BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Cloning MiFare Classic rail and building passes\, anywhere\, anyti
 me - Nicolas Courtois\, University College London
DTSTART:20090407T151500Z
DTEND:20090407T161500Z
UID:TALK17687@talks.cam.ac.uk
CONTACT:Joseph Bonneau
DESCRIPTION:MiFare Classic is the most popular contactless smart card with
  some 200 millions copies in circulation world-\nwide. At Esorics 2008 Dut
 ch researchers showed that the underlying cipher Crypto-1 can be cracked i
 n as\nlittle as 0.1 seconds if the attacker can eavesdrop the RF communica
 tions with the (genuine) reader.\nWe discovered that a MiFare classic card
  can be cloned in a much more practical card-only scenario\, where\nthe at
 tacker only needs to be in the proximity of the card for a number of minut
 es\, therefore making usurpation\nof identity through pass cloning feasibl
 e at any moment and under any circumstances. For example\, anybody\nsittin
 g next to the victim on a train or on a plane is now be able to clone his/
 her pass. Other researchers\nhave also (independently from us) discovered 
 this vulnerability (Garcia et al.\, 2009) however our attack is\ndifferent
  and does not require any precomputation. In addition\, we discovered that
  a yet unknown proportion\nof MiFare Classic cards are even weaker\, and w
 e have in our possession a MiFare Classic card from a large\nEastern-Europ
 ean city that can be cloned in seconds.\n\nPaper: http://eprint.iacr.org/2
 009/137
LOCATION:Lecture Theatre 2\, Computer Laboratory\, William Gates Building
END:VEVENT
END:VCALENDAR