Arclight
unread,Oct 4, 2011, 3:32:58 AM10/4/11Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Open Access Control
Since y'all mentioned it, I hooked up my Wiegand Mifare reader, and
confirmed that:
1. My bank card has a Mifare tag on-board
2. A Marriott hotel key I picked up last year also has one.
After looking over the standards documents and reading up on it, I'm
somewhat of the conclusion that:
1. All of the cheap Mifare crypto modules have serious flaws
2. The better ones are expensive and hard to get for "mere mortals."
3. The on-board crypto requires loading a secret key in each reader
and programming the cards
If we think about what we're trying to solve with smart-card
technology, it's mostly that we don't want our keys cloned and used
without our knowledge. Since the keys can be re-written up to 100K
times according to the literature, why not do this:
1. Read the key data, check it against the tag database. If the key is
valid,
2. Generate a new value for that key and rewrite the card
3. Open the door
From what I can tell, rewriting the card should take 100ms or less. If
we make the user hold the card at the door until the transaction is
complete, it should work OK. While this system does not prevent the
card from being read and cloned, it does deny the benefit of
undetected and long-term access to the attacker.
I haven't figured out what it takes to overwrite a fresh card, but
I'll try to get my USB Mifare reader working when I get a chance.
Arclight