Penetration Tester and Researcher
Cracking HiTag2 Crypto Workshop - Weaponising Academic Attacks For Breaking And Entering
HiTag2 is an RFID technology operating at 125KHz. It is distinguished from many others in the same field by its use of 2-way communications for authentication and its use of encryption to protect the data transmissions - the majority of RFID technologies at 125KHz feature no authentication or encryption at all. As a result, it has been widely used to provide secure building access and has also been used as the technology that implements car immobilisers.
In 2012, academic researchers Roel Verdult, Flavio D. Garcia and Josep Balasch published the seminal paper, ‘Gone in 360 Seconds: Hijacking with Hitag2’ that presented three attacks on the encryption system used in HiTag2. In 2016, Garcia et al followed up with a fast correlation attack that cracked the keys far more quickly in the paper, ‘Lock It And Still Lose It'. They implemented their attacks on the Proxmark 3 device (an RFID research and hacking tool) and gave several high-profile demonstrations, but didn’t release any of their code or tools. Since then, the forums supporting Proxmark 3 and RFIDler (another RFID hacking tool) have received many requests for implementations of these attacks, but until recently none had been forthcoming.
In this workshop, I will explain how HiTag2 RFID works in detail, including the PRNG and the authentication and encryption protocols, and will present my own implementations of the attacks, written for RFIDler and supported by desktop computers. The first attack uses a nonce replay to misuse the integrity protection of the comms in order to allow access to the readable RFID tag pages without needing to know the key. The second, third and fourth attacks use time/memory trade-off brute force, cryptanalytic attacks and a fast correlation attack, to recover the key, such that the contents of the read-protected pages can also be accessed. The attacks are weaponised and permit cloning of tags, which I will demonstrate. I will also discuss the GPU brute force attacks presented in ‘Breaking HiTag2 Revisited’ and ‘One Car, Two Frames’ from 2012 and 2017 respectively.
All tools for the four demonstrated attacks are publicly available on the Aperture Labs/RFIDler GitHub.
Kevin Sheldrake is a penetration tester and researcher who started working in the technical security field in 1997. Over the years, Kev has been a developer and system administrator of ‘secure’ systems, an infosec policy consultant, a penetration tester, a reverse engineer and an entrepreneur who founded and ran his own security consulting company. His current interests lie in tool development for better penetration testing, and he has specialised in IoT and crypto for a number of years.
He has a Masters degree, is a Chartered Engineer and, in the past, has been a CHECK Team Leader, a CISSP and held CLAS.
Kev has presented at 44CON, Troopers, EMF Camp, Securi-Tay and UK DEFCON chapters. His topics have included an introduction to hacking embedded devices, RIFD crypto, building debuggers for embedded device penetration testing and the abuse of NLP in social engineering.