So I have a small electronics project where I am using common MiFare 1K NFC tags as a means of authentication.
I know these aren’t very secure so here are my ideas on improving on it.
- Make Card Read Only
- This makes it slightly harder to manipulate the card directly but is essentially useless as these cards are very common and easy to copy.
- Use the UID of the card
- Ok idea but still bad, as some cards allow a custom UID. Also a 4 Byte UID is rather small imo. (Some have 7 Bytes thou)
- Use the "password" of trailer blocks of the card to block read access.
- Might work but can be brute forced as the trailer password is 6 Bytes long
- Create your own ID on the cards memory and do a random increment every time the card is read if there’s a missmatch between the prev id and the current ID you know there are copies around.
- Pretty much the most secure method I can think of currently. If the card is declined use some other means of identification and get a new card.
- Encrypt the card data on the reader instead of using the cards "encryption".
- Wont stop copying of cards, the content can still be used to authenticate.
Imo. using all the options above together makes it somewhat hard to break these cards’ security but not absolutely invulnerable.
Now, my question is, are there any other ways to be able to protect/harden these cards?