03.26.08
Security Wake Up Call
In last week’s show we examined the work of Maurie McInnis and her perspective of class politics, social structures and hierarchies of antebellum South through the examination 19th century art and material objects.
In today’s show, adapted from an article published this month on the Oscar Web site written by Brevy Cannon, we look at the work of UVa graduate student Karsten Nohl whose research has demonstrated that the encryption used by the now ubiquitous smart card is much easier to break than previously thought.
If you hold a credit card issued in the past 18 months, or use a touchless keycard to open doors at your office, or ride the subway with a reusable fare card, chances are good that you have used a card or ticket with a tiny wireless security chip embedded in it.
A trio of young computer experts, including UVa graduate student Karsten Nohl and colleague Henryk Plötz presented research in December at the Chaos Communication Congress in Berlin, that demonstrated that the encryption used by over a billion such “smart cards” is much easier to break than previously thought.
Their research shows that a tech-savvy thief with only a personal computer and about $1,000 worth of readily available equipment could make fake high-security access cards, mass-transit fare cards, and could even gain entry to cars by cloning certain wireless car keys that can open or lock the car from 20 feet away by clicking a button.
Nohl said, “security experts knew that it was feasible to break the encryption of this type of wireless chip, but most assumed that it was difficult enough to do so that the chips were unprofitable to attack. Companies that do so for legitimate purposes would charge from $100,000 to $500,000 and use research laboratory equipment, a high threshold to steal information from a wireless computer chip that is about the size of a grain of sand and costs less than a dollar.
The miniscule computer chips at issue are called RFIDs, short for “radio-frequency identification.” They send and receive information over short distances via very low-power radio waves. Their use has grown exponentially since 2000, and experts predict it will continue in the future. One sign of that trend is Wal-Mart has mandated their suppliers use them within a few years to identify all items. RFIDs may one day replace the ubiquitous bar code. In such uses, the information held on the RFID is often unencrypted.
But in other more demanding applications — including credit cards, car keys, high-dollar event tickets, subway fare cards and high-security building access control keycards — the RFID’s information is encrypted to prevent it from being read and potentially exploited by anyone with an RFID reader device.
Nohl and his collaborators broke the encryption on one particular RFID chip — the MiFare Classic, purportedly the most popular single RFID chip for security applications in the world, with over a billion sold world wide.
The first barrier to breaking the encryption of RFID chips like the MiFare Classic was being able to “listen” to the information that such chips broadcast. The advent in 2006 of affordable, available RFID readers was the beginning of a new era of vulnerability for RFIDs. The door thrown open, experts in sophisticated security techniques used in modern computers could easily study the primitive encryption used by many low-cost RFIDs. Nohl said, “you can’t consider the RFID world separate from the world of computers anymore, as manufacturers have in the past.”
Breaking the encryption involved several technical challenges. The team dissected the MiFare chip to reveal each layer of circuitry that make up the chip and produce the encryption. To do so, they looked at the chip under a conventional microscope, and used micro-polishing sandpaper to remove a few microns of material at a time to reveal each layer of circuitry, which then was digitally photographed.
Nohl then wrote optical recognition software that combined the pictures from each layer to produce a 3-D picture of the entire circuit, much like an MRI. Viewing the details of the circuit, Nohl deduced the algorithm which defined the narrow range of keys that could unlock the encryption, allowing him to find the right key in a matter of hours. Having done that once or twice, he could pre-compute the possible keys and break the encryption on other examples of the MiFare chip in a matter of minutes.
The team’s revelations come at an interesting time. The Netherlands are rolling out a new $3 billion national transit fare system that relies on the MiFare Classic chip. In the wake of the group’s research, the Dutch media reported extensively on the vulnerability of the system’s smart card that stores fares and can even be linked, on request, to a customer’s bank account in order to automatically reload the fare balance when it drops under a certain threshold.
As a result, most security professionals espouse Kerckhoff’s Principle, the idea that the design of all security systems should be fully public, with the security dependent only on a secret key. Public review of security designs also tends to catch flaws during the design process, rather than after the flaws are inherent in expensive systems, such as in the Netherlands transit system, noted Nohl and Evans.
For the millions of MiFare Classic-powered smart cards used in thousands of applications, this research from Nohl’s group proves that little stands in the way of future security breaks. Just how many malicious hackers have done so already, or will do so in the future, is anybody’s guess.
You’ve been listening to the Oscar Show, I’m Jacob Canon. Join us next week when our topic will be the research of University of Virginia politics professor Paul Freedman which suggests that the ever-growing barrage of political ads actually contributes to citizen education and engagement, and only rarely have negative impacts.