doegoxAug 20, 2024
quarkslab

Are "MIFARE-compatible" contactless cards not playing fair? That's what you may wonder after
@doegox spotted some odd
behavior.

Curiosity led to experiments that resulted in devising a new attack technique that uncovered some backdoors, and here we are 🙀

The RFID hacking spirit lives on!

https://blog.quarkslab.com/mifare-classic-static-encrypted-nonce-and-backdoors.html

MIFARE Classic: exposing the static encrypted nonce variant... and a few hardware backdoors

We studied the most secure static encrypted nonce variant of "MIFARE Classic compatible" cards -- meant to resist all known card-only attacks -- and developed new attacks defeating it, uncovering a hardware backdoor in the process. And that's only the beginning...

Quarkslab's blog
Aug 20, 2024 at 3:05pmWeb
Show thread廃墟猫 🐈🌈🐈‍⬛🐈🐈‍⬛🐈‍⬛Aug 22, 2024

@quarkslab

Nonce....? That's got a very different meaning in the UK.

@doegox @catsalad