Cryptography Reference
In-Depth Information
Chameleon: A Versatile Emulator for
Contactless Smartcards
Timo Kasper, Ingo von Maurich, David Oswald, and Christof Paar
Horst Görtz Institute for IT Security, Ruhr-University Bochum, Germany
{timo.kasper,ingo.vonmaurich,david.oswald,christof.paar}@rub.de
Abstract. We develop a new, custom-built hardware for emulating con-
tactless smartcards compliant to ISO 14443. The device is based on a
modern low-cost microcontroller and can support basically all relevant
(cryptographic) protocols used by contactless smartcards today, e.g.,
those based on AES or Triple-DES. As a proof of concept, we present a
full emulation of Mifare Classic cards on the basis of our highly optimized
implementation of the stream cipher Crypto1. The implementation en-
ables the creation of exact clones of such cards, including the UID. We
furthermore reverse-engineered the protocol of DESFire EV1 and realize
the first emulation of DESFire and DESFire EV1 cards in the literature.
We practically demonstrate the capabilities of our emulator by spoof-
ing several real-world systems, e.g., creating a contactless payment card
which allows an attacker to set the stored credit balance as desired and
hence make an infinite amount of payments.
Keywords: RFID, contactless smartcards, payment systems, access
control, ecient implementation.
1
Introduction
Radio Frequency Identification (RFID) devices are deployed in a wide range of
transportation and access control systems world-wide. If high privacy or secu-
rity demands have to be met, typically contactless smartcards according to the
ISO 14443 standard [13] are employed, as they offer sucient computational
power for cryptographic purposes. Moreover, a growing number of payment sys-
tems incorporates secure RFID cards [16], as they offer additional benefits in
terms of flexibility and convenience over their contact-based counterpart. State-
of-the-art contactless cards, such as the electronic passport ePass [8], provide a
high level of security by means of various cryptographic primitives.
In general, RFID technology implies new threats compared to contact-based
systems, for instance, a card residing in a pocket or wallet could be read out or
modified without the owner taking note of it. Due to the cost sensitivity of such
The work described in this paper has been supported in part by the European
Commission
through
the
ICT
programme
under
contract
ICT-2007-216676
ECRYPT II.
 
Search WWH ::




Custom Search