[Facil] [Fwd: [MLUG] OT: RFID Code Cracked, So much for STM security]
Fabian Rodriguez
magicfab at member.fsf.org
Mar 4 Nov 06:35:12 EST 2008
Voilà, ça n'a pas pris de temps... qq'un a un lien franco vers cette
information ?
A+
Fabian
-------- Original Message --------
Subject: [MLUG] OT: RFID Code Cracked, So much for STM security
Date: Sun, 2 Nov 2008 17:19:28 -0500
From: Leslie Satenstein <leslie.satenstein at gmail.com>
Reply-To: Montreal Linux Users Group <mlug at listserv.mlug.ca>
To: Montreal Linux Users Group <mlug at listserv.mlug.ca>
RFID encryption has been cracked. Does anyone know how long before STM
Student or adult OPUS cards will be cloned to provide unlimited system
rides?
STM decided on OLD technology, before designers were concerned about
encryption and cloning.
Here is the article.
Computer & Internet Security News
27 October 2008
RFID hack details made public
By Brenno de Winter Webwereld Netherlands
Transport users could be shown ways to travel on underground systems for
free, thanks to an open source project that has built on the work of the
scientists who cracked the algorithm of the Mifare Classic chip used in
access control systems.
The project implements an attack on the CRYPTO1-algorithm used in the
highly popular Mifare Classic chip. The project is carries the cynical
name Crapto1 and has been totally based on the information in a paper by
scientists from the Dutch Radboud University.
The project was started by a programmer that identifies himself as Bla.
He claimed to be studying RFID and figured that implementing the
algorithm looked like fun. "And the stats in the different publications
were pretty amazing. I wanted to see it in action," he said in an
interview with Techworld's sister paperm, Webwereld <http://webwereld.nl/>.
According to his account he never planned to publish the source code,
but decided to do so when someone suggested it. His basic idea is to
spread knowledge and not cause harm. "My code is meant for educational
purposes. I'm not encouraging anybody to break any laws," he said.
The knowledge in itself isn't new and researchers have demonstrated how
to enter buildings by cloning cards, without releasing any further
details or software.
However, the code is the long-anticipated missing link between reading
the Mifare Classic chips and actually using them to the full extent.
Combined with readily available hardware, users have all the tools to
execute a successful attack. There are RFID readers available online for
less than US$150, such as the Proxmark III or the OpenPCD, for which the
accompanying software is available as open source.
With the software in hand anyone with some technical skills can retrieve
the secret key of a system and thus use it to gain access to buildings.
For the public transportation systems the attack paves the way for
executing a denial-of-service attack by damaging cards or obtaining free
travel by altering or cloning data.
The latter was the fear of Massachusetts Bay Transportation Authority
(MBTA) when they sued three students from Massachusetts Institute of
Technology (MIT) in order to prevent them from sharing technical details
of the flawed CharlieCard. In court documents the company said it was
concerned by claims that people could ride for free. Earlier, Dutch
company Trans Link Systems, responsible for introducing a Mifare Classic
transportation card in the Netherlands, had added fraud detection in the
back office to combat anticipated fraudulent use of the system.
While fraud mitigation may work on these type of systems, they will also
harm innocent travellers, making for a successful denial-of-service
attack. Using the software, miscreants could also overwrite existing
cards with bogus information, thus disrupting regular travel.
Plus d'informations sur la liste de diffusion forum