legic prime obscurity in depth
play

Legic Prime: Obscurity in Depth Analyzing LEGIC RF The case of the - PowerPoint PPT Presentation

Feb 23, 2023 •122 likes •861 views

Legic Prime: Obscurity in Depth Henryk Pl otz, Karsten Nohl Legic Primer Master Token System Control Attack overview Legic Prime: Obscurity in Depth Analyzing LEGIC RF The case of the CRC The obfuscation Henryk Pl otz, Karsten

  1. Legic Prime: Obscurity in Depth Henryk Pl¨ otz, Karsten Nohl Legic Primer Master Token System Control Attack overview Legic Prime: Obscurity in Depth Analyzing LEGIC RF The case of the CRC The obfuscation Henryk Pl¨ otz, Karsten Nohl function Understanding the ploetz@informatik.hu-berlin.de , Legic Prime protocol nohl@virginia.edu Mastering MTSC Comprehending card contents Conclusions December 28th 2009 (1/45) Legic Prime: Obscurity in Depth – 2009-12-28

  2. Legic Prime: Legic tokens are RFID access and payment Obscurity in Depth Henryk Pl¨ otz, cards Karsten Nohl Legic Primer Master Token System Control Attack overview Analyzing LEGIC ◮ Contactless smart cards at 13.56MHz RF The case of the CRC ◮ Legic Prime: Proprietary, marketed The obfuscation function since 1992 Understanding the ◮ Legic Advant: ISO compliant, Legic Prime protocol marketed since 2004 Mastering MTSC ◮ Predominantly used in access control, Comprehending card contents but payment applications exist (i.e., Conclusions cafeteria) ◮ Can hold several applications, but this feature is rarely seen (2/45) Legic Prime: Obscurity in Depth – 2009-12-28

  3. Legic Prime: Legic Prime Obscurity in Depth Henryk Pl¨ otz, Karsten Nohl Legic Primer Master Token System ◮ Old card type, as old as Mifare Classic Control Attack overview (and at least as insecure) Analyzing LEGIC RF ◮ Proprietary radio protocol (applied to The case of the CRC become ISO 14443 Appendix F): The obfuscation function ”LEGIC RF“ Understanding the Legic Prime ◮ Proprietary ’Legic Encryption‘ protocol ◮ Slow data rate ( ∼ 10 kbit/s), Mastering MTSC Comprehending comparatively high read range card contents (supposedly up to 70 cm) Conclusions ◮ Card types: MIM22 (outdated), MIM256 (234 bytes storage), MIM1024 (1002 bytes storage) (3/45) Legic Prime: Obscurity in Depth – 2009-12-28

  4. Legic Prime: Legic Advant Obscurity in Depth Henryk Pl¨ otz, Karsten Nohl Legic Primer Master Token System Control Attack overview ◮ New card type, developed in the 2000’s Analyzing LEGIC RF ◮ Based on ISO 14443A or ISO 15693 The case of the CRC The obfuscation ◮ 3DES or AES, also backward function compatible to ’Legic Encryption‘ Understanding the Legic Prime protocol ◮ Several ATC card types with varying Mastering MTSC sizes (15693: 128-944 bytes, 14443: Comprehending 544-3680 bytes) card contents Conclusions ◮ Not yet analyzed by us, therefore not covered in this talk (4/45) Legic Prime: Obscurity in Depth – 2009-12-28

  5. Legic Prime: Legic takes obscurity to the extreme Obscurity in Depth Henryk Pl¨ otz, Karsten Nohl Legic Primer Master Token System Control Attack overview Analyzing LEGIC ◮ Shrouded in a cloud of closed-ness and exclusivity RF The case of the CRC ◮ Compared to Mifare: much harder to get cards and readers The obfuscation function on the free market (this is on purpose) Understanding the ◮ No documentation available beyond layer 1+2 Legic Prime protocol (in rejected ISO 14443F) Mastering MTSC ◮ Most marketed feature and main difference to other Comprehending card contents systems: Master Token System Control Conclusions (5/45) Legic Prime: Obscurity in Depth – 2009-12-28

  6. Legic Prime: Master Token System Control Obscurity in Depth Henryk Pl¨ otz, Karsten Nohl The powerful LEGIC Master-Token System Control Legic Primer Master Token System (MTSC) [...] is unique in the security industry. With Control Attack overview MTSC no sensitive passwords are needed. Instead, a Analyzing LEGIC special physical Master-Token [...] is used containing RF The case of the CRC a unique genetic code which securely links cards and The obfuscation readers. – Source: function Understanding the http://www.legic.com/unique security.html Legic Prime protocol Mastering MTSC ◮ Cards are segmented and access is regulated on a Comprehending per-segment basis card contents Conclusions ◮ Segment access is bestowed not through the knowledge of keys or passwords but through a physical token ◮ The MSTC token itself is a Legic card (either Prime or Advant) (6/45) Legic Prime: Obscurity in Depth – 2009-12-28

