|
@@ -0,0 +1,68 @@
|
|
|
+---
|
|
|
+title: Mifare RFID Card Security
|
|
|
+categories: [cheatsheets]
|
|
|
+tags: [security, rfid, mifare]
|
|
|
+---
|
|
|
+
|
|
|
+# Mifare RFID Card Security
|
|
|
+
|
|
|
+* Uses standard ISO 14443-A protocol
|
|
|
+* 13.56 MHz (High Frequency)
|
|
|
+* Uses custom crypto called CRYPTO1
|
|
|
+
|
|
|
+
|
|
|
+## Security Features
|
|
|
+
|
|
|
+* UID (Unique Identifier) is read-only
|
|
|
+* Authentication (Tag <-> Reader) to share a session key
|
|
|
+* Uses proprietary crypto algorithm (CRYPTO1)
|
|
|
+
|
|
|
+
|
|
|
+## Layout
|
|
|
+
|
|
|
+```
|
|
|
+0xff [ Key A, Access Cond.m U, Key B ] <- Sector Trailer
|
|
|
+ .
|
|
|
+0x06 [ Data Block ]
|
|
|
+ .
|
|
|
+0x03 [ Key A, Access Cond.m U, Key B ] <- Sector Trailer
|
|
|
+0x06 [ Data Block ]
|
|
|
+0x05 [ Data Block ]
|
|
|
+0x04 [ Data Block ]
|
|
|
+0x03 [ Key A, Access Cond.m U, Key B ] <- Sector Trailer
|
|
|
+0x02 [ Data Block ]
|
|
|
+0x01 [ Data Block ]
|
|
|
+0x00 [ UID,BCC, Manufacturer Data ]
|
|
|
+```
|
|
|
+
|
|
|
+- Each sector contains 64 bytes
|
|
|
+- Each block contrains 16 bytes
|
|
|
+- The Sector Trailer looks like this in detail:
|
|
|
+
|
|
|
+```
|
|
|
+ |- undefined byte
|
|
|
+[ Key A (6 Bytes) ][ AC (3 Bytes) ] [ U (1B) ][ Key B (6 Bytes) ]
|
|
|
+ ^ ^ ^
|
|
|
+ |___ not readable | Could be readable ---|
|
|
|
+ |
|
|
|
+ \-> Defines Access Conditions for every data block
|
|
|
+```
|
|
|
+
|
|
|
+
|
|
|
+## Attacks on MIFARE Cards
|
|
|
+
|
|
|
+### Nested Attack
|
|
|
+
|
|
|
+1) Authenticate to the block with the default key
|
|
|
+1.1) Read Tags NT
|
|
|
+2) Authenticate to the same block using the default key
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+### Darkside Attack
|
|
|
+
|
|
|
+
|
|
|
+# References
|
|
|
+
|
|
|
+- [Blackhat - Hacking MIFARE Classic Cards](https://www.blackhat.com/docs/sp-14/materials/arsenal/sp-14-Almeida-Hacking-MIFARE-Classic-Cards-Slides.pdf)
|
|
|
+
|