DESFire Hack and Solutions

  • 02 Sep 2015 17:44
This paper describes the June 2011 hack presented by a German University at an RFID security conference and identifies which cards are subject to attack

FIPS 201 Compliant Solutions: From Card Issuance Operational Use


In June 2011, a group from a German university presented at RFIDsec (an RFID security conference) a methodology for a hack of the common NXP Mifare DESFire security. In the hack, a method called Differential Power Analysis was used to ascertain the symmetric key value of an encoded DESFire card. The hack was demonstrated to be successful at a separate conference (CHES Workshop) in September 2011.

This document describes the attack in simplified terms, identifies what cards are subject to this attack,
elaborates on what the availability of this attack means to customers using DESFire card, and provides
recommendations for a solution. While it may be of concern that thieves may have tools to read, or perhaps write, to cards unbeknownst to those in possession or in charge of such credentials; the reader should have their mind put at ease to know that the attack is fruitless against DESFire cards encoded through Symmetry. 

Download the full white paper: DESFire Hack and Solutions

^