Author profile picture

A recently discovered hardware backdoor in Mifare chips, currently used in the Dutch OV-chipkaart, could have serious implications for the security of the public transportation system. This vulnerability allows attackers to compromise all user keys within minutes, which can lead to unauthorized access and card cloning. Given the widespread use of these types of chips in public transportation, building management, hotels and the like, this is an immediate problem.

What is the hardware backdoor?

The hardware backdoor was discovered in the FM11RF08S chip, a Mifare-compatible chip manufactured by Shanghai Fudan Microelectronics. Quarkslab researchers revealed that this backdoor allows attackers to compromise the card’s user-defined keys within minutes. The backdoor is a universal key that works regardless of the values of keyA and keyB, meaning that all sectors of the card become accessible once the backdoor key is used.

Impact on the Dutch OV-chipkaart

The Dutch OV chip card currently uses the Infineon SLE-66 chip, which according to some reports may be vulnerable to similar attacks. Although most hacks are related to Chinese Mifare-compatible chips, there are concerns that certain Infineon chips may also be vulnerable. Translink, the company behind the development of the OV-chipkaart system, told IO in a written statement that it is aware of the breach and that Dutch transport cards are safe.

Potential consequences

If the backdoor can be exploited in the Dutch public transport chip card, it would lead to unauthorized access to public transport and possibly cloning of cards. This would not only cause financial losses for transport companies, but also create serious security problems for travelers. The risk of malicious parties gaining access to sensitive locations through cloned cards is a real and urgent problem.

What should be done now?

Given the potential impact of this vulnerability, transportation companies and responsible authorities must take immediate action. It is crucial to investigate which cards are vulnerable and possibly switch to a more secure alternative. The introduction of a new chip, such as the Infineon SLE-66R35 with enhanced security features, may offer a solution. However, such a migration will require time and investment.

Conclusion

The discovery of the hardware backdoor in Mifare-compatible chips casts a shadow over the security of the Dutch public transport chip card. With the potential risks to both financial and physical security, a quick and effective response is vital. Consumers and businesses must be aware of this vulnerability and take the necessary steps to protect their infrastructure.