Security of MF3ICD40
Dear MF3ICD40 user,
NXP Semiconductors wishes to provide you with an update on our MIFARE DESFire MF3ICD40.
In June 2010 we started to inform our direct customers and eco-system partners that we would discontinue the MF3ICD40 at the end of 2011. In April 2011 the University of Bochum, Germany, informed NXP that their cryptographic research group, led by Professor Paar, had successfully attacked the MF3ICD40. The research group also informed us of their intent to publish the attack at the annual Workshop on Cryptographic Hardware and Embedded Systems (CHES), held September 28 to October 1 2011. Upon receiving this information NXP contacted its customers and partners about the potential security risk and to offer additional support in the migration to MIFARE DESFire EV1. In light of the workshop (CHES) we’d like to provide you with additional information regarding the attack and possible consequences.
The research group of Prof. Paar at the University of Bochum is one of the largest groups in Europe working in the field of security of embedded systems. Their specialty is the application of non-invasive side-channel attacks on the underlying hardware of the card IC - attack methods that CC EAL 4+ products must resist. Nine years after its introduction the non-certified MIFARE DESFire MF3ICD40 was subject to a successful Differential Power Analysis (DPA) to retrieve secret information in the card.
A Differential Power Analysis (DPA) attack is a method used to determine, for example, a secret key used in an electronic device by either measuring its power consumption directly, or the electromagnetic radiation coming off the device. The card does not get damaged and hence the card has no way of knowing it is being attacked. A DPA attack needs to be conducted in a well controlled laboratory setting and needs expert knowledge, it cannot be done by simply walking past a card holder. It takes some time to perform the attack on a well-established test bench – from a few hours to a few days, depending on the quality of the measurement. The test bench itself will take a much longer time to setup by someone with good knowledge of DPA attack. The University of Bochum needed many months for their initial successful attack.
As mentioned above, the research group at Bochum University have been open with NXP about their intent to publicize the DPA attack, and we, in turn, have shared this information with you, our customers and partners. NXP respects the freedom of research and welcomes the contributions of the research community to improve the security and privacy of its products. As the global industry leader in identification and security, we recognize our commitment to collaborate with external security researches in order to raise the security of the smart card industry to a new level.
If the attack scenario is described at CHES it will still be difficult for others using academic lab equipment to successfully replicate it, and it will still take time from hours to a few days. Also, the impact of a successful attack depends on the end-to-end system security design of each individual infrastructure and whether diversified keys – recommended by NXP – are being used. If this is the case, a stolen or lost card can be disabled simply by the operator detecting the fraud and blacklisting the card, however this operation assumes that the operator has those mechanisms implemented. This will make it even harder to replicate the attack with a commercial purpose. End consumers will hardly be affected: the theft of a wallet can pose a greater threat to personal belongings than the attack on a public transport card which also needs to be stolen in order to be successfully attacked – and there is typically no banking data stored on a MIFARE DESFire MF3ICD40.
To ensure that customers and partners receive products with the best performance and security NXP constantly improves its MIFARE portfolio with the concept of evolving platforms. While the underlying product hardware is upgraded in terms of its performance and security, we keep next generation products functionally backwards compatible to ensure that the infrastructure can adopt the new product evolution without major upgrades. In this way, our customers can take advantage of the new technology with minimum or no additional investment into their infrastructure. The benefits of this approach become apparent now, allowing our customers to migrate quickly and easily to MIFARE DESFire EV1, introduced in 2008 as the successor of MF3ICD40. The MIFARE DESFire EV1 is Common Criteria EAL 4+ certified and the research group at the Bochum University failed when attacking the card with non-invasive side-channel attacks.
As planned, NXP will discontinue the MIFARE DESFire MF3ICD40 as of December 31, 2011, and we recommend that our customers and partners migrate to MIFARE DESFire EV1 for existing and new systems.
In case of further questions please contact us at email@example.comFrequently asked questions (PDF)