I can't compile your project

[aleks921]

I want to compile your project libnfc_crypto1_crack. But i get error: not found #include < nfc/nfc.h >. How this fixed and compile your project ? Do I understand correctly that your program can without proksmarka, without sniffing, hackьmifare classic emulated? I will appreciate if you send me a compiled program

[aczid]

Can you give your virtual machine more cores? Or try booting a real Linux from USB? It will be faster.

[aleks921]

I try booting Kali Linux from USB.

[aczid]

Also on 64-bit you no longer have the __asm__ / asm issue, right? :)

[aleks921]

Yes, compile sucessfull with asm without __

[aczid]

I will remember this next time this comes up as an issue!

[aleks921]

Ok, thank you.

[aleks921]

Collected 4730 nonces... leftover complexity 1126131040256 (~2^40.03) - press enter to start brute-foCollected 4740 nonces... leftover complexity 1126131040256 (~2^40.03) - press enter to start brute-foCollected 4749 nonces... leftover complexity 79161478400 (~2^36.20) - initializing brute-force phase... Starting 2 threads to test 79161478400 states using 128-way bitslicing Cracking... 99.95% No solution found :( Why this fail.

[aczid]

Sometimes it just fails. Because it's a probabilistic attack. You only get 95% guarantee. Try again.

[aleks921]

How many you get fail in this program before get key. Statistics interest me)

[aczid]

I've had it fail 10 times before it worked!

[aleks921]

Oh, will try get key :))

[aczid]

Are you running from USB now? It's much faster, right? :)

[aleks921]

Yes, i always with USB running this kali)

[aczid]

Oh I thought you had a VM.

[aleks921]

No, VM very slowly. I like use on booting with USB)

[aczid]

Okay, at least now 2^37 after enough nonces finishes very fast, right?

[aleks921]

Yes very fast finished.

[aczid]

Okay, nice to hear that. :) Maybe you can try at 2^38 or higher too - it's only 2x as long. Etc. 2^40 is quite a big number though, that's why that didn't work.

[aleks921]

Now other card with emulation classic 1k try. Collected 6147 nonces... leftover complexity 1126131040256 (~2^40.03) - press enter to start brute-foCollected 6157 nonces... leftover complexity 68926322320 (~2^36.00) - initializing brute-force phase... Starting 2 threads to test 68926322320 states using 128-way bitslicing Cracking... 23%

[aczid]

If you start the brute-force phase and it doesn't go very fast and you want to try again, you should replace: fp = fopen(filename, "wb"); to fp = fopen(filename, "wb+"); to re-use the nonces you've already gathered.

[aleks921]

thank, I change program)

[aczid]

Oh wait, that only works when you use the solve* programs next to this libnfc* program...

[aczid]

I didn't add the code to re-load the saved nonces yet... Sorry.

[aczid]

How is the other card doing?

[aleks921]

other card mifare plus with emulation mifare classic. Now 50% and 2^36 numbers.

[aczid]

Ok please let me know how it goes.

[aleks921]

log, of course.

Collected 6110 nonces... leftover complexity 1126131040256 (~2^40.03) - press enter to start brute-foCollected 6119 nonces... leftover complexity 1126131040256 (~2^40.03) - press enter to start brute-foCollected 6128 nonces... leftover complexity 1126131040256 (~2^40.03) - press enter to start brute-foCollected 6138 nonces... leftover complexity 1126131040256 (~2^40.03) - press enter to start brute-foCollected 6147 nonces... leftover complexity 1126131040256 (~2^40.03) - press enter to start brute-foCollected 6157 nonces... leftover complexity 68926322320 (~2^36.00) - initializing brute-force phase... Starting 2 threads to test 68926322320 states using 128-way bitslicing Cracking...73,77%

[aleks921]

Cracking... 99.99% No solution found :(

[aczid]

Keep trying...

[aleks921]

ok)

[aleks921]

"Maybe you can try at 2^38" How stop program when 2^38, program have many 2^40 and last fastly on 2^36. How catch 2^38 in program.

[aczid]

No, it's all or nothing. Either you can go at 2^40, or at 2^36, or nothing.

[aleks921]

2^40 you have sucessfull or not.

[aczid]

There is some uncertainty in the attack. This is described in the paper.

[aleks921]

I right understand that on 2^40 program will very slowly but i have more chance find key than on 2^36

[aczid]

The crypto1 cipher uses 48 bits so the maximum keyspace is 2^48, but that's quite big. So we reduce it to a smaller space using some probabilities based on the encrypted nonces, and can check that with the encrypted parity bits.

[aczid]

Well, yeah. There is a trade-off between the online (nonce collecting) time and the offline (brute forcing) time. It could be that you would spend several hours more to reduce the space to under 2^37 but could actually do 2^40 of brute-force in that time.

[aleks921]

Yes, i read about crypto-1 mifare classic practical attack. New attack about hardnested don't read yet. I see only today about this new attack. Do you try hack jcop41 card with emulation mifare classic in this program.

[aczid]

No, I have never heard of that. Javacard emulation of MFC?

[aleks921]

Yes.

[aczid]

Okay, this sounds new to me, but I don't see why this attack would not work, because it attacks the protocol, not any specific chip. Please let me know about your results!

[aleks921]

2 times trying, wait nonce package.

[aleks921]

Now Collected 8115 nonces... leftover complexity 1126131040256 (~2^40.03) - press enter to start brute-foCollected 8124 nonces... leftover complexity 1126131040256 (~2^40.03) - press enter to start brute-foCollected 8134 nonces... leftover complexity 1126131040256 (~2^40.03) - press enter to start brute-fo

[aleks921]

In first was this: foCollected 6157 nonces... leftover complexity 68926322320 (~2^36.00)

[aczid]

It all depends. There is some math going on in craptev1 that I don't fully understand. :)

[aleks921]

Ok,understand))

[aleks921]

I find keyB and want to read in card keyA across keyB. Do you can to say how without brut find KeyA know KeyB yet.

[aleks921]

Problem with jcop42 card with emulation mifare classic 1k. (sak 28 ataq 0004) root@kali:~/crypto1_bs# ./libnfc_crypto1_crack a0a1a2a3a4a5 5 B 0 B Error while requesting plain tag-nonce Some other error occurred. Found tag with uid 6767b9d1, collecting nonces for key B of block 0 using known key B a0a1a2a3a4a5 for block 5 Don't move the tag!

[aczid]

Sorry, had to sleep for a bit. :) Don't move the tag, don't unplug usb, don't suspend your machine, etc. Unfortunately the newer cards don't allow the reading of key A with key B or vice versa. :( You have to crack them both.

[aleks921]

I don,t move tag but this message only when i try hack card jcop41 with emulation MST. Can you fix this bag ?