{"id":"https://openalex.org/W2060487051","doi":"https://doi.org/10.1109/spw.2013.29","title":"On Bad Randomness and Cloning of Contactless Payment and Building Smart Cards","display_name":"On Bad Randomness and Cloning of Contactless Payment and Building Smart Cards","publication_year":2013,"publication_date":"2013-05-01","ids":{"openalex":"https://openalex.org/W2060487051","doi":"https://doi.org/10.1109/spw.2013.29","mag":"2060487051"},"language":"en","primary_location":{"id":"doi:10.1109/spw.2013.29","is_oa":true,"landing_page_url":"https://doi.org/10.1109/spw.2013.29","pdf_url":"https://ieeexplore.ieee.org/ielx7/6564486/6565207/06565237.pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2013 IEEE Security and Privacy Workshops","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6564486/6565207/06565237.pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5085287860","display_name":"Nicolas T. Courtois","orcid":"https://orcid.org/0000-0003-0736-431X"},"institutions":[{"id":"https://openalex.org/I45129253","display_name":"University College London","ror":"https://ror.org/02jx3x895","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I45129253"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Nicolas T. Courtois","raw_affiliation_strings":["University College London, UK"],"affiliations":[{"raw_affiliation_string":"University College London, UK","institution_ids":["https://openalex.org/I45129253"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056711051","display_name":"Daniel Hulme","orcid":"https://orcid.org/0000-0001-7649-2361"},"institutions":[{"id":"https://openalex.org/I45129253","display_name":"University College London","ror":"https://ror.org/02jx3x895","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I45129253"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Daniel Hulme","raw_affiliation_strings":["University College London, UK"],"affiliations":[{"raw_affiliation_string":"University College London, UK","institution_ids":["https://openalex.org/I45129253"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056030087","display_name":"Kamran Hussain","orcid":"https://orcid.org/0009-0006-9009-9797"},"institutions":[{"id":"https://openalex.org/I45129253","display_name":"University College London","ror":"https://ror.org/02jx3x895","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I45129253"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Kumail Hussain","raw_affiliation_strings":["University College London, UK"],"affiliations":[{"raw_affiliation_string":"University College London, UK","institution_ids":["https://openalex.org/I45129253"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5061969790","display_name":"Jerzy Gawinecki","orcid":"https://orcid.org/0000-0002-9953-6897"},"institutions":[{"id":"https://openalex.org/I2800249161","display_name":"Military University of Technology in Warsaw","ror":"https://ror.org/05fct5h31","country_code":"PL","type":"education","lineage":["https://openalex.org/I2800249161"]}],"countries":["PL"],"is_corresponding":false,"raw_author_name":"Jerzy A. Gawinecki","raw_affiliation_strings":["Military University of Technology, Warsaw, Poland"],"affiliations":[{"raw_affiliation_string":"Military University of Technology, Warsaw, Poland","institution_ids":["https://openalex.org/I2800249161"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5056568482","display_name":"Marek Grajek","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Marek Grajek","raw_affiliation_strings":["Poland"],"affiliations":[{"raw_affiliation_string":"Poland","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5085287860"],"corresponding_institution_ids":["https://openalex.org/I45129253"],"apc_list":null,"apc_paid":null,"fwci":1.6552,"has_fulltext":true,"cited_by_count":8,"citation_normalized_percentile":{"value":0.86375638,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":"2656","issue":null,"first_page":"105","last_page":"110"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11017","display_name":"Chaos-based Image/Signal Encryption","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11017","display_name":"Chaos-based Image/Signal Encryption","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11797","display_name":"graph theory and CDMA systems","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11130","display_name":"Coding theory and cryptography","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/smart-card","display_name":"Smart card","score":0.83841872215271},{"id":"https://openalex.org/keywords/payment","display_name":"Payment","score":0.7329391837120056},{"id":"https://openalex.org/keywords/cryptographic-nonce","display_name":"Cryptographic nonce","score":0.6947574615478516},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6716026663780212},{"id":"https://openalex.org/keywords/randomness","display_name":"Randomness","score":0.5834279656410217},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5816558599472046},{"id":"https://openalex.org/keywords/payment-card","display_name":"Payment card","score":0.4999518394470215},{"id":"https://openalex.org/keywords/order","display_name":"Order (exchange)","score":0.49375781416893005},{"id":"https://openalex.org/keywords/entropy","display_name":"Entropy (arrow of