Proxmark3 community

Research, development and trades concerning the powerful Proxmark3 device.

Remember; sharing is caring. Bring something back to the community.


"Learn the tools of the trade the hard way." +Fravia

You are not logged in.

Announcement

Time changes and with it the technology
Proxmark3 @ discord

Users of this forum, please be aware that information stored on this site is not private.

#1 2014-07-05 21:00:24

yto
Member
Registered: 2014-07-05
Posts: 4

New deploy: Mifare 13.56mhz generally more secure vs Prox 125khz?

After reviewing most of the hacking activity regarding Mifare classic and Prox we are looking for some comments.

We are looking to deploy dozens of controllers and readers and have the option between 13.56mhz or 125khz. We are awaiting communication from the access control software vendor if the Mifare option is able to take advantage of any encryption or additional security features of Mifare plus or desfire. In the software all we see when reading and entering card management for Mifare is 'Mifare csn' and 'Mifare template'.

If the software, controllers, and readers only read Mifare CSN (card serial number or uid) is it fair to say that their are little to no security benefits from using Mifare versus Prox readers and cards?

The only concerns then regarding Prox that come to mind are longer range Prox readers that allow being several feet nearby the target. Besides that using nonsequential card numbers may offer some obscurity from brute forcing elevated priveleges after an attacker has read a less privileged card near the site.

Are Mifare UID or CSN generally randomly assigned to lots of 100 cards or are they sequential or available to choose when custom ordering? What are the longer range maximum reading distances possible with Mifare custom antennas and readers?

Offline

#2 2014-07-06 02:23:28

0xFFFF
Administrator
From: Vic - Australia
Registered: 2011-05-31
Posts: 632

Re: New deploy: Mifare 13.56mhz generally more secure vs Prox 125khz?

yto wrote:

If the software, controllers, and readers only read Mifare CSN (card serial number or uid) is it fair to say that their are little to no security benefits from using Mifare versus Prox readers and cards?

I agree.

yto wrote:

Are Mifare UID or CSN generally randomly assigned to lots of 100 cards or are they sequential or available to choose when custom ordering?

You can not choose a CSN range when ordering. ISO cards usually ship in boxes of 200. Within each box there may be some sequential numbers.

yto wrote:

What are the longer range maximum reading distances possible with Mifare custom antennas and readers?

I have seen readers with a read range over 1m.

Offline

#3 2014-07-07 20:03:41

yto
Member
Registered: 2014-07-05
Posts: 4

Re: New deploy: Mifare 13.56mhz generally more secure vs Prox 125khz?

I received an update from the software and reader vendor and their mifare solution has the ability to use sitekeys as pictured below. The primary sitekey is a new active key and the secondary is a rolled over primary that is used temporarily to grant access and update cards with the new primary.

Is the sitekey simply the private key for encrypting data on the cards?

http://imageshack.us/photo/my-images/819/ed3n.jpg/


During the deploy I will buy hardware to test and try and circumvent the solution but assuming it is properly functioning and not only authenticating csn/uid is it correct that an attacker should be required to first find the key in order to make functioning duplicates of the mifare cards?

I know that the mifare classic cards have been vulnerable for years but is it fair to suggest creating sitekeys would make the mifare solution a little more secure and less trivial of a vulnerability than prox?

Thanks

Offline

Board footer

Powered by FluxBB