Professional safecrackers use a stethoscope to find the correct combination by listening to the clicks of the lock. Researchers at the Ruhr-University Bochum have now demonstrated how to bypass the security mechanisms of a widely used contactless smartcard in a similar way. Employing so-called “Side-Channel Analysis” the researchers of the Chair for Embedded Security (Prof. Dr.-Ing. Christof Paar) can break the cryptography of millions of cards that are used all around the world.
Measuring the electro-magnetic field
RFID smartcards (Radio Frequency Identification) of the type DESFire MF3ICD40 are widely employed in payment and access control systems. The security of these cards is based on Triple-DES, a cipher that is unbreakable from a purely mathematic point of view. DESFire cards are for instance used by the public transport agencies in Melbourne, San Francisco and Prague. The DESFire MF3ICD40 is manufactured by NXP, the former semiconductor division of Philips Electronics.
Fluctuations of the magnetic field
A person is identified as a passenger, employee or customer when his RFID smartcard is placed in the proximity of a reader. To guarantee the necessary level of security, a secret key is stored on the integrated chip inside the card. But just like for the safe, the security mechanism produces the electronic equivalent of the clicks of a mechanic lock. “We measured the power consumption of the chip during the encryption and decryption with a small probe”, says David Oswald. The fluctuations of the electro-magnetic field allow the researchers to conclude to the full 112-bit secret key of the smartcard.
Low cost, big damage
Having extracted the keys, an attacker can create an unlimited number of undetectable clones of a given card. The required time and effort are quite low: “For our measurements, we needed a DESFire MF3ICD40 card, an RFID reader, the probe and an oscilloscope to measure the power consumption”, says Oswald. This equipment only costs a few thousand euros. Having obtained knowledge on the characteristic properties of the smartcard, the attack takes three to seven hours. The manufacturer NXP confirmed the security hole in the meanwhile and recommends his customers to upgrade to a newer version of the card.
Already back in 2008, researchers around Prof. Dr.-Ing. Christof Paar used Side-Channel Analysis to break supposedly secure systems. Three years ago, garage and car doors “mysteriously” opened for the researchers of the Chair for Embedded Security. The employed KeeLoq RFID system – which customers and manufacturers trusted blindly before – turned out to be highly susceptible to Side-Channel Analysis.
Prof. Dr.-Ing. Christof Paar, Chair for Embedded Security, Building ID 2/607, Tel. +49 234 32 22994, firstname.lastname@example.org
Dr. Josef König | idw
Smarter robot vacuum cleaners for automated office cleaning
15.08.2017 | Fraunhofer-Institut für Arbeitswirtschaft und Organisation IAO
Researchers 3-D print first truly microfluidic 'lab on a chipl devices
15.08.2017 | Brigham Young University
Whether you call it effervescent, fizzy, or sparkling, carbonated water is making a comeback as a beverage. Aside from quenching thirst, researchers at the University of Illinois at Urbana-Champaign have discovered a new use for these "bubbly" concoctions that will have major impact on the manufacturer of the world's thinnest, flattest, and one most useful materials -- graphene.
As graphene's popularity grows as an advanced "wonder" material, the speed and quality at which it can be manufactured will be paramount. With that in mind,...
Physicists at the University of Bonn have managed to create optical hollows and more complex patterns into which the light of a Bose-Einstein condensate flows. The creation of such highly low-loss structures for light is a prerequisite for complex light circuits, such as for quantum information processing for a new generation of computers. The researchers are now presenting their results in the journal Nature Photonics.
Light particles (photons) occur as tiny, indivisible portions. Many thousands of these light portions can be merged to form a single super-photon if they are...
For the first time, scientists have shown that circular RNA is linked to brain function. When a RNA molecule called Cdr1as was deleted from the genome of mice, the animals had problems filtering out unnecessary information – like patients suffering from neuropsychiatric disorders.
While hundreds of circular RNAs (circRNAs) are abundant in mammalian brains, one big question has remained unanswered: What are they actually good for? In the...
An experimental small satellite has successfully collected and delivered data on a key measurement for predicting changes in Earth's climate.
The Radiometer Assessment using Vertically Aligned Nanotubes (RAVAN) CubeSat was launched into low-Earth orbit on Nov. 11, 2016, in order to test new...
A study led by scientists of the Max Planck Institute for the Structure and Dynamics of Matter (MPSD) at the Center for Free-Electron Laser Science in Hamburg presents evidence of the coexistence of superconductivity and “charge-density-waves” in compounds of the poorly-studied family of bismuthates. This observation opens up new perspectives for a deeper understanding of the phenomenon of high-temperature superconductivity, a topic which is at the core of condensed matter research since more than 30 years. The paper by Nicoletti et al has been published in the PNAS.
Since the beginning of the 20th century, superconductivity had been observed in some metals at temperatures only a few degrees above the absolute zero (minus...
16.08.2017 | Event News
04.08.2017 | Event News
26.07.2017 | Event News
17.08.2017 | Physics and Astronomy
17.08.2017 | Earth Sciences
17.08.2017 | Physics and Astronomy