  7. Legic Prime: Segment protection Obscurity in Depth Henryk Pl¨ otz, Karsten Nohl Legic Primer ◮ Node identifier in the master token structure is called the Master Token System Control stamp (or ’genetic code‘) Attack overview ◮ Segments on cards are imprinted with a stamp on creation Analyzing LEGIC RF ◮ Stamp comes from the token that authorized the creation The case of the CRC The obfuscation ◮ Stamp can not be changed function Understanding the ◮ Optionally, segments can be ”read protected“ Legic Prime protocol ◮ Readers are initialized with access rights for Mastering MTSC none/one/multiple stamps Comprehending card contents ◮ Card–Reader interaction: Conclusions ◮ Read read-protected segment and write: only if reader has access rights for that segment’s stamp ◮ Read non-read-protected segments: All readers can do this (7/45) Legic Prime: Obscurity in Depth – 2009-12-28

  8. Legic Prime: MTSC Structure Obscurity in Depth Henryk Pl¨ otz, ◮ Token structure is hierarchical: a token can only create Karsten Nohl objects with higher nesting level than its own → longer Legic Primer Master Token System stamp, but same prefix Control Attack overview Analyzing LEGIC RF The case of the CRC The obfuscation function Understanding the Legic Prime protocol Mastering MTSC Comprehending card contents Conclusions (8/45) Legic Prime: Obscurity in Depth – 2009-12-28

  9. Legic Prime: Token Types Obscurity in Depth Henryk Pl¨ otz, Karsten Nohl General Authorization Media (GAM) Legic Primer Master Token System Token-creating token that carries the Control temporary authorization to create Attack overview Analyzing LEGIC sub-tokens RF The case of the CRC The obfuscation Identification Authorization Media (IAM) function Segment-creating token that carries Understanding the Legic Prime the temporary authorization to create protocol segments on cards Mastering MTSC Comprehending card contents System Authorization Media (SAM) Conclusions ’Reader-creating‘ token that bestows the permanent authorization to write to existing segments on cards (and read read-protected segments) (9/45) Legic Prime: Obscurity in Depth – 2009-12-28

  10. Legic Prime: Token Sub-Types Obscurity in Depth Henryk Pl¨ otz, Karsten Nohl Legic Primer Master Token System ◮ For the SAM (a.k.a. SAM63, a.k.a ’Taufkarte‘), which Control Attack overview ’launches‘ readers (’ taufen ‘), there is a counterpart: Analyzing LEGIC SAM64 (a.k.a ’Enttaufkarte‘) to de-launch readers RF The case of the CRC (’ enttaufen ‘) The obfuscation function ◮ Other types (possibly restricted to advant): Understanding the XAM Permanent permission to create segments Legic Prime protocol (e.g. a launching version of IAM) Mastering MTSC IAM+ Restricted version of IAM, which only allows Comprehending card contents to create a given number of segments Conclusions ◮ There are references to SAM4 ’Parametrierkarte‘, which changes reader parameters. Also some systems may use other ’SAM...‘ types for sneakernet purposes. (10/45) Legic Prime: Obscurity in Depth – 2009-12-28

  11. Legic Prime: Roadmap and attack targets Obscurity in Depth Henryk Pl¨ otz, Karsten Nohl Legic Primer Master Token System Control Attack overview Analyzing LEGIC RF The case of the CRC The obfuscation function Understanding the Legic Prime ◮ Attacks were implemented using the Proxmark3: protocol Mastering MTSC Comprehending card contents Conclusions (11/45) Legic Prime: Obscurity in Depth – 2009-12-28

  12. Legic Prime: LEGIC RF Obscurity in Depth Henryk Pl¨ otz, Karsten Nohl Legic Primer Master Token System Control Attack overview ◮ ISO 14443 Annex F gives general parameters: Analyzing LEGIC ◮ RWD to TAG: Pulse-pause modulation, 100% AM, RF The case of the CRC off-duration: 20 µ s, ’0‘-bit: on-duration 40 µ s, ’1‘-bit: The obfuscation function on-duration 80 µ s, data rate 10 kHz–16.6 . . . kHz Understanding the (data-dependent) Legic Prime protocol ◮ TAG to RWD: On-off-keying, load-modulation, subcarrier Mastering MTSC f c / 64 ( ∼ 212kHz), bit-duration: 100 µ s Comprehending ◮ Framing ”defined by the synchronization of the card contents communication“ Conclusions ◮ No frame start/stop information for tag originated frames (12/45) Legic Prime: Obscurity in Depth – 2009-12-28

