Documentos de Académico
Documentos de Profesional
Documentos de Cultura
NFC Tech Talk 2012
NFC Tech Talk 2012
NFC
libnfc & nfc-tools
Course SPVC2012
Tech Talk
Sebastian Bttrich, pITLab
sebastian@itu.dk
201011
201011
Scope
Requirements: what we already know
Types of NFC cards/tags
Data structures - words, blocks, sectors
Hardware: NFC readers/writers
Reading and writing NFC tags with libnfc, nfc-tools, ACS
SDK tools
Example: sketch of a simple 'pitcoin'
201011
201011
201011
201011
MIFARE
NXP Semiconductors-owned trademark
Seven different kinds of contactless cards
201011
201011
MIFARE
MIFARE Classic
employ a proprietary protocol compliant to parts (but not
all) of ISO/IEC 14443-3 Type A , with an NXP proprietary
security protocol for authentication and ciphering.
MIFARE Ultralight
low-cost ICs that employ the same protocol as MIFARE
Classic, but without the security part and slightly different
commands
MIFARE Ultralight C
the first low-cost ICs for limited-use applications that offer
the benefits of an open Triple DES cryptography
201011
MIFARE DESFire
are smart cards that comply to ISO/IEC 14443-4 Type A
with a mask-ROM operating system from NXP.
MIFARE DESFire EV1
includes AES encryption.
MIFARE Plus
drop-in replacement for MIFARE Classic with certified
security level (AES 128 based)
MIFARE SAM AV2
secure access module that provides the secure storage of
cryptographic keys and cryptographic functions
201011
MIFARE Classic 1k
http://www.mifare.net/products/mifare-smartcard-ic-s/mifare-1k/
201011
MIFARE Classic 1k
Most popular low price card in e.g. Transportation,
Ticketing, ID, etc
Used a.o. In London Oyster, DK Rejsekort, ITU ID card
Infamous for its flawed security model:
weak cipher (3 booleans on 4 bits), non-random random
generator, keys not independent
(Nohl et al., 2008; de Koning Gans et al., 2008)
201011
201011
201011
Data structures
201011
201011
Data structure
64 blocks of 16 bytes
16 sectors of 4 blocks
2 hex digits make 1 byte
Word = 4 hex digits
Block = 8 words
Every block has a key, every sector has keys a, b and
instructions for their use
First sectors typically hold UID, vendor info
201011
BLOCK
SECTOR
OFFSET
V
00000000:0a88301cae0804006263646566676869..0.....bcdefghi<<<BLOCK
00000010:140103e103e103e103e103e103e103e1................
00000020:03e103e103e103e103e103e103e103e1................
00000030:a0a1a2a3a4a5787788c1ffffffffffff......xw........|
00000040:00000313d1010f5402656e6a75737420.......T.enjust|
00000050:6120746573740afe0000000000000000atest..........|<<<SECTOR
00000060:00000000000000000000000000000000................|
00000070:d3f7d3f7d3f77f078840ffffffffffff.........@......
Hardware: Readers/Writers
201011
201011
201011
Hardware:
mobile phones
201011
201011
201011
Software
Requirements:
summary: http://www.itu.dk/pit/?n=Main.NFCInfo
libnfc
nfc-tools
and/or
ACS SDK
http://www.libnfc.org/
http://code.google.com/p/nfc-tools/
201011
201011
201011
TD(2)=01>Y(i+1)=0000,ProtocolT=1
201011
+Historicalbytes:804F0CA00000030603000200000000
Categoryindicatorbyte:80(compactTLVdataobject)
Tag:4,len:F(initialaccessdata)
Initialaccessdata:0CA00000030603000200000000
+TCK=69(correctchecksum)
Possiblyidentifiedcard(using/usr/share/pcsc/smartcard_list.txt):
3B8F8001804F0CA0000003060300020000000069
Mifarecardwith4kEEPROM
smartcards_list, excerpt:
3B8E8001103877A78091E165D0004200008272
CzechRepublicePassport(issuedFeb2009)
3B8E800180919131C06477E30300838290001C
BelgianPassport
3B8F018025A00000005657444B3430300600B7
SafeNetIKey4000
3B8F800152464944494F74204A434F5020333676
RFIDIOtJCOP36KBlank(http://rfidiot.org)
3B8F8001804F0CA000000306030001000000006A
PhilipsMIFAREStandard(1KbytesEEPROM)
http://www.nxp.com/products/identification/mifare/classic/
RFIDISO14443TypeATransportforLondonOyster
ACOS5/1kMirfare
3B8F8001804F0CA0000003060300020000000069
Mifarecardwith4kEEPROM
201011
201011
nfc-tools: mfoc
Usage: mfoc [-h] [-k key]... [-P probnum] [-T tolerance] [O output]
h
k
P
T
O
mfocOmy_01.mfd
//makeacopy
cpmy_01.mfdmy_01_old.mfd
cpmy_01.mfdmy_01_new.mfd
//andtakealookatthem...
201011
201011
hexermy_01_new.mfd
//oryourfavoritehexeditorshowssomething
like
00000000:7a59301c0f0804006263646566676869zY0.....bcdefghi
00000010:00000000000000000000000000000000................
00000020:00000000000000000000000000000000................
00000030:000000000000ff078069ffffffffffff.........i......
00000040:00000000000000000000000000000000................
00000050:00000000000000000000000000000000................
00000060:00000000000000000000000000000000................
00000070:000000000000ff078069ffffffffffff.........i......
00000080:00000000000000000000000000000000................
00000090:00000000000000000000000000000000................
000000a0:00000000000000000000000000000000................
000000b0:000000000000ff078069ffffffffffff.........i......
201011
Excurs: mfcuk
If you do not know your keys,
they are not default
and mfoc can not retrieve them,
mfcuk MiFare Classic Universal toolKit
can be used to brute force retrieve keys without prior
knowledge.
201011
nfcmfclassicwamy_01_new.mfdmy_01_old.mfd
201011
201011
http://esec-pentest.sogeti.com/rfid/playing-nfc-fun-and-coffee
000000f0:000000000000ff078069ffffffffffff.........i......
00000100:262d3400000000000000000000000000&4.............
00000110:00000000000000000000000000000000................
201011
000000f0:000000000000ff078069ffffffffffff.........i......
00000100:262d3400000000000000000000000000&4.............
00000110:00000000000000000000000000000000................
201011
encrypt
rotate
confuse
keep history
personalize
etc etc