请输入您要查询的百科知识:

 

词条 Crypto-1
释义

  1. See also

  2. External links

  3. References

{{Infobox encryption method
| name = Crypto1
| image =
| caption = NXP Crypto1
| designers = Philips/NXP
| publish date = October 6, 2008
| security claim= 48 bits
| key size = 48 bits
| structure = NLFSR, LFSR
| cryptanalysis = Garcia, Flavio D.; Peter van Rossum; Roel Verdult; Ronny Wichers Schreur (2009-03-17). "Wirelessly Pickpocketing a Mifare Classic Card"
}}

Crypto1 is a proprietary encryption algorithm created by NXP Semiconductors specifically for Mifare RFID tags, including Oyster card, CharlieCard and OV-chipkaart.

Recent cryptographic research[1][2][3][4][5] has shown that, "the security of this cipher is ... close to zero".

Crypto1 is a stream cipher very similar in its structure to its successor, Hitag2. Crypto1 consists of

  • one 48-bit feedback shift register for the main secret state of the cipher,
  • a linear function,
  • a two-layer 20-to-1 nonlinear function and
  • a 16-bit LFSR which is used during the authentication phase (which also serves as the pseudo random number generator on some card implementations).

It can operate as an NLFSR and as an LFSR, depending on its input parameters. Outputs of one or both linear and nonlinear functions can be fed back into the cipher state or used as its output filters. The usual operation of Crypto1 and Hitag2 ciphers uses nonlinear feedback only during the initialization/authentication stage, switching to operation as LFSR with a nonlinear output filter for encrypting the tag's communications in both directions.

See also

PositiveID

External links

  • Radboud Universiteit Nijmegen press release PDF (in English)
  • Details of Mifare reverse engineering by Henryk Plötz [https://web.archive.org/web/20081010065744/http://sar.informatik.hu-berlin.de/research/publications/SAR-PR-2008-21/SAR-PR-2008-21_.pdf PDF] (in German)
  • Windows GUI Crypto1 tool, optimized for use with the Proxmark3

References

1. ^{{cite web | last = de Koning Gans | first = Gerhard |author2=J.-H. Hoepman |author3=F.D. Garcia | url = http://www.cs.ru.nl/~flaviog/publications/Attack.MIFARE.pdf | title = A Practical Attack on the MIFARE Classic | publisher = 8th Smart Card Research and Advanced Application Workshop (CARDIS 2008), LNCS, Springer | date = 2008-03-15}}
2. ^{{cite web | last = Courtois | first = Nicolas T. |author2=Karsten Nohl |author3=Sean O'Neil | url = http://eprint.iacr.org/2008/166 | title = Algebraic Attacks on the Crypto-1 Stream Cipher in MiFare Classic and Oyster Cards | publisher = Cryptology ePrint Archive | date = 2008-04-14 }}
3. ^{{cite web | last = Nohl | first = Karsten |author2=David Evans |author3=Starbug Starbug |author4=Henryk Plötz | url = http://dl.acm.org/citation.cfm?id=1496724 | title = Reverse-engineering a cryptographic RFID tag | work = SS'08 Proceedings of the 17th conference on Security symposium | publisher = USENIX | pages = 185–193 | date = 2008-07-31 }}
4. ^{{cite web | last = Garcia| first = Flavio D. |author2=Gerhard de Koning Gans |author3=Ruben Muijrers |author4= Peter van Rossum, Roel Verdult |author5=Ronny Wichers Schreur |author6=Bart Jacobs | url = http://www.cs.ru.nl/~flaviog/publications/Dismantling.Mifare.pdf | title = Dismantling MIFARE Classic | publisher = 13th European Symposium on Research in Computer Security (ESORICS 2008), LNCS, Springer | date = 2008-10-04 }}
5. ^{{cite web | last = Garcia| first = Flavio D. |author2=Peter van Rossum |author3=Roel Verdult |author4=Ronny Wichers Schreur | url = http://www.cs.ru.nl/~flaviog/publications/Pickpocketing.Mifare.pdf | title = Wirelessly Pickpocketing a Mifare Classic Card | publisher = 30th IEEE Symposium on Security and Privacy (S&P 2009), IEEE| date = 2009-03-17 }}
{{Cryptography navbox | stream}}{{crypto-stub}}

1 : Stream ciphers
随便看

 

开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。

 

Copyright © 2023 OENC.NET All Rights Reserved
京ICP备2021023879号 更新时间:2024/11/16 6:07:09