Conference paper

HENZL Martin and HANÁČEK Petr. Modeling of Contactless Smart Card Protocols and Automated Vulnerability Finding. In: 2013 International Symposium on Biometrics and Security Technologies (ISBAST). Chengdu: IEEE Computer Society, 2013, pp. 141-148. ISBN 978-0-7695-5010-7.
Publication language:english
Original title:Modeling of Contactless Smart Card Protocols and Automated Vulnerability Finding
Title (cs):Modelování protokolů bezkontaktních čipových karet a automatické hledání zranitelností
Pages:141-148
Proceedings:2013 International Symposium on Biometrics and Security Technologies (ISBAST)
Conference:International Symposium on Biometrics and Security Technologies
Place:Chengdu, CN
Year:2013
ISBN:978-0-7695-5010-7
Publisher:IEEE Computer Society
Keywords
contactless smart card, security, vulnerability, model, Mifare DESFire
Annotation
We present a method of automated vulnerability finding in protocols that use contactless smart cards. We focus on smart cards with contactless interface because they are simpler than their counterparts with contact interface and provide less functionality, which can be modeled more easily. Our method uses model checking to find possible attacks in a model of the protocol implementation on particular smart card. There is a possibility to model arbitrary smart card, we demonstrate this method on one of the currently most widespread contactless smart cards - the Mifare DESFire. Using our method we were able to locate a couple of weaknesses of this smart card which may cause vulnerability if the protocol is not implemented properly. This method can be used by developers to evaluate security of their protocol implementation on particular smart card.
BibTeX:
@INPROCEEDINGS{
   author = {Martin Henzl and Petr Han{\'{a}}{\v{c}}ek},
   title = {Modeling of Contactless Smart Card Protocols and Automated
	Vulnerability Finding},
   pages = {141--148},
   booktitle = {2013 International Symposium on Biometrics and Security
	Technologies (ISBAST)},
   year = {2013},
   location = {Chengdu, CN},
   publisher = {IEEE Computer Society},
   ISBN = {978-0-7695-5010-7},
   language = {english},
   url = {http://www.fit.vutbr.cz/research/view_pub.php?id=10257}
}

Your IPv4 address: 54.81.94.117
Switch to IPv6 connection

DNSSEC [dnssec]