Well… It was about the time for RATB/Metrorex Card Activ in Bucharest to fall… And it is not even news. OV Chipkaart in Netherlands, Oyster Card in London were broken in the near and not so near past…
Mifare Classic is both theoretically and practically broken in both active (sniffing) and passive (card-only) attack scenarios.
Thanks to ignorance, lots of money/interest (14 Millions of Euros) and UTI/PMB (Primaria Municipiului Bucuresti/Bucharest City Hall) involvement, RATB/Metrorex still uses Mifare Classic.
Hell ya, where are they gonna go? It’s a logistic nightmare to upgrade the readers in the entire RATB fleet and all Metrorex entrances, manage the exchange of already 800.000 sold cards, not telling about additional several Millions of Euros for upgrade equipment and software upgrades…
Even though researches were blowing the whistle from last year, no system integrator or vendor seems to care . Well it seems that few smart guys (and not pointing to me, I just implemented what other had know and researched for a long time) can fcuk up dozen of systems, each costing Millions of Euros.
Nice equation: (a dozen of smart guys * their brain IQs of Millions) >>>OUT-WEIGHTS>>> (the dozens of projects * XX Millions of Euros)
Long story short, here we go - food for the brain (yes - food for the brain, not spoon-feeding - note the difference):
MFCUK (MiFare Classic Universal toolKit) http://code.google.com/p/mfcuk/
PS: (14 Nov 2009)
Ironically, on the night of publishing this paper/post and the open-source/binary for key recovery, UTI has posted these news “Cardurile de călătorie RATB se pot reîncărca online sau la bancomat (13 noiembrie 2009)” (i.e. “RATB cards can now be topped-up online or at some BCR ATMs”).
DISCLAIMER: The information and reference implementation source/binary contained herein is provided:
A deep dive into brain's curiosities
|<< <||> >>|