All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Security Analysis: Exploiting Keyspace Reduction and Relay Attacks in 3DES and AES-protected NFC Technologies

By

noproto

4mo ago· 12 min readenInsight
Bagel score 95 of 100
95/100
Golden Brown
Bagelometer

Hot, fresh, and worth queueing round the block for.

Score95TypeanalysisSentimentneutral

Summary

This research paper analyzes security vulnerabilities in NFC technologies including MIFARE Ultralight C, MIFARE Ultralight AES, NTAG 223 DNA, and NTAG 224 DNA cards. The study reveals methods to substantially weaken security through relay-based man-in-the-middle attacks and partial key overwrites, which can reduce the 2TDEA keyspace from 2¹¹² to 2²⁸. The paper demonstrates practical attacks on widely used NFC technologies and discusses the implications for security in contactless systems.

Key quotes

· 4 pulled
This paper presents an in-depth analysis of vulnerabilities in MIFARE Ultralight C, MIFARE Ultralight AES, NTAG 223 DNA, NTAG 224 DNA, and widely circulated non-NXP Ultralight C compatible cards.
We reveal multiple avenues to substantially weaken the security of each technology across a range of configurations.
Through relay-based man-in-the-middle techniques and partial key overwrites—optionally combined with EEPROM tearing techniques—an attacker can reduce the keyspace
Reducing 2TDEA keyspace from 2¹¹² to 2²⁸ through partial key overwrites and relay attacks.
Snippet from the RSS feed
Exploiting Keyspace Reduction and Relay Attacks in 3DES and AES-protected NFC Technologies. Reducing 2TDEA keyspace from 2¹¹² to 2²⁸ through partial key overwrites and relay attacks.

You might also wanna read

Quantum Computers Threaten Asymmetric Cryptography but Not 128-bit Symmetric Keys

The article clarifies that quantum computers pose a threat to asymmetric cryptography (like RSA and ECDSA) but not to symmetric cryptography

words.filippo.io·1mo ago

Wi-Fi Router Beamforming Feature Can Be Exploited to Identify Individuals With 99.5% Accuracy, Study Finds

Researchers at Germany's Karlsruhe Institute of Technology discovered that standard Wi-Fi routers using beamforming feedback information (BF

futurism.com·9h ago

Behavioral feature engineering, not deep learning models, key to Trojan malware detection study finds

A study on Trojan malware detection focuses on behavioral feature engineering for Windows-based IoT and industrial systems. Rather than emph

helpnetsecurity.com·1d ago

MemoAttack: A Memory-Driven Framework for Automated LLM Jailbreak Attacks

This paper introduces MemoAttack, a novel memory-driven black-box jailbreak framework for large language models (LLMs). Unlike existing meth

arxiv.org·2d ago

Mathematicians Use Gödel's Incompleteness Theorems to Develop New Cryptographic Tool

This article explores the intersection of mathematical unknowability (inspired by Gödel's incompleteness theorems) and modern cryptography.

ow.ly·2d ago

CAPTCHAs remain viable for detecting AI agents by exploiting process differences

The article discusses how while AI vision language models (VLMs) can now solve traditional CAPTCHA image recognition tasks (like identifying

research.roundtable.ai·2d ago