Large-Scale Invisible Attack on AFC Systems with NFC-Equipped - - PowerPoint PPT Presentation

large scale invisible attack on afc systems with nfc
SMART_READER_LITE
LIVE PREVIEW

Large-Scale Invisible Attack on AFC Systems with NFC-Equipped - - PowerPoint PPT Presentation

Jul 29, 2023 659 likes •890 views

1 Large-Scale Invisible Attack on AFC Systems with NFC-Equipped Smartphones Fan Dang 1 , Pengfei Zhou 1, 2 , Zhenhua Li 1 , Ennai Zhai 3 , Aziz Mohaisen 4 , Qingfu Wen 1 , Mo Li 5 1 School of Software, Tsinghua University, China 2 Beijing

slide-1
SLIDE 1

1

Large-Scale Invisible Attack on AFC Systems with NFC-Equipped Smartphones

Fan Dang1, Pengfei Zhou1, 2, Zhenhua Li1, Ennai Zhai3, Aziz Mohaisen4, Qingfu Wen1, Mo Li5

1 School of Software, Tsinghua University, China 2 Beijing Feifanshi Technology Co., Ltd., China 3 Department of Computer Science, Yale University, USA 4 Department of Computer Science and Engineering, State University of New York at Buffalo, USA 5 School of Computer Science and Engineering, Nanyang Technological University, Singapore

slide-2
SLIDE 2

2

Introduction

  • Automated Fare Collection (AFC) system
slide-3
SLIDE 3

3

Introduction

  • MIFARE Classic

Processor Cards

slide-4
SLIDE 4

4

Introduction

  • Generate Random

Number (R) Secret Key (K) =? Accept Reject Secret Key (K)

External Authentication: a card verifies a terminal Card Terminal

slide-5
SLIDE 5

5

Introduction

  • Generate Random

Number (R) Secret Key (K) =? Accept Reject Secret Key (K)

Internal Authentication: a terminal verifies a card Terminal Card

slide-6
SLIDE 6

6

Introduction

  • Random Number

Data with MAC

Message authentication code: MAC = Digest(data, rnd, key)

slide-7
SLIDE 7

7

Introduction

  • What is a possible flaw?
slide-8
SLIDE 8

8

Flaw

  • ISO/IEC 14443-4 based

Millions issued City Traffic Card

slide-9
SLIDE 9

9

Flaw

  • Entrance

Exit

  • 2. Entrance

Data

  • 3. Calculate Price
  • 4. Debit
  • 6. Transaction

Log

  • 1. Entrance

Data

Database AFC Backend

  • 5. Auth Code
slide-10
SLIDE 10

10

Flaw

  • Root

Card Info Purse Bus Data Metro Data Transaction History

slide-11
SLIDE 11

11

Flaw

  • Card

Terminal (with SAM) Read basic info Success Request Random Number Verify Random Number (R) Calculate MAC Entrance Data (with MAC) Success

slide-12
SLIDE 12

12

Flaw

  • Card

Terminal (with SAM) Read basic info & entrance data Success Debit (with MAC) Verify & Calculate fare Success (with MAC’) Upload

slide-13
SLIDE 13

13

transporta- e, issue, , Host- distance-

Cloud AFC Card Pool Entrance Exit

  • 2. Fake

Entrance

  • 3. Calculate Price
  • 4. Debit
  • 8. Transaction

Log

  • 1. Entrance

Data

Web Server Database (always in consistency) AFC Backend

  • 5. Debit
  • 6. Auth

Code

  • 7. Auth Code
  • Fig. 1: Architectural overview of our designed attack on an

Attack model

slide-14
SLIDE 14

14

Tampering Entrance Data

  • 1. Collecting entrance data

We developed a lightweight app (different from LessPay app) to specifically collect data.

  • 2. Obtaining data structure of entrance data
  • 3. Obtaining station information

Reverse an app E-Card Tapper(e卡贴)

  • 4. Tampering the entrance data

Location based

# Entrance Data Enter Time Metro Line Station Balance When Entering 1 1512051417043D014C1D 2015-12-05 14:17 4 Station A 75.00 2 1511301135020801B009 2015-11-30 11:35 2 Station B 24.80 3 15112215225E1D01AC0D 2015-11-22 15:22 X Station C 35.00 4 15112009560A11016612 2015-11-20 09:56 10 Station D 47.10 5 15111220090401015203 2015-11-12 20:09 1 Station E 8.50

slide-15
SLIDE 15

15

System Implementation

  • Server with 100Mbps network

5 ACR 122u readers with 5 CTC cards Cellphones:

  • Samsung Galaxy S5
  • Huawei Mate 7
  • Moto XT1095
  • LGE Nexus 5X

MNOs:

  • LTE-TDD
  • LTE-FDD
slide-16
SLIDE 16

16

System Implementation

  • Card Pool

Dispatcher

Card 1 Card 1 Card 1 Card 1

Available Cards

Card 1 Card 1 Card 1 Card 1

In Use Cards Timeout / Transaction Finished Lock

HTTP Request HTTP Response

New client: Fetch a new card In-use client: Read from pool

  • Fig. 7: Card pool scheduler.
slide-17
SLIDE 17

17

Performance

  • $ 3

97.6% Failure 2.4% $ 3 12.7% $ 4 23.3% $ 5 34.4% $ 6 15.5% $ 7 7.7% $ 8 5.1% $ 9 1.3%

Users should pay the fares from $3 to $9. Except for 2.4% failures, users actually paid only $3.

slide-18
SLIDE 18

18

Performance

  • 50

100 150 200

Card Pool Size

4000 8000 12000 16000

Users

Service Denial Rate = 0.1 Service Denial Rate = 0.2

slide-19
SLIDE 19

19

Performance

slide-20
SLIDE 20

20

Countermeasures

  • 1. Switch to online transactions
  • 2. Encrypt/sign data
  • 3. Use secure messaging in ISO/IEC 7816-4
  • 4. Detect relay attack
slide-21
SLIDE 21

21

Conclusions

  • 1.We construct a large-scale invisible attack on AFC systems with NFC-

equipped smartphones, thus enabling users to pay much less than actually required. 2.We develop an HCE app, named LessPay, based on our constructed attack. 3.We evaluate LessPay with real-world large-scale experiments, which not

  • nly demonstrate the feasibility of our attack, but also shows its low-
  • verhead in terms of bandwidth and computation.
slide-22
SLIDE 22

Q&A