Oh, to be young again.
Tapping the vending machine with your card sends the ID in plaintext over the wire to the upstream server, which responds in plaintext for the machine to either accept or reject the transaction.
Tomfoolery may or may not have been performed by a bunch of bored, hungry college students at 1AM one night...
They're stopping it for completely unrelated reasons (primarily convenience – people don't like having to buy and top up a card – and not having to maintain a vending machine and top-up infrastructure).
backdoor implies somebody can "get in" to my rfid, but rfid's spend most of their time "off the grid". So when my rfid powers up, does the "host" who powered it up also need to be insecure or on an insecure/compromised net?
then... what capabilities would suddenly become possible; unlocking the door is already unlocked, my credit card is already all ready to spend...
or does it simply allow people passing me on the sidewalk to make a copy of my card?
MIFARE (not just the Classic family) have a UID (32 bits) and x blocks of encrypted data (12 for Classic). Each block is protected by a A key and a B key.
The earliest card system only uses UID for authentication ie. if the card says the right UID the card passes authentication.
Obviously, anyone can forge a card with said UID, so the latter system start to use the 12 encrypted fields for authentication. The card reader would challenge the card to encrypt the nonce plus stored identification. Only cards with the correct key can respond with the correct encrypted data + nonce.
The authentication uses symmetric encryption. Depending on how the system is setup, A key is used for Read only, Read Write, or A is used for read and B is used for write, or both A/B is need for read write.
The original Mifare Classic uses a proprietary crypto crypto-1. Due to various reasons (eg. weak PRNG, collisions, etc.) , it can be trivial to crack a traditional Mifare Classic key. However there are harden keys that still could not be cracked due to various countermeasures.
The paper seems to found a hardcoded A/B key A396EFA4E24F for a particular brand of RFID cards (I just skimped the paper and its been years since I worked on RFID. I might be wrong on the detail).
Actually, if I understood the paper well, the same key worked also on older, non-Chinese cards like those produced by NXP. Why, that's a big question.
Sadly, neither my gym or work access card were cloneable even though they are MIFARE Classic. So I did not end up getting an implant.
That’s the threat vector.
Depending on the specifics of a deployment, I'm guessing you could also use the card secrets to mint new cards that authenticate correctly to facility readers, but contain different information? But I don't know nearly enough about how these cards get used to know how much flexibility you get there.
E.g. if "John" badges in... and then 10 minutes later "John" badges in again...
Will most systems complain?
We have customers who use smartcards and we often need to read or write to them, during on-boarding they often have no clue what version or spec they are using and it often results in trial-and-error after they send us a few cards with little-to-no markings on them.
Yes, it also means doing basic things like saying "security is important", "vulnerabilities are bad", and "supply chain risk should be addressed", etc. The more informed you are, the more of a pain this is, at least in my experience (disclaimer: I'm not a CISO).
2) Present a huge dollar number to make it sound important;
3) Get promoted as everyone high-up implicitly understands that reputational damage is a fiction that never materializes in practice.
Not that I'd recommend it, but in most companies, physical security doesn't have a limitless budget just like everything else.
MIFARE Classic: exposing the static encrypted nonce variant
Cryptology ePrint Archive, Paper 2024/1275
author: Philippe Teuwen
Or maybe there’s door access control systems out there that use FIDO2 :D
PKCS based cards get all the benefits of smart cards (hard in theory to extract keys, side channel resistance, etc), with the usual risks (trust in vendors and issuers to not add backdoor APDUs to applets etc.)
Doubt anyone would want to use FIDO2 for a door access control system, but in theory there's nothing really to stop you, if you come up with a clever URI schema for your doors and know what public key to expect for each identity on each URI. That's where FIDO2 wouldn't be ideal, as you'd get a different identity on each URI, so it would only really work with a single URI (zone?) for the whole site, and implementing zone access checks at each individual verifier.
Realistically, doing a PIV style PKI verification would give you all the benefits of FIDO2, but also with the ability to handle card revocation etc via a CRL that's distributed through the system.
I was expecting to have to write some code for it!
I do have a flipper and a classic key, will test it out soon!
> Through empirical research, we discovered a hardware backdoor and successfully cracked its key. This backdoor enables any entity with knowledge of it to compromise all user-defined keys on these cards without prior knowledge, simply by accessing the card for a few minutes. Additionally, our investigation into older cards uncovered another hardware backdoor key that was common to several manufacturers.
I’ve developed Unified Air, a new technology that allows factory workers to authenticate to production machines using the biometric sensors on their mobile devices—eliminating the need for insecure RFID cards altogether. Not only does this method enhance security by leveraging unique biometric data, but it also streamlines the authentication process, making it both faster and more reliable for operators.
If you’re interested in a more secure and user-friendly alternative to RFID, you can check out more details about Unified Air here: https://support.industry.siemens.com/cs/document/109827772/d...
How does adding a mobile phone with a significantly larger code and hardware base improve security?
> eliminating the need for insecure RFID cards altogether.
Why not use a secure card system instead?
I can see the convenience factor, and that might well make for a more effective system all in all, but in terms of security, I don't see this as a step forward.
