Paper 2026/100

BREAKMEIFYOUCAN!: Exploiting Keyspace Reduction and Relay Attacks in 3DES and AES-protected NFC Technologies

Nathan Nye, True Anomaly
Philippe Teuwen, Ledger
Tiernan Messmer
Steven Mauch
Struan Clark
Zinong Li
Zachary Weiss
Lucifer Voeltner
Abstract

This paper presents an in-depth analysis of vulnerabilities in MIFARE Ultralight C (MF0ICU2), MIFARE Ultralight AES (MF0AES), NTAG 223 DNA (NT2H2331G0 and NT2H2331S0), NTAG 224 DNA (NT2H2421G0 and NT2H2421S0), and widely circulated counterfeit Ultralight C cards based on Giantec GT23SC4489, Feiju FJ8010, and USCUID-UL. We reveal multiple avenues to substantially weaken the security of each technology and its implementation across a range of configurations. We demonstrate how, through relay-based man-in-the-middle techniques and partial key overwrites --- optionally combined with tearing techniques --- an attacker can reduce the keyspace of two-key Triple DES (2TDEA) from $2^{112}$ to $2^{28}$ or less in certain real-world deployments, thereby making brute-force key recovery feasible with modest computational resources. We further discuss how the MIFARE Ultralight AES protocol can be similarly affected, particularly when CMAC integrity checks are not enforced. We also find that the security offered by NTAG 223 DNA and NTAG 224 DNA is undermined by the absence of integrity checks on commands and the calculation of a CMAC over Secure Unique NFC (SUN) messages, providing an unauthenticated ciphertext oracle that facilitates key recovery. Field observations, especially in hospitality deployments, underscore the urgent need for proper configuration, key diversification, and counterfeit detection.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
NFCcontactlessMIFARE3DESAESrelay attackpartial key overwritePKOkeyspace reductionUltralightNTAG
Contact author(s)
nathan nye @ gmail com
phil @ teuwen org
tiernan messmer @ gmail com
steve @ fear technology
struan @ scrk net
zl2242 @ nyu edu
me @ zachary ws
lucifer @ eltrick uk
History
2026-01-25: revised
2026-01-21: received
See all versions
Short URL
https://ia.cr/2026/100
License
Creative Commons Attribution-ShareAlike
CC BY-SA

BibTeX

@misc{cryptoeprint:2026/100,
      author = {Nathan Nye and Philippe Teuwen and Tiernan Messmer and Steven Mauch and Struan Clark and Zinong Li and Zachary Weiss and Lucifer Voeltner},
      title = {{BREAKMEIFYOUCAN}!: Exploiting Keyspace Reduction and Relay Attacks in {3DES} and {AES}-protected {NFC} Technologies},
      howpublished = {Cryptology {ePrint} Archive, Paper 2026/100},
      year = {2026},
      url = {https://eprint.iacr.org/2026/100}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.