bachelor

Recommendations

Info

18 Security analysis and threat model The threats that the maintainers care about the most are the ones that are difficult to check in that database checks. If a hacker finds out a way to have the checking terminals accept a Rejsekort but report either invalid or no data to the back office, then the system is in trouble. This can potentially lead to the company losing a lot of money, which is why such an attack is called damaging. It is possible to construct a two-dimensional coordinate system ranging from “hard” to “easy to pull off” on one axis and “little” to “much damage” on the other, see Figure 2.1. Generally speaking the most dangerous attacks are the ones that are both easy to pull off and very dangerous. Very damaging Hard to pull off Easy to pull off Not very damaging Figure 2.1: A 2D coordinate system describing the parameters that are significant to RKF, as well as a marked area describing the “significance threshold.” Since the coordinate system cannot have any units on the axes it is difficult to place any attacks in there. It just exemplifies that, theoretically, very damaging attacks are not necessarily very hard to pull off. In addition, since Rejsekortet is a system that is made in accordance with the RKF standard, it is very likely that some security flaw that might exist in Rejsekortet would also work in the Swedish “Resekortet” system.
2.2 Attack classes 19 2.2 Attack classes There are four basic kinds of attacks that can be applied to Rejsekortet, each representing four different ways of approaching defrauding of the system. They are as follows: • Rollback attacks in which the attacker loads back an older state of the card. This kind of attacks need not much more than the possession of a card reader to be carried out. • Attacking the MAC allows forging of valid data to make the system think it issued it itself. This leads to the attacker being able to add money, tickets, discount rates, etc. to his/her card. A successful MAC attack would require the recovery of the key for the DES-MAC used, which has a complexity of 2 56 . • Masquerading attacks in which an adversary impersonates another (legitimate) user of the system. • Attacks on the infrastructure. These attacks will not be described in much detail, only possible attack vectors will be set forward. It is impossible to know how the system works without physical access to the innards, therefore this kinds of attacks will remain speculative until more details about the hardware is known. Another thing that has to be taken into consideration is vandalism. Even though this kind of attacks does not offer anything to the attacker, it must still be taken seriously—one cannot leave out the possibility of people deliberately trying to disrupt the system for fun. 2.3 Analysis of the security As written in 1.3 Rejsekortet has three lines of defense. The first one is the use of Mifare Classic itself; the user is not supposed to be reading or writing to his/her card at all! However, as described in 1.3.1.1 some attacks on Mifare makes it possible to do just that, making the Rejsekort security depend solely on the DES-MAC and database sanity checks. This section will describe some remarks—both positive and negative—to the security system described in the available documents.
Page 1 and 2: Cryptanalysis of Rejsekortet Jens C
Page 3: 3 Abstract. This bachelor thesis an
Page 7: Resumé Denne bachelorafhandling er
Page 10 and 11: vi Glossary Rejsekort(et) Danish fo
Page 12 and 13: viii
Page 14 and 15: x CONTENTS 4.3 Other improvements .
Page 16 and 17: 2 On Rejsekortet Disclaimer: This r
Page 18 and 19: 4 On Rejsekortet are even capable o
Page 20 and 21: 6 On Rejsekortet 1.2.3 Mifare Mifar
Page 22 and 23: 8 On Rejsekortet 1. Reader sends a
Page 24 and 25: 10 On Rejsekortet Time of transacti
Page 26 and 27: 12 On Rejsekortet Figure 1.3: The C
Page 28 and 29: 14 On Rejsekortet 1.3.2.1 CBC-MAC C
Page 30 and 31: 16 On Rejsekortet
Page 34 and 35: 20 Security analysis and threat mod
Page 36 and 37: 22 Security analysis and threat mod
Page 38 and 39: 24 Attacks on Rejsekortet 3.1 Rollb
Page 40 and 41: 26 Attacks on Rejsekortet 3.2 Attac
Page 42 and 43: 28 Attacks on Rejsekortet and cumbe
Page 44 and 45: 30 Attacks on Rejsekortet hash valu
Page 46 and 47: 32 Attacks on Rejsekortet 3.2.4 Int
Page 48 and 49: 34 Attacks on Rejsekortet 3.2.5 App
Page 50 and 51: 36 Attacks on Rejsekortet 3.2.6.2 T
Page 52 and 53: 38 Attacks on Rejsekortet Language
Page 54 and 55: 40 Attacks on Rejsekortet It is not
Page 56 and 57: 42 Attacks on Rejsekortet specifica
Page 58 and 59: 44 Attacks on Rejsekortet might pro
Page 60 and 61: 46 Attacks on Rejsekortet that the
Page 62 and 63: 48 Attacks on Rejsekortet
Page 64 and 65: 50 Improvements 4.1.1 New MAC algor
Page 66 and 67: 52 Improvements functions tend to b
Page 68 and 69: 54 Improvements
Page 70 and 71: 56 Conclusion of the pre-computatio
Page 72 and 73: 58 Related research Sector 04 - UNK
Page 74 and 75: 60 Mail correspondence enquire abou
Page 76 and 77: 62 Mail correspondence * Kodningspr
Page 78 and 79: 64 Mail correspondence Som ingeniø
Page 80: 66 BIBLIOGRAPHY [9] Philippe Oechsl

bachelor

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?