All the latest UK technology news, reviews and analysis
|
|
|
28 Jul 2008
The hacker who broke the security of London's Oyster cards plans to clone the cards to prove that it can be done.
Cryptographer Dr Nicolas Courtois estimated that a criminal could create a commercial cloning kit for as little as £200 to produce fake travel cards.
Dr Courtois, a member of the Information Security Group at University College London, was addressing the International Crime Science Conference in London about his exploits.
"I do not know if there will be a lot of cloning, but I think we will be working on a demonstrator to show that it is feasible," he told vnunet.com.
Dr Courtois and his colleagues discovered in April that they could crack MiFare Crypto 1, the cipher used in Oyster cards and a billion RFID chips worldwide.
An attempted injunction to prevent release of the details was rejected by a Dutch court on 22 July.
Dr Courtois told the conference that a criminal could clone the cards simply by standing behind a user.
"You can do it in public quite fast just from eavesdropping," he said. "It is the very nature of the wireless technology that you can clone the cards in real time."
Dr Courtois's presentation was on whether ethical hackers and researchers should publish details of vulnerabilities they discover.
"We have an interesting dilemma because we cannot survive as researchers without publishing," he said.
"Yet if we do publish the full specification of the cipher and the attack, as soon as the hackers can reproduce what we already do a massive fraud will occur. We can omit some details, but they will sooner or later be discovered by hackers."
Following his address Dr Courtois told vnunet.com: "I hope not to reveal it all, and hope someone else will. I do not want to disclose the spec but the spec is the last straw on which the security is relying."
Using a purely cryptographic approach, the MiFare Crypto 1 cipher was cracked in 12 seconds on a laptop with a 1.66GHz CPU.
"We are using public source software with a couple of tricks. We did not do anything, we just tried our software," he said.
Dr Courtois has also been involved with cracking KeeLoq and Hitag 2, ciphers used by millions of people every day to unlock car doors.
"Cryptology is a science that assesses the security level of a cipher then cracks it," he explained.
"It is the science that gives most of the pain and negative contribution to the industry. We are never able to say 'this is secure', but frequently we can say this is really, really bad."
The International Crime Science Conference was organised by the Centre for Security and Crime Science at UCL.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Field/Site Engineering Manager/Leader Brief: Polar...
Product Manager, Open Repository (ref:BMC/PMR) End...
Java/J2EE Software Developer/Programmer - Dotcom/ eCommerce...
Field/Site Engineering Manager/Leader Brief: Polar...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
re: Behind the curve
Wandering: he's being a little modest, they may have used publicly available tools but they still had to do a fair amount of difficult cryptanalysis. See http://cryptome.org/mifare-classic.pdf . Still, now most of the details of the break are public we can definitely expect cloned cards to soon appear.
Posted by: Bob 29 Jul 2008
Mifare Security Weakness Is More Due To Sloppy Application Design !
There are much negative publicity on Mifare "cloning" and it is not very fair to conclude that application using mifare is unsecured. A good system security designer can make to be quite secured. Such techniques include (1) MAC-ing of the Unique Identification Number as a first level security check to solved all cloning of mifare. (2) Key Diversification to ensure that the secret key of each card is unique. (3) Unique Per Transaction MAC to protect the value block against un-authorized tampering. Using the above design technique will prevent many of the security problems. Backend computer audit will be able to spot possible emulation of the card. This should address the security problems associated with Mifare card.
Posted by: Tan Keng Boon 29 Jul 2008
Behind the curve
So, a well behind the curve laptop running open source software available to anyone cracked the code in 12 seconds. And he imagines that hackers haven't figured this out yet, and that data is not being stolen right now. If I've learned anything about computers in 40 years, it is that if it can be done, somewhere someone is already doing it. The folks designing this silly crap need a heavy wake up call. The folks selling it and buying it probably need to be prosecuted.
Posted by: Wandering 28 Jul 2008