nfc - Why is using an RFID's unique ID in generating a MAC insecure? -


came across 2012 post prevent copying nfc chip signal advises:

"recommend against using tag's unique id security feature."

why, other reasons stated below, security problem use unique id part of message generates message authentication code (mac)?


my application use rfid transponder's 8-byte fixed unique id, portion of rfid's 100s of data bytes , random data* derive mac. mac used authenticate tag's message.

the primary reason incorporating unique id mac prevents simple copy of tag's message , mac tag not yield legitimate mac.

the mac needs of sufficient size, with/without id. mac size target: 512 bits (32 bytes).

known issues:

  1. a direct copy of entire tag's data , id , ported tag simulator, can generate id, ready known risk , using id not help.

  2. mac variation depends solely on id variation (the other data same), may break mac. additional random data added.


  • 4 bytes of random data insure, should data content repeated, variation of mac depends on more unique id - in essence, extending id.

in case not use id security feature, say. part of input of mac generation. using id security feature example relying on fact id unique. dangerous assumption, because can in fact spoofed.


Comments

Popular posts from this blog

ios - RestKit 0.20 — CoreData: error: Failed to call designated initializer on NSManagedObject class (again) -

java - Digest auth with Spring Security using javaconfig -

laravel - PDOException in Connector.php line 55: SQLSTATE[HY000] [1045] Access denied for user 'root'@'localhost' (using password: YES) -