Specifications
Smart Cards Lab COMPGA12 University College London
CLA INS P1 Kt Le Key
FF 82 20 00 06
Here P2=Kt is the key number, should be 0.
The answer should be:
13.4 Mutual Authentication
We use the following command:
MIFARE CLASSIC AUTHENTICATE
CLA INS P1 P2 Nb Kt
FF 88 00 60 00
Remark: We need to replace 60 by 61 if we are using the alternative key
B.
The answer should be:
13.5 Reading One Block
We use the following command:
MIFARE CLASSIC READ
CLA INS P1 P2 Le
FF B0 00 10
Where Le is 16 = 0x10, the length of the answer expected.
Write the answer obtained here:
13.6 How Much Money is On Your Oyster Card?
This section can only be executed if the student knows one actual cryp-
tographic key of their Oyster card. This is not easy because each Oyster
card has a different key. Several attacks allowing one to recover the key
have been developed, by the researchers at the Dutch university of Ni-
jmegen. However the fastest and the most practical attack, which does
not require a costly pre-computation is the so called ”Dark Side” attack by
Courtois published in SECRYPT 2009. Some open source implementations
of this attack exist, see http://www.libnfc.org/community/topic/
98/mifare-classic-key-recovery-tool-dark-side-attack/
c
Nicolas T. Courtois 2009-10