Well what’s the big deal? Mifare was always known to be very weak, a brute force attack would take only days. So have the researchers done more damage? Well they have exposed two flaws:
- Through reverse engineering they have identified new vulnerability of the MIFARE card and its cryptographic algorithm that makes attack works even faster.
- NXP adopted a security by obfuscation approach for the MIFARE card that has lead to poor design and above vulnerability.
A very good example is the work by Paul Kocher on Simple and Differential Power Analysis (SPA/DPA). In the mid 1990’s people look at smart card as a practical media to securely store and perform cryptographic operations using secrete and private keys. Such keys are stored in unreadable memory and the cryptographic operations rely on practically unbreakable algorithm (e.g. RSA algorithm security is based on the difficulty to factor large numbers into prime factors). None of those criteria were successfully challenged at that time (neither they are today, but it doesn’t mean they won’t be tomorrow). But the combination of the two was surprisingly insecure. By carefully measuring the power consumption (or its variation) during cryptographic operations, the researchers thanks to the knowledge of the algorithm involved managed to discover characteristics of the key and eventually recover the key itself.
The reality is that you should never under-estimate your opponent. In 1857, this costs the life of Mary Queens of Scots. While she was plotting to murder Queen Elizabeth, she sent encrypted messages to her supporters. Those messages were intercepted and decrypted, and Mary Queens of Scots was decapitated.
Events like this lead August Kerckhoffs to say as far back as in 1883, “any ciphering method can be known to the enemy and the security of the whole system depends only on the choice of key”. Today, this principle is still valid. Essentially it means that the design of a cryptographic system should be published and be subject to peer review, the less secret in the cryptographic system the higher the chance for it to be secure. Delaying the publication of such design often only delay the identification of flaws and increase embarrassment of the designer and the cost of fixing it. Unfortunately it is only a matter of time, as theoretical and technical advances are made, for even the most scrutinized cryptographic systems to reveal flaws.
So this is a never-ending quest, but the cryptographer should take comfort like Sisyphus that "The struggle itself towards the heights is enough to fill a man's heart."
1- In P. Kocher, J. Jaffe, B. Jun, "Differential Power Analysis," Advances in Cryptology - Crypto 99 Proceedings, Lecture Notes In Computer Science Vol. 1666, M. Wiener, ed., Springer-Verlag, 1999.
2- In August Kerckhoffs « La cryptographie militaire », Journal des sciences militaires, vol. IX, pp. 5–38, Janvier 1883, pp. 161–191, Février 1883“toute méthode de chiffrement est connue de l’ennemi et la sécurité du système ne dépend que du choix des clés.”
3- In Albert Camus, Le Mythe de Sisyphe, Paris, Gallimard, 1942. ” La lutte elle-même vers les sommets suffit à remplir un cœur d’homme. Il faut imaginer Sisyphe heureux.”
No comments:
Post a Comment