Jefferson's Wheel

Our paper on supporting untrusted content in aggregated web pages is now available:

• Adrienne Felt, Pieter Hooimeijer, David Evans, Westley Weimer. Talking to Strangers Without Taking Their Candy: Isolating Proxied Content. First International Workshop on Social Network Systems, Glasgow, Scotland, April 2008. (PDF, 6 pages)

Adrienne Felt will present the paper in Glasgow in April 1.

Abstract
Social networks are increasingly supporting external content integration with platforms such as OpenSocial and the Facebook API. These platforms let users embed third-party applications in their profiles and are a popular example of a mashup. Content integration is often accomplished by proxying the third-party content or importing third-party scripts. However, these methods introduce serious risks of user impersonation and data exposure. Modern browsers provide no mechanism to differentiate between trusted and untrusted embedded content. As a result, content providers are forced to trust third-party scripts or ensure user safety by means of server-side code sanitization. We demonstrate the difficulties of server-side code filtering — and the ramifications of its failure — with an example from the Facebook Platform. We then propose browser modifications that would distinguish between trusted and untrusted content and enforce their separation.

Full Paper

NXP has released two statments about Mifare security: Information for end users and Information for system integrators.

The statements appear to be nearly identical. The excerpt below is from the statement for end users:

In December 2007 a group of researchers at the 24th Chaos Computer Club in Berlin claimed that they reverse engineered a MIFARE Classic chip and partially discovered the encryption algorithm of the chip. At the same time, they stated that they were not yet able to recover any keys from the chip.

NXP has come to the conclusion that two research groups have by now retrieved the algorithm and developed attacks which can be done with faster means of breaking keys than brute force. Although we are trying to prevent this, there is a risk of the full algorithm becoming publicly known and we feel it is appropriate to inform you about the potential consequences and necessary measures to be taken to minimize the impact of such eventuality for your system infrastructure.

Although we trust that you have worked with a system integrator who has implemented in your systems effective mechanisms to detect fraudulent cards (which we understand is possible in a number of ways), we want to inform you that we are investigating scenarios how MIFARE Classic systems can be protected Mindful of the above, we ask you to contact your system integrator to assess whether your systems would need any additional security measures.

It is our assessment that for transport ticketing installations, end-to-end security systems can be designed with the MIFARE Classic chip such that the residual risk of fraud not being detected in time can be drastically reduced. Whether or not those scenarios are acceptable in your risk assessment depends on the assets to be protected which only you and your system integrator can determine.

End to end measures should also be applied for access management infrastructures, which are often complemented by additional measures e.g. camera surveillance, security personnel, etc. when valuable assets need to be protected. We recommend that your assessment of the impact of the recent and expected developments takes into account the particular way that the system is implemented and used, its relation to other protection in place, and specifically whether there is a need to prevent unauthorized single time access or access during a limited period of time.
…

RFID Journal has an article about NXP’s new Mifare Plus chip, which supports AES encryption and is backward-compatible with the Mifare Classic:
NXP Announces New, More Secure Chip for Transport, Access Cards by Mary Catherine O’Connor, 14 March 2008.

This is an interesting development, but its not clear to me exactly what “backward-compatible” means: readers need to be upgraded to interact with the new tags. According to the article,

An RFID interrogator can employ the AES encryption deployed on the Mifare Plus chip to authenticate that chip before accepting its data and triggering a function, such as opening a locked door or allowing a commuter to pass through a transit turnstile. A number of additional security features, through the support of secure random identifiers, can prevent individuals from being identified and tracked by nefarious parties with RFID readers, NXP reports.

The chip’s encryption scheme uses a 128-bit key, whereas the Mifare Classic’s security algorithm employs a 48-bit key. The larger an encryption key, the longer it will take hackers to determine the key through reverse engineering.

NXP declines to reveal pricing for the Mifare Plus chip, but a chip’s price generally increases in step with its security features, so it will most likely cost more than the Classic chip. NXP says it will continue to manufacture and sell the Mifare Classic chip. Compared with other chips in the Mifare product family, the Classic supports the fewest security features. According to Manuel Albers, NXP’s director of regional marketing in the Americas, the Plus is more secure than the Classic but less secure than the Mifare DESfire chip, which uses a very robust data protection scheme called triple-DES.

Note: the comment that, “The larger an encryption key, the longer it will take hackers to determine the key through reverse engineering.” isn’t quite technically correct. If the key is larger, the time required to do a brute force key search is longer (it scales exponentially with the key size). The time to reverse engineer the algorithm scales with the complexity of the logic. The key size gives some minimum size for this complexity, and ciphers with longer keys are likely to have more complex logic, but this is not necessarily the case.

Our paper on using data diversity in a redundant execution framework is now available:

• Anh Nguyen-Tuong, David Evans, John C. Knight, Benjamin Cox, Jack W. Davidson. Security through Redundant Data Diversity. 38^th IEEE/IFPF International Conference on Dependable Systems and Networks, Anchorage, Alaska, June 2008. (PDF, 10 pages; Abstract)

Anh Nguyen-Tuong will present the paper in Anchorage at the DSN conference in June.

This paper builds on our pervious work on N-Variant Systems. It includes the earliest systems-related technical related work in any paper I’ve been involved in, and I doubt we’ll be able to get an earlier one anytime soon. It turns out efforts Nevil Maskelyne led back in the 1700s to compute astronomical tables is closely related to the techniques we describe in this paper.

