26C3: Nothing to crack in "Legic Prime" RFID chip cards security system
Security researchers Karsten Nohl and Henryk Plötz had already cracked the encryption of NXP’s "Mifare Classic" smart cards, and now they have taken apart and cloned the radio frequency IDs from the "Prime" product line of Swiss manufacturer Legic. "We can emulate the scanner, change commands, and finally emulate all cards," Nohl stated on Monday at the 26th Chaos Communication Congress (26C3) in Berlin He recommended that key customers of Legic, which issues RFID cards on the basis of the Prime category launched in 1992, at least migrate to the more recent "Legic Advant" product line as quickly as possible.
Like Mifare Classic, Prime smartcards are based on the standard frequency of 13.56 MHz, but Nohl says that Prime cards are much less common than their successors and are mainly popular in Europe. Despite their age, they are nonetheless marketed as high-security technology and used particularly for access control and staff IDs in nuclear power plants and airports in addition to being used as payment and multifunction cards. In general, Legic and its partners are highly secretive about how the chip cards work. For instance, it is not easy to get hold of an official scanner for the system. Overall, the experts say that they discovered "more encryption layers in the program code than actually fit on an RFID chip".
The researchers were led down the path to discovery starting with documents about the Prime series that Legic published as part of an unsuccessful application for an ISO standard. These documents revealed how bits are transmitted from the card system. The researchers then expected to find a hard crypto shell employing classic encryption algorithms. But they said they couldn't find a secret key anywhere. As Plötz put it, there is "no encryption" without such a key. Instead, the vendor apparently simply uses various methods of code obfuscation to create the appearance of security.
It follows that there really wasn't anything to crack on the Prime cards. The hackers therefore succeeded in sniffing data traffic between the smartcard and the scanner by using a Proxmark3 RFID test device, an oscilloscope, and a mathematical method for analysing the logic of infromation transferred. The researchers say they quickly discovered that the card under study did not have any serious random number generator, indicating that the encryption initially expected would probably fall far short of the mark. Plötz says that the software required for the Proxmark3 to be used as a scanner for the Prime series haa already been merged into the software for the device, but they will not be publishing the tools and emulator used in the attack.
After a lot of experimenting, Plötz said they eventually found a way of putting together a working scanner in order to read out the content of the cards analyzed and even write onto them. In the end, he said it was not really hard to get around the hierarchical method of issuing master cards and subordinate smartcards with fewer rights in order to "fake" physical key-based encryption. The “master token system control” was actually intended to ensure that only one chip card with special authorization functions would be able to produce RFID smartcards for particular end-users. But this system also failed to withstand the analysis described. Indeed, the experts managed to come up with a kind of master functional unit with which they could write onto blank cards as they wished.
Last year, Nohl and Plötz pointed out that the security measures taken in some card generations, such as those of HID and Atmel, left much to be desired. Nohl says that the protective measures on HID smartcards are the easiest to get past. Indeed, he says they do not even need to be hacked -- you can also simply read them out with the Proxmark3. The most valuable part of these quite large, heavy cards is apparently the onboard batteries.