【转帖】Mifare,some one kick his ass

huangyhg

Mifare,some one kick his ass

• 2011年04月29日
  
• 发布在 个人兴趣 . 资料
  
• 由ding
  
• 留下评论
  

  Mifare,some one kick his ass

Mifare卡，漏洞不止一个

在讲述之前，我先赘述下Mifare卡的历史

MIFARE is the NXP Semiconductors-owned trademark of a series  of chips widely used in contactless smart cards and proximity cards. According  to the producers, billions of smart card chips and many millions of reader  modules have been sold. The technology is owned by NXP Semiconductors (spin off  from Philips Electronics in 2006) with its headquarters in Eindhoven, the  Netherlands, and main business sites in Nijmegen, the Netherlands, and Hamburg,  Germany.

Mifare是NXP半导体拥有的芯片商标，被广泛的应用于接触式智能卡和非接触式卡。根据制造商统计，已经有上百万的智能芯片和读卡器被出售。NXP（于2006年从飞利浦电子中分离）拥有这项技术，它的总部在荷兰的埃因霍温，主要业务中心在荷兰的奈梅亨，德国的汉堡。

History

• 1994 — MIFARE Classic 1k contactless technology introduced.
  
• 1996 — First transport scheme in Seoul using MIFARE Classic 1k.
  
• 1997 — MIFARE PRO with Triple DEScoprocessor introduced.
  
• 1999 — MIFARE PROX with PKI coprocessor introduced.
  
• 2001 — MIFARE UltraLight introduced.
  
• 2002 — MIFARE DESFire introduced, microprocessor based product.
  
• 2004 — MIFARE DESFire SAM introduced, secure infrastructure counterpart of  MIFARE DESFire.
  
• 2006 — MIFARE DESFire EV1 is announced as the first product to support  128-bit AES
  
• 2008 — MIFARE Plus is announced as a drop-in replacement for MIFARE Classic  based on 128-bit AES
  
• 2008 — MIFARE Ultralight C is introduced as paperticket IC featuring Triple  DES Authentication
  
• 2010 — MIFARE SAM AV2 is introduced as secure key storage for readers AES,  Triple DES, PKI Authentication
  

呃。。。这个我就不翻译了。。。总之就是体现出MIFARE卡的历史悠久云云~

但是，基本有三个团队在钻研这个难题。。。

今天，我却不说这三个团队，讲一讲MIT三个学生（一说是黑客，难道参加黑客大会的就是黑客？谬哉。。。）的故事

先说结局，人家很完美的解决了问题，做出了一个很带感的东西

“WarCart” MIFARE CRACK


人家的目标很简单，免费坐地铁。波士顿地铁站，估计是每天翻计票器翻累了，寻找新出路。从而，他们在寻找这个波士顿地铁站的月卡是什么玩意。。。

MIFARE  CLASSIC RFID

就是这个玩意，人家还特地查证了有哪些地方有的一样的月卡

  Boston (CharlieCard)

London (Oyster Card)

Netherlands (OV-Chipkaart)

Minneapolis

South Korea (Upass)

Hong Kong

Beijing（天朝首都啊，，，不管了。。。）

Madrid (Sube-T)

Rio de Janeiro (RioCard)

New Delhi


Bangkok           and more

  

好了，扯了半天，该讲述他们的方法了吧，但是，对不起，防止意外发生，我不解释，需要研究的，请自行下载，谢谢配合

http://dl.dbank.com/c07gqvmn8e  

原创文章，转载请注明： 转载自周末的呆小

本文链接地址: Mifare,some one kick his ass