MIFARE Classic上的實務攻擊與防禦

Abstract

MIFARE Classic是近年來最廣泛被使用的非接觸式智慧卡，應用在門禁、大眾運輸工具、電子錢包等系統上。MIFARE Classic上密碼保護機制與結構已被發表在許多的論文上。在本論文中我們提出各式各樣在MIFARE Classic攻擊實作的經驗。我們實作兩類的攻擊:一是假造讀卡機、二是側錄合法的交易。第一類的攻擊在兩天內利用NVIDIA高速運算顯示卡上實作密鑰的窮舉搜尋法與隨機數和連認證的漏洞離線的破解卡片上所有的金鑰。第二類是針對MIFARE Classic加解密器: CRYPTO-1上攻擊方法的改進。經過我們的改進，攻擊者不僅可以破解自己的卡同時也能破解別人的卡。我們所實作的攻擊徹底讓MIFARE Classic的密碼保護失去效用，讓未經授權的攻擊者能任意更改卡片上資料，如同沒有任何保護的記憶卡。更進一步，我們提出有關防止目前已知的攻擊的建議，而此防禦機制加強對卡片資料的防護並加強後端清算機制的效率。

MIFARE Classic is a proprietary contactless smart card technology widely used in public transportation ticketing systems of cities across the world. MIFARE Classic’s cryptographic protection to the stored data has been reverse-engineered and broken in a recent series of papers. In this thesis, we report our experiment experiences attacking a real MIFARE Classic system. Specifically, we implement a brute-force search using NVIDIA graphics cards to verify the claims in the literature. We also implement and improve more advanced attacks that take advantage of other design and implementation flaws of CRYPTO-1, MIFARE Classic’s proprietary cipher. These attacks disarm all cryptographic protection of MIFARE Classic and in effect render it a contactless memory card technology. Last but not least, we present our ideas how to defend against most attacks using practical mechanisms that do not require any hardware changes. Our proposed mechanisms can be easily implemented on a variety of MIFARE Classic readers on the market and only require commodity PCs be used in the backend system with intermittent network connectivity.