System level security measures for MIFARE installations

Security recommendations on design contactless card systems such that they are better resilient against attacks and that the impact of attacks, if they were to succeed.

Mitigation of attacks on cards
This chapter discusses attacks on cards. Note that some terminal side attacks, once successful, enable certain attacks on cards. Those attacks are also considered in this chapter.

Key elements in designing secure systems that can mitigate attacks on cards
These are the key elements in designing secure systems:
1.Key diversification: With key diversification each card has a key or keyset which is different from each other card.
2.Fraud detection: The ability to find out that a fraudulent card exists.
3.Mechanism to stop deployment of fraudulent cards:
This can be either or both of:
a.Black listing / whitelisting: A mechanism by which the terminals can be instructed to accept or reject certain cards.
b.MAC over the to-be-protected card contents and UID. Calculate a MAC over the card content including the UID and use a key for the MAC that is not present on the card (only present in terminals).
4.Key renewal With key renewal the system has the ability to update the keys in the cards in the field, and use those new keys by the terminals. When a consumer presents a card that holds old keys, the keys will be updated to a new set of keys, and then the transaction will be performed.
We will discuss these concepts below. First some terminology though, followed by an overview of the effectiveness of the various defenses.

Terminology
Every MIFARE DESFire EV1 and MIFARE Plus has an ID. This is either a unique ID (UID) (meaning that there are no two genuine MIFARE cards that have the same UID) or in other cases an ID which is likely to be different from IDs of other cards by a high likelihood. In the case of non unique IDs the likelihood of being able to acquire another card with the same ID as one that an attacker has access to, or even the ability to acquire two cards with the same ID is so low that it is neglectably small for a commercially viable criminal business case. Therefore we treat the non-unique IDs in this document as if they were unique IDs.

An emulator is a piece of hardware and software which can emulate the MIFARE DESFire EV1 or MIFARE Plus, including a UID that can be freely chosen. This free choice of UID makes the emulator different from a genuine MIFARE card. A laptop plus a < $25 reader device can act as an emulator if the right software is implemented. Although no emulators are currently known for MIFARE DESFire EV1 or MIFARE Plus, the possible existence of those tools is not considered to be harming in itself. MIFARE DESFire EV1 and MIFARE Plus are designed such that the protection fully comes from the ability to keep the keys secret.

————————————————————————————————————————————————————————

System level security measures for MIFARE installations

Security recommendations on design contactless card systems such that they are better resilient against attacks and that the impact of attacks, if they were to succeed.

Overview of effectiveness
See Table 1 for an overview of the effectiveness of five sets of mitigation measures. The mitigation measures are discussed in more detail thereafter.

Table 1. Overview of effectiveness of the mitigation measures
# Mitigation measures Attack Deployment using the attacked card Attack Deployment using other legitimate cards of the system Attack Deployment using new blank genuine cards Attack Deployment via emulators
1 Key diversification No protection Effective protection (regardless of fraud detection) as long as the master key for key diversification in the terminal is not compromised. Effective protection (regardless of fraud detection) as long as the master key for key diversification in the terminal terminal is not compromised. No protection
2 Key diversification + fraud detection +black/whitelisting Effective protection from the moment of updating the black/whitelist  Effective protection (regardless of fraud detection) as long as the master key for key diversification in the terminal is not compromised. Otherwise: effective protection from the moment of updating the black/whitelist Effective protection (regardless of fraud detection) as long as the master key for key diversification in the terminal is not compromised Otherwise: effective protection from the moment of updating the black/whitelist Effective protection from the moment of updating the black/whitelist. If the master key for key diversification in the terminal would get compromised then the protection is not effective.
3 Key diversification

+ MAC over the UID and content

Partially effective protection. Residual risk: card can be brought back into a previously valid state of that card. Effectiveness: Not possible to put any value on the card, but only previously valid states. This holds as long as the key used in the terminal for the MAC is not compromised. When that key has been compromised: no protection. Effective protection (regardless of fraud detection) as long as neither the master key for key diversification in the terminal nor the key in the terminal for the MAC calculation is compromised.

When the master key for key diversification has been compromised: partly effective protection, see “Deployment using the  attacked card”. When the key in the terminal for the MAC has been compromised: see row 1 above.

Effective protection (regardless of fraud detection) as long as neither the master key for key diversification in the terminal nor the key in the terminal for the MAC is not compromised.  When only the master key for key diversification has been compromised: still effective protection. When only the key in the terminal for MAC has been compromised: still effective protection When both keys the terminal have been compromised: see row 1 above. Partly effective

protection. Residual risk: A previously valid state of the attacked card can be put on multiple instances of emulators.

Effectiveness: Not possible to put any value on the card, but only previously valid states.

This holds as long as the key used in the terminal for the MAC is not compromised. When that key has been compromised: no protection.

4 Key

diversification

+ fraud detection + black/whitelisti

ng + MAC over the UID

and content

See 3 above until the

moment that the

black/whitelist has been

updated, thereafter see

row 2.

See row 3 above. See row 3 above. See 3 above until the moment that the black/whitelist has been

updated, thereafter see row 2.

5 Methods 2, 3

or 4 with additionally

the ability to do key renewal in the field.

Before updating the keys: same as in the original method. After a terminal key has been broken and this card is presented to anupdating terminal, the original protection is regained. (this only holds if the keys for updating had not been compromised as well or if the updating transaction cannot be recorded by an attacker). For cards that are never presented to an updating terminal, original protection is regained once cards with keys derived from the compromised master key are no longer accepted. Before updating the keys: same as in the original method. After a terminal key has been broken and this card is presented to an updating terminal, the

original protection is regained. For cards that are never presented to an updating terminal, original protection is regained once cards with keys derived from the compromised master key key / MACs

calculated with the compromised MAC key are no longer accepted by non-updating terminals.

Before updating the keys: same as in the original

method. After a terminal key has been broken and this card (being a fraudulent card) is presented to an updating terminal, the updating of the keys will fail. That means that fraudulent cards cannot pass updating terminals. This event can also lead to blacklisting (in methods 2 and 4). Finally full original protection is regained once cards with keys derived from the compromised master key key / MACs calculated with the compromised MAC key are no longer accepted by nonupdating terminals.

The same holds as for new blank

genuine cards.