search

dev-zzo / ChameleonMini

The ChameleonMini is a versatile contactless smartcard emulator compliant to NFC. For further information see the Getting Started Page or the GitHub-Wiki-Tab above.
https://rawgit.com/emsec/ChameleonMini/master/Doc/Doxygen/html/Page_GettingStarted.html
Other
14 stars 1 forks source link

Get DesFire keys #17

Closed osysltd closed 7 years ago

osysltd commented 7 years ago

Hi Dima!

Thank you very much for the development and efforts. What do you think, would it be possible to extract desfire authentication key from the reader authentication attempt (reader attack) emulating desfire card by the device?

dev-zzo commented 7 years ago

Hey there. The authentication scheme in use is basically like this:

  1. The card sends Ek(CardNonce)
  2. The reader sends Dk(ReaderNonce|CardNonce)
  3. The card sends E(ReaderNonce)

Currently, trying to crack this scheme only by the known plain text attack is equivalent to brute force search for the AES-128 key given the correct plaintext-ciphertext pair and as such is not feasible, even without CBC. Depending on the reader, you will have a better chance attacking the reader device itself. Let me know if you'd like to discuss that option off the list. :-)

osysltd commented 7 years ago

Sorry if I didn't get you or DesFire authentication mechanism correctly, but aren't we able to get the key by which reader is trying to authenticate?

dev-zzo commented 7 years ago

Explain your idea! :-)

lvandenb commented 7 years ago

No, to my knowledge keys are never sent during normal usage. Only when creating / changing card and applications

From: Osys [mailto:notifications@github.com] Sent: woensdag 26 april 2017 15:14 To: dev-zzo/ChameleonMini Cc: Subscribed Subject: Re: [dev-zzo/ChameleonMini] Get DesFire keys (#17)

Sorry if I didn't get you or DesFire authentication mechanism correctly, but aren't we able to get the key by which reader is trying to authenticate?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/dev-zzo/ChameleonMini/issues/17#issuecomment-297403464, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AC8E_gb3KE3EuP-DuxAe22K0TRhi5paJks5rz0MmgaJpZM4NIv54.

SCK•CEN Disclaimer: http://www.sckcen.be/en/e-mail_disclaimer

osysltd commented 7 years ago

Please could you can share some specific document describing this? All I can find is a statement that reader tries to authenticate with key for PICC Application:

--> 0a 00
<-- af a2 be cd 03 d8 46 cb 33
--> af b0 cc bc ed 8f c8 38 c9 08 dc e2 4d 86 ca ec 3c
<-- 00 76 73 d9 49 71 3f f2 d1
dev-zzo commented 7 years ago

"Philips Semiconductors. Product Specification Rev. 3.1 April 2004" I am sure you will figure it out. ;-)