  13. Legic Prime: Sniffing LEGIC RF Obscurity in Depth Henryk Pl¨ otz, Karsten Nohl ◮ Sniffing with OpenPICC2 (fixed threshold, not so good) or Legic Primer Master Token System Proxmark3 (hysteresis, much better) and oscilloscope or Control logic analyzer Attack overview Analyzing LEGIC RF The case of the CRC The obfuscation function Understanding the Legic Prime protocol Mastering MTSC Comprehending card contents Conclusions (13/45) Legic Prime: Obscurity in Depth – 2009-12-28

  14. Legic Prime: Sniffing LEGIC RF Obscurity in Depth Henryk Pl¨ otz, Karsten Nohl ◮ Oscilloscope view: Legic Primer Master Token System Control Attack overview Analyzing LEGIC RF The case of the CRC The obfuscation function Understanding the Legic Prime protocol Mastering MTSC Comprehending card contents Conclusions (13/45) Legic Prime: Obscurity in Depth – 2009-12-28

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Hemip Hem iplegic legic Sh Shou oulder lder Power Point for staff education sessions

Hemip Hem iplegic legic Sh Shou oulder lder Power Point for staff education sessions

Hemip Hem iplegic legic Sh Shou oulder lder Power Point for staff education sessions Presented by Cathy McBay and Candace Coe HHS Stroke ke Annual al Review ew March h 7 and 7, 2018 www ww.s .swost ostroke.ca .ca Overv verview

377 views • 27 slides
PATERSON RELATIONSHIP & INFLUENCE MAPPING EQUATION (PRIME) PRIME GOALS PRIME is an

PATERSON RELATIONSHIP & INFLUENCE MAPPING EQUATION (PRIME) PRIME GOALS PRIME is an

PATERSON RELATIONSHIP & INFLUENCE MAPPING EQUATION (PRIME) PRIME GOALS PRIME is an organized analysis of the political and institutional factors that impact economic, development and social services outcomes in Paterson New Jersey.

409 views • 16 slides
CSE not every positive integer is prime 311 some positive integer is not prime prime

CSE not every positive integer is prime 311 some positive integer is not prime prime

Negations of quantifiers CSE not every positive integer is prime 311 some positive integer is not prime prime numbers do not exist Foundations of every positive integer is not prime Computing I Fall 2014 Negations of

351 views • 6 slides
Memor ory D y Defen enses es The Elevation from Obscurity to Headlines Rajeev Balasubramonian

Memor ory D y Defen enses es The Elevation from Obscurity to Headlines Rajeev Balasubramonian

Memor ory D y Defen enses es The Elevation from Obscurity to Headlines Rajeev Balasubramonian School of Computing, University of Utah 2 Image sources: pinterest, gizmodo Spectre Overview x is controlled Thanks to bpred, x can be

740 views • 30 slides
Power Analysis on NTRU Prime Wei-Lun Huang, Jiun-Peng Chen, Bo-Yin Yang Academia Sinica, Taiwan

Power Analysis on NTRU Prime Wei-Lun Huang, Jiun-Peng Chen, Bo-Yin Yang Academia Sinica, Taiwan

Power Analysis on NTRU Prime Wei-Lun Huang, Jiun-Peng Chen, Bo-Yin Yang Academia Sinica, Taiwan CHES 2020 1 Topics NTRU Prime A Brief Preview Correlation Power Analysis: vertical vs. horizontal in-depth Online Template

1.38k views • 50 slides
Moving Hardware from Security through Obscurity to Secure by Design Profe fess ssor

Moving Hardware from Security through Obscurity to Secure by Design Profe fess ssor

Moving Hardware from Security through Obscurity to Secure by Design Profe fess ssor or Ryan Kastner er Dept. of Computer ter Science e and Engineer ineering ing Unive vers rsity ity of Californi ornia, a, San Diego

743 views • 41 slides
PRIME Introduction to PRIME Logistics and Timelines About Us 1 Office of Global Programs &

PRIME Introduction to PRIME Logistics and Timelines About Us 1 Office of Global Programs &

