Cryptography Reference
In-Depth Information
cycles, i.e., one DES round per clock cycle, whereas the AES engine runs con-
currently to the CPU and requires 375 clock cycles until an en- or decryption of
one block is finished. The microcontroller is clocked by an external 13.56 MHz
crystal, which is internally doubled using a high frequency Phase Locked Loop
(PLL).
The coupling to the reader is established by a rectangular coil on the Printed
Circuit Board (PCB). Variable capacitors are placed in parallel to form a parallel
resonant circuit that is tuned to the carrier frequency. Analog circuitry assists
the microcontroller in extracting the encoded data from the EM field and trans-
mitting bitstreams. The design is similar to [14] and mainly shapes the signals
according to the ISO 14443 standard and converts them to the appropriate volt-
age levels. Our emulation device can either be powered via the USB interface or
run on battery. As all functionality is directly provided by the microcontroller,
the Chameleon operates autonomously without the support of a PC. The full
schematics of the developed hardware are given in the Appendix B.
3 Mifare Cards
This section covers the details of Mifare Classic, DESFire and DESFire EV1
cards. We present important facts required for the emulation of the cards and
detail on the different authentication protocols, as implemented in Sect. 4.1 and
Sect. 4.2. For reference, the complete protocols including the command codes
and the low-level format are provided in Appendix A.
3.1 Mifare Classic
Since its introduction more than a decade ago, allegedly over 1 billion Mifare
Classic ICs and 7 million reader components have been sold [18]. The cards pro-
vide data encryption and entity authentication based on the proprietary stream
cipher Crypto1 for preventing from attacks like eavesdropping, cloning, replay
and unauthorized reading or modification of the data stored on the card. Crypto1
is based on a Linear Feedback Shift Register (LFSR) with a length of 48 bit.
Basically, a Mifare Classic card can be regarded as a secured EEPROM mem-
ory with an RFID communication interface. In this work, we focus on the by far
most widely employed Mifare Classic 1K version with 1024 byte EEPROM. All
Mifare Classic variants comply to Parts 1-3 of ISO 14443A [13]. While the stan-
dard also allows for higher data rates, the cards communicate at a fixed data
rate of 106 kBit/s. In addition, they feature a proprietary high-level protocol
that diverges from Part 4 of ISO 14443A.
The memory of a Mifare Classic card is divided into sectors, whereas each
sector consists of four blocks, as illustrated in Fig. 2. Each sector can be secured
by means of two cryptographic keys A and B that are stored along with a set of
access conditions in the last block of each sector. Before a sector can be accessed,
a proprietary mutual authentication protocol with the appropriate secret key has
to be carried out, cf. Protocol 1. The access conditions determine the commands
Search WWH ::
Custom Search