Mifare Cipher Exposed

24 January 2008

Karsten Nohl, in collaboration with Starbug and Henryk Plötz, has reverse-engineered the encryption algorithm used in Mifare Classic RFID tags, and identified several serious weaknesses in the ciper design and the way it generated random numbers. Mifare tags are used in several large public transportation systems including London Transport’s Oyster cards, and the Dutch government was planning to used them for the nationwide OV-Chipkaart system, but is reconsidering this in light of the revealed security weaknesses. The work involved reverse engineering the cipher from images of its hardware implementation.

The results were announced at the Chaos Communication Congress (December 28). Here’s Karsten’s talk (including a link to a video): Mifare: Little Security, Despite Obscurity.

Some posts about this work include:

Karsten will also be giving a talk about this work at the RFID Security Workshop at Johns Hopkins University, January 23-24.