in MIFARE Classic
,
2008
.
[3]
Bart Jacobs,et al.
Dismantling MIFARE Classic
,
2008,
ESORICS.
[4]
Flavio D. Garcia,et al.
Wirelessly Pickpocketing a Mifare Classic Card
,
2009,
2009 30th IEEE Symposium on Security and Privacy.
[5]
Nicolas Courtois,et al.
Algebraic Attacks on the Crypto-1 Stream Cipher in MiFare Classic and Oyster Cards
,
2008,
IACR Cryptol. ePrint Arch..
[6]
Flavio D. Garcia,et al.
A Practical Attack on the MIFARE Classic
,
2008,
CARDIS.