U.Va. student claims to have cracked smartcard encryption

U.Va. student claims to have cracked smartcard encryption
U.Va. student claims to have cracked smartcard encryption 

By Brian McNeill
March 09, 2008

A University of Virginia graduate student and two fellow hackers say 
they have cracked the encryption code used to protect millions of 
wireless "smartcards" in use across the globe.

With readily available equipment that cost under $1,000, Karsten Nohl, 
26, and his two Germany-based partners say they dismantled a tiny chip 
found inside many smartcards and mapped out its secret security 

With the cryptographic formula in hand, the hackers were then able to 
run it through a computer program that tried out every possible key. It 
broke the encryption after a few hours. If they were to try again, Nohl 
said, it would take a matter of minutes.

"I don't want to help attackers, but I want to inform people about the 
vulnerabilities of these cards," said Nohl, a doctoral candidate in 
computer engineering at U.Va. who is originally from Germany.

Wireless chips, which employ technology known as radio-frequency 
identification, or RFID, are found inside most modern credit cards, car 
keys, security keycards and subway passes. The chips send an encoded 
numeric signal to the reading device, which allows the user to wave 
their card to gain access to secure buildings, remotely unlock a car, 
pay for public transportation and much more.

The popular chip that the trio "dissected" is called the MiFare Classic 
RFID chip and is manufactured by NXP Semiconductors, a Netherlands-based 

Nohl and his colleagues found that it was fairly easy to crack the RFID 
chip's code.

The three computer whizzes announced their findings at the Chaos 
Communications Congress in Berlin, an annual worldwide convention of 
hackers. They are not releasing the details of how they beat the chip's 
security code. But, Nohl added, it is possible that criminals might also 
have done so.

Manuel Albers, director of regional marketing for North and South 
America for NXP, disputed that Nohl and his compatriots breached the 
chip's security, as they obtained only a portion of the cryptographic 
algorithm. In fact, he said, the company's chips have multiple layers of 
security and are not in danger of being totally compromised.

The company has been in contact with Nohl and his team and is reviewing 
their findings, he said.

"We constantly improve and review our products to make sure it's up to 
snuff with the latest security threats," he said.

Moreover, Albers said, NXP manufactures chips with a range of security 
levels from zero to substantial protection. The chip examined by Nohl 
was a relatively simple version with little security, he said.

In a statement, NXP added that the MiFare Classic "is not used in 
banking, payment, nor automotive security applications anywhere in the 
world. The MiFare Classic is predominately used in automatic fare 
collection applications and access control applications."

Projects such as hacking the security code of an RFID chip are the "evil 
twin" of Nohl's regular research, he said, which focuses on the 
development of cryptographic algorithms for computer security. Nohl's 
faculty advisor, David Evans, an associate professor in U.Va.'s School 
of Engineering and Applied Science, said in a statement that exposing 
security flaws through hacking helps ensure that future products are 
more secure.

Hacking, Nohl said, refers to the practice of investigating the internal 
processes of computing technology. It is often mistaken for "cracking," 
he said, which means to break into computer processes for fun, vandalism 
or profit.

Nohl said that a more secure option for RFID security codes would be to 
rely on publicly known and time-tested security algorithms. NXP's secret 
code, he said, is an example of "security by obscurity," or the practice 
of keeping the code private and hoping hackers do not figure it out. 
Private algorithms, Nohl said, are more likely to have flaws and 

"We found significant vulnerabilities in their algorithm," he said. "By 
keeping it secret, they hurt themselves in the end." Brian McNeill 
writes for The Daily Progress in Charlottesville.

Subscribe to InfoSec News 

Site design & layout copyright © 1986-2014 CodeGods