Evaluating the reality of the hack from his perspective and industry insiders

In this episode, the publicized Mifare Crypto-1 hack is examined. Interviews with the researcher that uncoverd the alleged vulnerability, Karsten Nohl, as well as NXP representative Manuel Albers and Smart Card Alliance’s Randy Vanderhoof delve into the topic from all sides.

Albers reports that between 1 and 2 billion of these chips have been issued to date and are in use in transit systems and security and access applications.

Nohl stated that he would wait until next year to make the complete nature of attack public, suggesting “if you are relying on Mifare security, you should start migrating.” When asked if the intent was to give the issuers time to migrate or if he was holding the industry ransom, he replied, “I would acknowledge that we are playing along in the obscurity game … we want every one of these systems to wake up and realize how insecure they are … to convince the last ones that are still claiming we have not found it, we will have to release it.”

Download MP3.

https://www.secureidnews.com/podcasts for older podcasts.

Karsten Nohl and Henryk Plötz present at 24C3

Karsten’s slides (pdf)

Henryk’s slides (pdf)

---

Related articles:

NXP sues to prevent hackers from releasing MIFARE flaws Nohl: NXP making ‘terrible decision’ Top campus card and security articles from 2009