In this age of terrorism and cyber crime, here is one more news that could send security analysts and researchers in a tizzy.
A bunch of young researchers at Radboud University Nijmegen, Netherlands have managed to crack the ticketing system used by major suburban transportation systems around the world. The chip in question is called the “MiFare” and is manufactured by NXP Semiconductors. Generally considered very safe, the system is being used by transit solutions in cities around the world – including Delhi, where it is used in the Metro Railway. Apart from suburban rail networks, MiFare cards are also to control access to buildings.
The researchers claim that the proprietary CRYPTO1 encryption system used by these cards can be easily retrieved, especially when a common key is used for all RFID (Radio-frequency identification) readers and cards. Common keys are used on a large scale in large buildings and organizations. The hack itself is a simple affair, at least theoretically. What the hack does is to retrieve the secret key from the Mifare reader, which takes a while. Once the key is retrieved, the data is taken offline and then decrypted -once this is done, the cracked key can be used to predict other random keys as well. The retrieved cryptographic key can provide various possibilities for abuse depending on the situation. For example, if all the cards share the same key, the card of a genuine employee/personnel can be cloned just by close contact and the affected person might not be even aware that his identity has been stolen.In case different keys are used, things become a lot more safer – but it still remains vulnerable.
Earlier, two German researchers Karsten Nohl en Henryk Plötz had also reported security flaws with the technology. These two had actually managed to reconstruct CRYPT01 and had announced about the same at a hackers conference back in 2007. The Dutch team however did not replicate the encryption system – they simply exploited the weaknesses in the armour. This had happened in March 2008, and the news was immediately not revealed owing to concerns regarding security. The Dutch Government was involved and and kept in the loop. Later, the Dutch General Intelligence and Security Service confirmed that the hack was as effective as an attack. Post this, the companies involved; NXP and Trans Link Systems were briefed and technical representatives from the company are working with the researchers to analyse the impact of the security breach – and to develop countermeasures to patch the weaknesses.
The researches cited security concerns for the delay in reporting this security flaw. They also wanted to ensure basic steps are taken to counter the vulnerability before the flaws are discussed in the open.
More on this can be read here
A video by the team:
No comments:
Post a Comment