Title :
Modeling of Contactless Smart Card Protocols and Automated Vulnerability Finding
Author :
Henzl, Martin ; Hanacek, Petr
Author_Institution :
Dept. of Intell. Syst., Brno Univ. of Technol., Brno, Czech Republic
Abstract :
We present a method of automated vulnerability finding in protocols that use contactless smart cards. We focus on smart cards with contactless interface because they are simpler than their counterparts with contact interface and provide less functionality, which can be modeled more easily. Our method uses model checking to find possible attacks in a model of the protocol implementation on particular smart card. There is a possibility to model arbitrary smart card, we demonstrate this method on one of the currently most widespread contactless smart cards - the Mifare DESFire. Using our method we were able to locate a couple of weaknesses of this smart card which may cause vulnerability if the protocol is not implemented properly. This method can be used by developers to evaluate security of their protocol implementation on particular smart card.
Keywords :
cryptographic protocols; protocols; smart cards; Mifare DESFire; arbitrary smart card; automated vulnerability finding; contactless interface; contactless smart card protocol modeling; model checking; protocol implementation; Authentication; Cryptography; Hardware; Protocols; Smart cards; Standards; Mifare DESFire; contactless smart card; model; security; vulnerability;
Conference_Titel :
Biometrics and Security Technologies (ISBAST), 2013 International Symposium on
Conference_Location :
Chengdu
Print_ISBN :
978-0-7695-5010-7
DOI :
10.1109/ISBAST.2013.26
