32c3 - talk about HITAG S

iceman · 2015-12-22 12:07:31

Someone going to 32c3 this year? There will be a talk about Hitag S

Sicherheit von 125kHz Transpondern am Beispiel Hitag S
Ralf Spenneberg, Hendrik Schwartke, Oguzhan Cicek
Der Hitag S Transponder wird in verschiedensten Applikationen eingesetzt. Während Angriffe für den Hitag 2 bereits bekannt sind, gilt der Hitag S in der Literatur noch nicht als gebrochen. Wir haben die beschriebenen Angriffe auf den Hitag S übertragen. Wir sind in der Lage den Schlüssel zu brechen und Informationen wie das Kennwort zu ermitteln, obwohl diese zusätzlich vor Lesezugriff geschützt sind. In Abhängigkeit des gewählten Angriffs benötigen wir für das Brechen des Schlüssels zwischen mehreren hundert Tagen und 5 Minuten. Wir haben einen Emulator gebaut, der jeden Hitag S Transponder nachbilden kann. Wird der Transponder in einem Schließsystem eingesetzt, können wir so eine Schlüsselkopie erstellen. Basierend auf unseren Ergebnissen und den Erfahrungen mit anderen Transpondern aus dem 125kHz Bereich können wir nur vor dem Einsatz in sicherheitskritischen Bereichen warnen.

Presention: https://events.ccc.de/congress/2015/Fah … /7166.html

Last edited by iceman (2015-12-22 12:12:00)

ikarus · 2015-12-30 14:34:32

Yep, I was there (and still am )

You can watch the talk on media.ccc.de.
Unfortunately it is one of the rare talks in German.

To wrap things up: Hitag S is broken. They developed some attacks that - depending on
some factors - can crack the keys within 5 minutes and hundreds of days...
Also they build an emulator to emulate Hitag S tags.

They promised to release their paper on January 1st, 2016. They also promised to release (some of) the code
they developed for the proxmark3. We will see...

Greetings from the 32C3!
ikarus

jump · 2016-01-01 22:54:59

Don't know if this is related to the talk at 32C3 but here is a recent advisory about Hitag S: http://seclists.org/bugtraq/2016/Jan/4

This attack still requires 5 days of computation using SAT solver based on 2 sniffed challenges.

iceman · 2016-01-02 17:54:35

that is cool, ill have to look into the sat solver solution sgain. i never got it to work last time i tried it.

Joshm · 2016-02-08 10:56:09

any news regarding the code to communicate with Hitag S transponders and readers?

ikarus · 2016-02-11 21:54:21

@jump

jump wrote:

Don't know if this is related to the talk at 32C3 but here is a recent advisory about Hitag S: http://seclists.org/bugtraq/2016/Jan/4

Related... This is the advisory from the team that held the talk at the 32C3.
You can find the PDF version of it on their website.

@Joshm
As far as I know, no code has been released yet. I wrote a mail to them. Lets wait and hope they will share their knowledge with us.

Edit:
(German) sildes of the talk.

Last edited by ikarus (2016-02-11 21:58:34)

ikarus · 2016-02-13 17:01:39

Got a response. They said the code is unfinished and undocumented and therefore has not been released yet.
The guy who wrote the code (Oguzhan Cicek) is very busy with earning his masters degree. He will try to get
the code ready soon (during the next semester break).

iceman · 2016-02-13 17:57:24

If we are lucky!

Proxmark3 community

Announcement

#1 2015-12-22 12:07:31

32c3 - talk about HITAG S

#2 2015-12-30 14:34:32

Re: 32c3 - talk about HITAG S

#3 2016-01-01 22:54:59

Re: 32c3 - talk about HITAG S

#4 2016-01-02 17:54:35

Re: 32c3 - talk about HITAG S

#5 2016-02-08 10:56:09

Re: 32c3 - talk about HITAG S

#6 2016-02-11 21:54:21

Re: 32c3 - talk about HITAG S

#7 2016-02-13 17:01:39

Re: 32c3 - talk about HITAG S

#8 2016-02-13 17:57:24

Re: 32c3 - talk about HITAG S

Board footer