Crypto-1
NXP Crypto1 | |
| General | |
|---|---|
| Designers | Philips/NXP |
| First published | October 6, 2008 |
| Cipher detail | |
| Key sizes | 48 bits |
| Security claims | 48 bits |
| Structure | NLFSR, LFSR |
| Best public cryptanalysis | |
| Garcia, Flavio D.; Peter van Rossum; Roel Verdult; Ronny Wichers Schreur (2009-03-17). "Wirelessly Pickpocketing a Mifare Classic Card" claim that the cipher can be broken "in seconds". | |
Crypto1 is a proprietary encryption algorithm (stream cipher) and authentication protocol created by NXP Semiconductors for its MIFARE Classic RFID contactless smart cards launched in 1994. Such cards have been used in many notable systems, including Oyster card, CharlieCard and OV-chipkaart.
By 2009, cryptographic research had reverse engineered the cipher and a variety of attacks were published that effectively broke the security.
NXP responded by issuing "hardened" (but still backwards compatible) cards, the MIFARE Classic EV1. However, in 2015 a new attack rendered the cards insecure, and NXP now recommends migrating away from MIFARE Classic.