EnRUPT – The Simpler The Better

Apparently, the reverse engineered Philips/NXP Mifare Crypto-1 algorithm has been published along with some leaked NXP documentation for it. It looks an awful lot like the Philips/NXP Hitag2 cipher published earlier this year. We hope that Philips/NXP will stop trying to sue people for its own stupidity and start being ashamed.

Why ashamed? They have been caught red handed selling people fake security for many years and still trying to defend their position. Over a billion of deliberately made insecure Mifare microchips have been manufactured and sold putting all their users at risk in the name of the price/security ratio hoping that the inbuilt obscurity would protect their revenues for a while.

Philips/NXP knew very well just how bad the cipher was, which is why they kept it secret suing anyone who tried to publish any information about it. In the 21^st century it is no longer acceptable to keep a cryptographic algorithm a secret unless it is used exclusively by the military, and even then intelligent management should consider publishing it just in case others do find a flaw in it, so it could be replaced as quickly as possible.

Is it possible to fit a 256-bit secure cipher on RFID chips of that size and cost? – Yes of course. Could Philips/NXP have done it? – No. Why not? – Because microchip manufacturers are not cryptologists. Most of them do not have anyone qualified to do that and are too greedy to hire them. The only way to do anything right is to hire experts to do the job.

PS: It looks like the above mentioned algorithm implementation by I.C. Wiener does not specify the key byte order, which is also not perfectly clear from the picture. Our more detailed algorithm implementation and specification can be found in the work of Henryk Plötz, which we did not publish until the algorithm became available from other sources to protect its users a little longer from attacks that can be built on it.