The Tech Herald has posted an interview with Karsten Nohl: Interview: Karsten Nohl – Mifare Classic researcher speaks up, by Steve Ragan, 14 March 2008.

This follows three earlier articles:

• University students in Virginia crack smartcard chips, 4 March 2008.
• U.VA. researchers crack smartcard chips – Mifare Classic security proven weak, 12 March 2008.
• Did NXP finally acknowledge security problems in their Mifare chip?, 12 March 2008.

This article in ComputerWorld has an excellent account of the Mifare cryptanalysis and its implications: RFID hack could crack open 2 billion smart cards: Analyst: One European government sent armed guards to protect facilities using the card by Sharon Gaudin, Computer World, 14 March 2008.

A student at the University of Virginia has discovered a way to break through the encryption code of RFID chips used in up to 2 billion smart cards used to open doors and board public transportation systems.

Karsten Nohl, a graduate student working with two researchers based in Germany, said the problem lies in what he calls weak encryption in the MiFare Classic, an RFID chip manufactured by NXP Semiconductors. Now that he’s broken the encryption, Nohl said he would only need a laptop, a scanner and a few minutes to get the cryptographic key to an RFID door lock and create a duplicate card to open it at will.

And that, according to Ken van Wyk, principal consultant at KRvW Associates, is a big security problem for users of the technology.

“It turns out it’s a pretty huge deal,” said van Wyk. “There are a lot of these things floating around out there. Using it for building locks is the biggy, especially when it’s used in sensitive government facilities — and I know for a fact it’s being used in sensitive government facilities.”
…

The article also includes some interesting comments from a spokesman for NXP Semiconductors.

NXP, the manufacturer of the smart cards we analyzed recently, announced an improved card that could help with the migration to higher security levels. The Tech Herald has more on this.

The Mifare Plus cards implement secure 128-bit AES as well as the proprietary Crypto-1 cipher (that we have shown to be weak), but allow for the latter to be switched off once all cards have been migrated. Since all readers and cards still have to be replaced, the new cards are not necessarily a better choice than alternative cards. And while the Plus card won’t be seen in the market for another year, other cards with strong cryptography such as DESfire are readily available.

One feature of the Plus card that might be worth the wait is its improved privacy protection. Protecting individuals from being tracked has long been a research interest of ours and we are curious to see how industry solved this challenging problem.

This article in The Register describes Karsten Nohl’s work on the Mifare cryptanalysis:
Microscope-wielding boffins crack Tube smartcard: The keys to London Underground, and plenty more. (12 March 2008)

For non-British readers, here’s how Wikipedia defines a “boffin”:

In the slang of the United Kingdom, Australia, New Zealand and South Africa, boffins are scientists, engineers, and other people who are stereotypically seen as engaged in technical or scientific research. The word conjures up an image of men in thick spectacles and white lab coats, obsessively working with complicated apparatus. Portrayals of boffins emphasize both their eccentric genius and their naive ineptitude in social interaction. They are, in that respect, closer to the “absent-minded professor” stereotype than to the classic mad scientist.

(For the record, Karsten doesn’t usually wear white coats.)

It’s nice to see our research being cited in so many places. Most of the news coverage is accurate and resonates our call for better security through open designs.

We would still like to clarify a few facts and address some points of critique: The focus of our research was on Mifare Classic RFID tags. While these are by far the most popular contactless smart cards, there are plenty of others that may or may not be secure. Using a proprietary cipher is usually evidence of bad design and only cards with standard ciphers such as 3-DES, AES, and ECC should be considered for security applications.

Our results do not apply to contactless credit cards since these do not encrypt data.

The manufacturer of the Mifare cards has repeatedly claimed that we have only broken one layer of security, which is true when looking at systems as a whole. Cryptography can only ever provide one layer of protection, two of the others being automated fraud detection and law enforcement. Computerized systems tend to rely on the cryptography, however, and are much more vulnerable to attacks once this layer of security is lost.

We believe in the potential of RFIDs to improve security in many domains. The current discussion will hopefully provide guidance in building more open, more secure systems.

PC World has an article about Karsten Nohl’s RFID cryptanalysis work: Hackers Find a Way to Crack Popular Smartcard in Minutes: Security on RFID-enabled smartcards is easily broken by young hackers. March 7, 2008.

The team used an inexpensive RFID reader to collect encrypted data, and then reverse-engineered the chip to figure out the encryption key to decipher that data. They examined the chip under an optical microscope and used micro-polishing sandpaper to remove a few microns of the surface at time, photographing each of the five layers of circuitry. Nohl wrote his own optical recognition software to refine and clarify the images, and then patiently worked through the arrangement of the logic gates to deduce the encryption algorithm, a task made possible by the fact that the Mifare Classic relies on a secret key of no more than 48 bits.

“Regardless of the cryptographic strength of the cipher, the small key space therefore permits counterfeiting of any card that is read wirelessly,” the team wrote in a follow-up statement issued on Jan. 8. “Knowing the details of the cipher would permit anyone to try all possible keys in a matter of days,” the researchers noted. “Given basic knowledge of cryptographic trade-offs and sufficient storage, the secret keys of cards can be found in a matter of minutes.”

[Added 12 March] PCWorld has a second article on this: RFID-Hack Hits 1 Billion Digital Access Cards Worldwide: A warning is issued that some security access cards that use RFID technology are vulenarble to hack attacks, 12 March, 2008.