Dutch scientists and researchers from Radboud University in the Netherlands have made public and published the details and methods of how to crack and hack into MIFARE Classic RFID chip card. MIFARE Classic RFID card is one of the most popular credit card sized contactless smartcard commonly used as access ID or stored value card for electronic ticketing, such as in Olyster Card used in public transport services that including London Underground, buses, the Docklands Light Railway (DLR), London Overground, trams and some National Rail services within the Greater London area of the United Kingdom (UK), OV-chipkaart in Netherlands, Touch ‘n Go in Malaysia and Octopus Card in Hong Kong.
Previously, the academics had demonstrated the weaknesses and ability to copy, clone and manipulate the card in the MIFARE Classic smart card system in the video shown below, and in a security paper named “A Practical Attack on the MIFARE Classic” (now renamed the CARDIS paper). However, the release of detailed information on the crack or hack on the vulnerability of MIFARE had been delayed by legal action through a preliminary court injunction from NXP Semiconductors, the card’s manufacturer. However, the judge has ruled that publishing scientific article which called “Dismantling MIFARE Classic” (now called ESORICS paper) is allowed under the principle of freedom of expression, it’s importance that the results of scientific research be published so that manufacturer addresses the issue and the criminal cannot profit from the vulnerability.
The main paper, Dismantling MIFARE Classic, had leaked to Internet for a while, but it’s officially published onine during ESORICS 2008 (13th European Symposium on Research in Computer Security). For non-technical people who can’t understand the complex scientific jargon, Proof of concept, cloning the OV-Chip card paper that describes the practical execution of a cloning attack of the Mifare Ultralight in a non-technical manner is also available. More details can be found and download at Digital Security group homepage.
However, bad news for hackers, crackers or transit users who want to save few bucks, the Dutch researchers also publish manuscript “Making the Best of Mifare Classic” which contains countermeasures which can help to prevent state restoration attacks and to detect attempted cloning of cards. And, NXP claims that there is techniques and countermeasures to detect hacked, cracked or modified cards and data which have been tampered with.
Share This Post
- Able2Extract Professional 11 Review – A Powerful PDF Tool
- How to Install Windows 10 & Windows 8.1 with Local Account (Bypass Microsoft Account Sign In)
- How to Upgrade CentOS/Red Hat/Fedora Linux Kernel (cPanel WHM)
- How to Install Popcorn Time Movies & TV Shows Streaming App on iOS (iPhone & iPad) With No Jailbreak
- Stream & Watch Free Torrent Movies & TV Series on iOS with Movie Box (No Jailbreak)
- Windows 10 20H1 Insider Preview Build 18898 Released to the Fast Ring with Task Manager Improvements
- Dashlane Premium Free 1-Year Access With No Cost
- Media Creation Tool for Windows 10 Build 18362 (19H1)
- Windows 10 Insider Preview Build 18885 (20H1) Released to Windows Insiders in Fast Ring – Here What’s New, Fixes, Changes, Improvements
- Google Chrome 74 Released – Here the Changes and Download Links