Proxmark developers community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

#1 2015-04-27 17:40:36

samburner3
Contributor
From: Sydney AUS
Registered: 2015-03-01
Posts: 51

DESFire EV1 transit replay top-up attack

Hi

I have not yet got a promark, but have taken an interested in RFID security, and have used some software to clone mifare classic cards successfully.

My city's transport system uses DESFire EV1 cards, therefore not able to be hacked/cloned. However I thought a replay attack would still be useful:

In theory if the top-up transmission can be captured (sniffed / snooped) from a top-up machine, that could then be replayed onto the card at anytime in the future, therefore free top-ups?

I could not find anything relating to this on the web, closest was on this forum with the oyster card example.

Would the proxmark be up to this task? Would encryption be an issue? I figured not as it is simply replaying a captured transmission.

Also would an NFC android device be able to carry this out in place of a proxmark? (budget in mind).

Offline

#2 2015-04-27 20:56:51

asper
Contributor
Registered: 2008-08-24
Posts: 1,409

Re: DESFire EV1 transit replay top-up attack

No NFC Android devices are NOT able to do what you want to do.

Offline

#3 2017-04-17 21:47:15

Danz
Contributor
From: Dubai
Registered: 2015-10-24
Posts: 96

Re: DESFire EV1 transit replay top-up attack

I tried the above theory, it didn't work as the top up transmission have server reference that saved on card and needed to be verified once with server after the top up which save approval code on the card with encrypted key , the server will disacknowledge any further reference verification


ModHex(hfdudthbfchtiehuduhehvht)

Offline

#4 2017-08-15 17:25:59

atmel9077
Contributor
Registered: 2017-06-25
Posts: 37

Re: DESFire EV1 transit replay top-up attack

When authenticating the card sends a random number that is different every time and you have to respond with an encryption of this number by the diversified key stored in the card.. Son you can't do replay attacks. With MIFARE CLASSIC which have a bad RNG this could be possible if there's no one-way counter (value block) used to certify the contents of the card.

Last edited by atmel9077 (2017-08-20 12:40:25)


Those who forget the past are doomed to repeat it.

Offline

#5 2018-10-08 04:59:24

Tom5ive
Contributor
Registered: 2017-09-18
Posts: 39

Re: DESFire EV1 transit replay top-up attack

Unfortunately this is not possible. I'm located close by in the same city and have been working at the same thing that you seem to be hinting at. Maybe we should get together for a beer sometime? smile

Offline

#6 2018-10-12 13:27:00

merlok
Contributor
Registered: 2011-05-16
Posts: 129

Re: DESFire EV1 transit replay top-up attack

Replay not possible.
but...
relay with android, wifi and|or etc...   may be possible... 
but may have a detection in the system.

bbbut) something like this:
https://eprint.iacr.org/2010/332.pdf
possible and cant be detected
(may be detected in only one way - detect of chip's antenna parameters)

Offline

#7 2018-10-13 10:04:04

merlok
Contributor
Registered: 2011-05-16
Posts: 129

Offline

Board footer

Powered by FluxBB