It takes about seven hours to crack the security on one card and get its 112-bit encryption key, the researchers said. It only works if you've already spent months profiling the card's architecture, behavior and responses. Cracking time could be cut to as little as three hours, Paar and Oswald said.
The weak point for the MF31CD40 – and many of NXD's other cards – is that it does little or nothing to resist being recorded, prodded and poked by crackers.
The EV1 upgrade to that card has an on-chip backup management systems, an authentication mechanism that uses three separate authentication methods, encryption based on the 3DES hardware encryption that meets security requirements for most U.S. government agencies, but is compatible with existing systems designed to read the card using Near Field Communications (NFC) radio systems.
That probably means it does not yet contain any countermeasures able to stave off determined crackers poking it to see how it reacts.
The EV1 is designed for transit systems, event-ticketing systems and other applications that would put millions of them in the hands of end users, meaning it won't be hard for anyone wanting to crack it to get ahold of one.
If you use NXP security cards in any of your buildings, or any kind of NFC-based smartcard security, you might want to look into backup systems or to see if anyone's cracked them yet. Odds are getting better that they have.
Read more of Kevin Fogarty's CoreIT blog and follow the latest IT news at ITworld. Follow Kevin on Twitter at @KevinFogarty. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.