How to use mifare classic as a key?

0
votes

I know using mifare classic is not as secure as mifare desfire, but I don't have enough knowledge with desfire neither mifare plus yet so I'll start with classic first.

I would like to implement mifare classic in a door lock, but I don't know how. Let's just say I will use the sector 4. Then I'll change the authentication key. Then what's next? Is this all I need to do? Or should I write something on the blocks?

Is it:

A) 1. Authenticate sector 4.

  1. If authentication succeed open door

or

B) 1. Authenticate sector 4

  1. If authentication succeed, read block 2

  2. Verify block 2.

  3. If block 2 is verified, open door.

In my view, option B is way better, or is it? Any other tips how can I use mifare classic as a door lock key?

1
rfidmifare

1 Answers

0
votes

If you take traditional door locks, there are two main (non destructive) threats: key cloning (presenting a copy of genuine key), and lock-picking (unlocking with tools, without knowledge of genuine key). Digital door locks are the same.

With MFC, key cloning is trivial, so I'll assume you dont really care about this threat. We are left with lock-picking, which is taking card role, either with another card, or some active device emulating its protocol, and making it behave like genuine card.

From a pure protocol point of view, solution A is bad (there is an existing "reader-only" attack where an emulated card can recover sector key from a genuine reader with only two authentication attempts). That means the door lock would give out the actual key to lock-picker.

Solution B is better if "Verify block 2" is not relying on card crypto, but on a signed payload contained in card, in which case you can skip steps 1 and 2.

Overall, none of them is reliable enough for a door lock today.

If you are designing a system today, try Mifare Plus, DesFire, or something else, but not MFC.