Researchers show how to crack popular smart cards

07.10.2008

When the mechanism was cracked, the scientists were able to crack keys in less than a second using a industry standard computer with only 8M bytes of memory. Given the state of technology in 1996, when the Mifare Classic was introduced, even then such a crack would take only minutes.

The Radboud University paper shows that researchers looked at another chip, the Hitag2, in order to crack the Mifare Classic. This chip was later introduced, but cracked some years ago. Since the on this hack is freely available, this helped the researchers.

Security experts had expected sourcecode to surface soon after complete details of the Mifare Classic hack were published. However, last week a Russian Web site featured . According to Professor Bart Jacobs, [cq] one of the paper's authors, the code lacked the authentication mechanism required to clone a Mifare Classic card.

But on Monday another released by German researcher Henryk Plotz does feature functioning source code. Jacobs said that this implementation could be used to build a working card.

The German group working on the Mifare Classic chip cracked its encryption by removing a Mifare chip from a card and then cutting layers off. By photographing each layer under a microscope and analyzing all the connections they discovered the workings of the chip and derived the algorithm.