January 29, 2026
Tap, crack, clapback
Break Me If You Can: Exploiting PKO and Relay Attacks in 3DES/AES NFC
NFC keycards in trouble as commenters dunk on “old crypto” and beg for Flipper ports
TLDR: Researchers showed common NFC keycards can be forced into easy-to-guess mode, with some knockoffs crackable in under a minute, and misconfigured name-brand tags also at risk. Comments split between “old crypto is old,” hype for tool ports like Flipper Zero, and jokes about security stunts gone wrong—important for hotels and tickets
The research world just slammed tap-to-enter tech with a flashy takedown of NFC keycards—think hotel keys and tickets—showing clever tricks that make “impossible to guess” keys suddenly guessable. The paper says some cards can be cracked in under a minute using phone-level power, and even stronger ones fall in days if many cards share the same key. Cue the comments section meltdown. One camp rolled their eyes, yelling that this is basically “3DES is ancient, move on,” while others clapped because the team packaged multiple attacks into real-world, you-can-actually-do-this demos with code and a paper. Tool-heads rushed in asking for Flipper Zero, Chameleon, and Proxmark support, turning the thread into a “port when?” chant. The funniest subplot: a LifeLock throwback, with folks comparing the paper’s cheeky title to that time a CEO flaunted his Social Security number and got owned—repeatedly. Meanwhile, a mini flame war brewed over who’s to blame: chip makers or careless deployments that skip basic integrity checks. The kicker? Knockoff cards got roasted for falling fastest, while brand-name tags took longer but still wobbled if misconfigured. It’s part security lesson, part meme fest, and 100% a wake-up call for anyone relying on “good enough” NFC security
Key Points
- •Researchers show relay and partial key overwrite attacks can reduce MIFARE Ultralight C 2TDEA keyspace from 2^112 to as low as 2^28.
- •Full 112‑bit 2TDEA key recovery is feasible for genuine NXP Ultralight C across multiple tags sharing a static key in days to weeks.
- •MIFARE Ultralight AES is vulnerable when CMAC integrity checks are not enforced, enabling reduced key search and brute-force.
- •For NTAG 223/224 DNA, SUNCMAC_KEY can be recovered from a single tag in under a minute via PKO and offline CMAC brute-force.
- •Non‑NXP Ultralight C‑compatible cards (Giantec GT23SC4489, Feiju FJ8010, USCUID‑UL) allow single‑card full key recovery in under 60 seconds due to flawed PRNGs and missing anti‑tearing.