We have examined MiFare from the point of view of the so called "algebraic attacks". We can recover the full 48-bit key of MiFare algorithm in 200 seconds on a PC, given 1 known IV (from one single encryption).
The security of this cipher is therefore close to zero. This is particularly shocking, given the fact that, according to the Dutch press, 1 billion of MiFare Classic chips are used worldwide, including in many governmental security systems.
Category / Keywords: secret-key cryptography / Mifare Crypto 1 algorithm, stream ciphers, algebraic cryptanalysis, Boolean functions, Gröbner bases, SAT solvers Date: received 13 Apr 2008, last revised 14 Apr 2008 Contact author: n courtois at ucl ac uk Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation Version: 20080414:185254 (All versions of this report) Short URL: ia.cr/2008/166 Discussion forum: Show discussion | Start new discussion