French security services firm Quarkslab has made an eye-popping discovery: a significant backdoor in millions of contactless cards made by Shanghai Fudan Microelectronics Group, a leading chip manufacturer in China.
The backdoor, documented in a research paper by Quarkslab researcher Philippe Teuwen, allows the instantaneous cloning of RFID smart cards used to open office doors and hotel rooms around the world.
Although the backdoor requires just a few minutes of physical proximity to an affected card to conduct an attack, an attacker in a position to carry out a supply chain attack could execute such attacks instantaneously at scale, Teuwen explained in the paper (PDF).
Teuwen said he discovered the backdoor while conducting security experiments on the MIFARE Classic card family that is widely deployed in public transportation and the hospitality industry.
The MIFARE Classic card family, originally launched in 1994 by Philips (now NXP Semiconductors), are widely used and have been subjected to numerous attacks over the years.
Security vulnerabilities that allow “card-only” attacks (attacks that require access to a card but not the corresponding card reader) are of particular concern as they may enable attackers to clone cards, or to read and write their content, just by having physical proximity for a few minutes. Over the years, new versions of the MIFARE Classic family fixed the different types of attacks documented by security researchers.
In 2020, the FM11RF08S variant of the MIFARE Classic was released by Shanghai Fudan Microelectronics, the leading chinese manufacturer of unlicensed “MIFARE compatible” chips. Teuwen noted that this variant features specific countermeasures designed to thwart all known card-only attacks and has gradually gained market share worldwide.
While looking at Shanghai Fudan’s FM11RF08S cards, which use a countermeasure dubbed by the community as “static encrypted nonce,” Teuwen devised an attack for that variant capable of cracking FM11RF08S keys in a few minutes if they are being reused across at least three sectors or three cards.
Additional research revealed a hardware backdoor that allows authentication with an unknown key. Teuwen then used the new attack to obtain (“crack”) that secret key and found it to be common to all existing FM11RF08S cards.
Teuwen then discovered a similar backdoor, protected with another key, in the previous card generation (FM11RF08). After this second secret key was also cracked it was discovered that the key is common to all FM11RF08 cards, as well as other models from the same vendor (FM11RF32, FM1208-10), and even some old cards from NXP Semiconductors and Infineon Technologies.
“The FM11RF08S backdoor enables any entity with knowledge of it to compromise all user-defined keys on these cards, even when fully diversified, simply by accessing the card for a few minutes,” Quarkslab said in a note, urging consumers to swiftly check their infrastructure and assess the risks.
“Many are probably unaware that the MIFARE Classic cards they obtained from their supplier are actually Fudan FM11RF08 or FM11RF08S, as these two chip references are not limited to the Chinese market. For example, we found these cards in numerous hotels across the US, Europe, and India,” the company said.
Related: Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II
Related: Security Defects in TPM 2.0 Spec Raise Alarm
Related: Critical Flaw in Google’s Titan M Chip Earns Researchers $75,000