2020 Marshall School of Business GSBA 580 PRIME Introduction to PRIME Logistics and Timelines About Us 1 Office of Global Programs & Partnerships (GPP) What We Do 2 Our role in facilitating your Agenda PRIME experience Program

162 views • 14 slides
Indian Oil Corporation Limited Mathura Refinery 1 What is Prime-G + Prime-G + Process

Indian Oil Corporation Limited Mathura Refinery 1 What is Prime-G + Prime-G + Process

Indian Oil Corporation Limited Mathura Refinery 1 What is Prime-G + Prime-G + Process & APC from Licensers perspective APC in IOCL Prime-G + APC scheme Model and Control Concept APC Performance APC Benefit in

1.59k views • 29 slides
Overview of one-year experience of PRIME eligibility assessment First anniversary of PRIME:

Overview of one-year experience of PRIME eligibility assessment First anniversary of PRIME:

Overview of one-year experience of PRIME eligibility assessment First anniversary of PRIME: experience so far, 19 May 2017 Presented by Robert Hemmings SAWP chair An agency of the European Union Eligibility to PRIME scheme Based on

480 views • 27 slides
Android Security CS 4720 Mobile Application Development CS 4720 Security through Obscurity

Android Security CS 4720 Mobile Application Development CS 4720 Security through Obscurity

Android Security CS 4720 Mobile Application Development CS 4720 Security through Obscurity It used to be that phones had so little connectivity to devices other than the phone network that security wasn't a huge deal Phone number

660 views • 15 slides
Factoring Done by:Rashed salmeen Grade:9ASP2 Prime factorization Prime factorization:is finding

Factoring Done by:Rashed salmeen Grade:9ASP2 Prime factorization Prime factorization:is finding

Factoring Done by:Rashed salmeen Grade:9ASP2 Prime factorization Prime factorization:is finding which prime numbers multiply together to make the original number. Examples: 27 18 2 9 3 9 3 3 3 3 18=2x3x3 27=3x3x3 greatest common

365 views • 11 slides
Norma Kathleen Hemming (1927-1960) and her life and times, descent into obscurity and rediscovery

Norma Kathleen Hemming (1927-1960) and her life and times, descent into obscurity and rediscovery

Norma Kathleen Hemming (1927-1960) and her life and times, descent into obscurity and rediscovery at the turn of the century Norma Kathleen Hemming (19271960) was a British author who migrated to Australia with her family in 1949 and wrote

142 views • 12 slides
Tsinghua University Monocular Depth-Pose Prediction [R, t] Depth and Pose RGB PoseNet

Tsinghua University Monocular Depth-Pose Prediction [R, t] Depth and Pose RGB PoseNet

Wang Zhao, Shaohui Liu, Yezhi Shu, Yong-Jin Liu Tsinghua University Monocular Depth-Pose Prediction [R, t] Depth and Pose RGB PoseNet Fails to Generalize! All Drift ! Depth estimation in Indoor environments with Visual Odometry with

610 views • 15 slides
PRIME FINANCIAL (ASX PFG) Presented by Simon Madder (CEO) Prime Financial Group Ltd (ASX PFG) 27

PRIME FINANCIAL (ASX PFG) Presented by Simon Madder (CEO) Prime Financial Group Ltd (ASX PFG) 27

PRIME FINANCIAL (ASX PFG) Presented by Simon Madder (CEO) Prime Financial Group Ltd (ASX PFG) 27 June 2017 Important Notice And Disclaimer This investor presentation ( Presentation ) has been prepared by Prime Financial Group Limited ( PFG ).

410 views • 17 slides
Prime Numbers Prime Numbers Prime number : an integer p>1 that is divisible only by 1 and

Prime Numbers Prime Numbers Prime number : an integer p>1 that is divisible only by 1 and

Prime Numbers Prime Numbers Prime number : an integer p>1 that is divisible only by 1 and itself, ex. 2, 3,5, 7, 11, 13, 17 Composite number : an integer n>1 that is not prime p g p Prime Numbers Fact : there are

472 views • 15 slides
RGBD Tutorial 14210240041 Gu Pan Image RGB YUV Lab Depth Image RGB image Depth image Each pixel in

RGBD Tutorial 14210240041 Gu Pan Image RGB YUV Lab Depth Image RGB image Depth image Each pixel in

RGBD Tutorial 14210240041 Gu Pan Image RGB YUV Lab Depth Image RGB image Depth image Each pixel in depth image shows the distance to camera Device Kinect Kinect2 (we use) SoftKinetic Leapmotion Kinect Depth camera developed by

