Crypto-1

Crypto1
NXP Crypto1
General
Designers Philips/NXP
First published October 6, 2008
Cipher detail
Key sizes 48 bits
Security claims 48 bits
Structure NLFSR, LFSR
Best public cryptanalysis
Garcia, Flavio D.; Peter van Rossum; Roel Verdult; Ronny Wichers Schreur (2009-03-17). "Wirelessly Pickpocketing a Mifare Classic Card"

Crypto1 is a proprietary encryption algorithm created by NXP Semiconductors specifically for Mifare RFID tags, including Oyster card, CharlieCard and OV-chipkaart.

Recent cryptographic research[1][2][3][4][5] has shown that, "the security of this cipher is ... close to zero". Crypto1 is a stream cipher very similar in its structure to its successor, Hitag2. Crypto1 consists of

It can operate as an NLFSR and as an LFSR, depending on its input parameters. Outputs of one or both linear and nonlinear functions can be fed back into the cipher state or used as its output filters. The usual operation of Crypto1 and Hitag2 ciphers uses nonlinear feedback only during the initialization/authentication stage, switching to operation as LFSR with a nonlinear output filter for encrypting the tag's communications in both directions.

External links

References

  1. de Koning Gans, Gerhard; J.-H. Hoepman; F.D. Garcia (2008-03-15). "A Practical Attack on the MIFARE Classic" (PDF). 8th Smart Card Research and Advanced Application Workshop (CARDIS 2008), LNCS, Springer.
  2. Courtois, Nicolas T.; Karsten Nohl; Sean O'Neil (2008-04-14). "Algebraic Attacks on the Crypto-1 Stream Cipher in MiFare Classic and Oyster Cards". Cryptology ePrint Archive.
  3. Nohl, Karsten; David Evans; Starbug Starbug; Henryk Plötz (2008-07-31). "Reverse-engineering a cryptographic RFID tag". SS'08 Proceedings of the 17th conference on Security symposium. USENIX. pp. 185–193.
  4. Garcia, Flavio D.; Gerhard de Koning Gans; Ruben Muijrers; Peter van Rossum, Roel Verdult; Ronny Wichers Schreur; Bart Jacobs (2008-10-04). "Dismantling MIFARE Classic" (PDF). 13th European Symposium on Research in Computer Security (ESORICS 2008), LNCS, Springer.
  5. Garcia, Flavio D.; Peter van Rossum; Roel Verdult; Ronny Wichers Schreur (2009-03-17). "Wirelessly Pickpocketing a Mifare Classic Card" (PDF). 30th IEEE Symposium on Security and Privacy (S&P 2009), IEEE.


This article is issued from Wikipedia - version of the Thursday, August 27, 2015. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.