480 views • 29 slides
cheungkt,foltztm,ngop, hannumed,hugheyjm,weavergg,woodhaal 07 Browse its Planning folder

cheungkt,foltztm,ngop, hannumed,hugheyjm,weavergg,woodhaal 07 Browse its Planning folder

n Team am 01 amanb,labarpr,walthagd, Sit with your team (in two rows, so 02 breenjw,eatonmi,runchemr, that you can face 03 buqshank,macshake,mcgeevsa,smebaksg each other) 04 correlbn,moravemj,shinnsm,wanstrnj Check out

360 views • 20 slides
Analysis of 802.11 Securit y or Wired Equivalent Privacy I snt Nikit a Borisov, I an

Analysis of 802.11 Securit y or Wired Equivalent Privacy I snt Nikit a Borisov, I an

Analysis of 802.11 Securit y or Wired Equivalent Privacy I snt Nikit a Borisov, I an Goldberg, and David Wagner WEP Prot ocol Wired Equivalent Privacy Part of t he 802.11 Link-layer securit y prot ocol Securit y Goals

608 views • 25 slides
Enabling Sustainable Clouds via Environmentally Opportunistic Computing Michal Witkowski, Paul

Enabling Sustainable Clouds via Environmentally Opportunistic Computing Michal Witkowski, Paul

Enabling Sustainable Clouds via Environmentally Opportunistic Computing Michal Witkowski, Paul Brenner, Ryan Jansen, David B. Go, and Eric Ward Paul Brenner, PhD, PE Associate Director Notre Dame Center for Research Computing

290 views • 15 slides
ECEN 5682 Theory and Practice of Error Control Codes Cyclic Codes Peter Mathys University of

ECEN 5682 Theory and Practice of Error Control Codes Cyclic Codes Peter Mathys University of

Cyclic Codes ECEN 5682 Theory and Practice of Error Control Codes Cyclic Codes Peter Mathys University of Colorado Spring 2007 Peter Mathys ECEN 5682 Theory and Practice of Error Control Codes Cyclic Codes, Basic Definitions Cyclic Codes

739 views • 29 slides
EVICTIONS BEFORE YOU FILE AN EVICTION CASE JDF 101: THE DEMAND FOR COMPLIANCE JDF 97:

EVICTIONS BEFORE YOU FILE AN EVICTION CASE JDF 101: THE DEMAND FOR COMPLIANCE JDF 97:

EVICTIONS BEFORE YOU FILE AN EVICTION CASE JDF 101: THE DEMAND FOR COMPLIANCE JDF 97: NOTICE TO QUIT OR RIGHT TO POSSESSION NOTICE Used when the lease with the renter has ended Used when the renter isnt paying rent or is A

345 views • 18 slides
CRC-Aided Belief Propagation List Decoding of Polar Codes M. Geiselhart, A. Elkelesh, M. Ebada

CRC-Aided Belief Propagation List Decoding of Polar Codes M. Geiselhart, A. Elkelesh, M. Ebada

.inue.uni-stuttgart.de CRC-Aided Belief Propagation List Decoding of Polar Codes M. Geiselhart, A. Elkelesh, M. Ebada S. Cammerer, S. ten Brink www University of Stuttgart ISIT 2020 21. - 26. June 2020 Institute of Telecommunications

545 views • 41 slides
Dear California Commissioners: Outreach Lessons Learned OCTOBER 7, 2020 CONNIE MALLOY CRC

Dear California Commissioners: Outreach Lessons Learned OCTOBER 7, 2020 CONNIE MALLOY CRC

Dear California Commissioners: Outreach Lessons Learned OCTOBER 7, 2020 CONNIE MALLOY CRC COMMISSIONER & ROTATING CHAIR 2011 CYCLE Lesson #1 Organize the Commissions outreach & operations to reflect your shared mission and

581 views • 11 slides
E-Passport Survey Serge Vaudenay and Martin Vuagnoux COLE POLYTECHNIQUE FDRALE DE LAUSANNE

E-Passport Survey Serge Vaudenay and Martin Vuagnoux COLE POLYTECHNIQUE FDRALE DE LAUSANNE

E-Passport Survey Serge Vaudenay and Martin Vuagnoux COLE POLYTECHNIQUE FDRALE DE LAUSANNE http://lasecwww.epfl.ch/ SV 2007 e-passport survey Eurocrypt 2007 1 / 13 Machine-Readable Travel Document (MRTD) History 1968: ICAO starts

474 views • 13 slides

More recommend