time)","score":0.47526925802230835},{"id":"https://openalex.org/keywords/contactless-smart-card","display_name":"Contactless smart card","score":0.4728268086910248},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.42510896921157837},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.41418227553367615},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.2900707423686981},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.21684426069259644},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.11412009596824646},{"id":"https://openalex.org/keywords/finance","display_name":"Finance","score":0.07819285988807678}],"concepts":[{"id":"https://openalex.org/C110406131","wikidata":"https://www.wikidata.org/wiki/Q41349","display_name":"Smart card","level":2,"score":0.83841872215271},{"id":"https://openalex.org/C145097563","wikidata":"https://www.wikidata.org/wiki/Q1148747","display_name":"Payment","level":2,"score":0.7329391837120056},{"id":"https://openalex.org/C9996903","wikidata":"https://www.wikidata.org/wiki/Q1749235","display_name":"Cryptographic nonce","level":3,"score":0.6947574615478516},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6716026663780212},{"id":"https://openalex.org/C125112378","wikidata":"https://www.wikidata.org/wiki/Q176640","display_name":"Randomness","level":2,"score":0.5834279656410217},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5816558599472046},{"id":"https://openalex.org/C21021354","wikidata":"https://www.wikidata.org/wiki/Q1207171","display_name":"Payment card","level":3,"score":0.4999518394470215},{"id":"https://openalex.org/C182306322","wikidata":"https://www.wikidata.org/wiki/Q1779371","display_name":"Order (exchange)","level":2,"score":0.49375781416893005},{"id":"https://openalex.org/C106301342","wikidata":"https://www.wikidata.org/wiki/Q4117933","display_name":"Entropy (arrow of time)","level":2,"score":0.47526925802230835},{"id":"https://openalex.org/C66569333","wikidata":"https://www.wikidata.org/wiki/Q13220021","display_name":"Contactless smart card","level":3,"score":0.4728268086910248},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.42510896921157837},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.41418227553367615},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.2900707423686981},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.21684426069259644},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.11412009596824646},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.07819285988807678},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/spw.2013.29","is_oa":true,"landing_page_url":"https://doi.org/10.1109/spw.2013.29","pdf_url":"https://ieeexplore.ieee.org/ielx7/6564486/6565207/06565237.pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2013 IEEE Security and Privacy Workshops","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1109/spw.2013.29","is_oa":true,"landing_page_url":"https://doi.org/10.1109/spw.2013.29","pdf_url":"https://ieeexplore.ieee.org/ielx7/6564486/6565207/06565237.pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2013 IEEE Security and Privacy Workshops","raw_type":"proceedings-article"},"sustainable_development_goals":[{"display_name":"No poverty","score":0.49000000953674316,"id":"https://metadata.un.org/sdg/1"}],"awards":[{"id":"https://openalex.org/G7617053297","display_name":"RESILIENT INFRASTRUCTURE AND BUILDING SECURITY","funder_award_id":"242497","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"}],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2060487051.pdf","grobid_xml":"https://content.openalex.org/works/W2060487051.grobid-xml"},"referenced_works_count":13,"referenced_works":["https://openalex.org/W1699105","https://openalex.org/W2102096888","https://openalex.org/W2111336263","https://openalex.org/W2140246151","https://openalex.org/W2142351551","https://openalex.org/W2148892264","https://openalex.org/W2227028477","https://openalex.org/W2530027433","https://openalex.org/W4236509984","https://openalex.org/W6680861166","https://openalex.org/W6689458492","https://openalex.org/W6727954257","https://openalex.org/W6818108484"],"related_works":["https://openalex.org/W1966405014","https://openalex.org/W2614190601","https://openalex.org/W1486998541","https://openalex.org/W2595058249","https://openalex.org/W3021522997","https://openalex.org/W3121451588","https://openalex.org/W3210722202","https://openalex.org/W569822935","https://openalex.org/W2921605148","https://openalex.org/W576789626"],"abstract_inverted_index":{"In":[0,78],"this":[1,123],"paper":[2],"we":[3,54,70,80],"study":[4],"the":[5,30,68,83,134],"randomness":[6],"of":[7,22,47,49,58,88,137,160],"some":[8,90,102,144],"random":[9,27],"numbers":[10],"found":[11],"in":[12,29,37,61,96,140,150,153,176],"real-life":[13,104],"smart":[14,34,173],"card":[15,138,174],"products.":[16],"We":[17,99,156],"have":[18,71,100],"studied":[19],"a":[20,56],"number":[21,57],"symmetric":[23],"keys,":[24],"codes":[25],"and":[26,41],"nonces":[28],"most":[31],"prominent":[32],"contactless":[33,172],"cards":[35,105],"used":[36,44,175],"buildings,":[38,145],"small":[39,147],"payments":[40],"public":[42,151],"transportation":[43,152],"by":[45,76],"hundreds":[46],"millions":[48],"people":[50],"every":[51],"day.":[52],"Furthermore":[53],"investigate":[55],"technical":[59],"questions":[60],"order":[62,141],"to":[63,65,109,133,142,165],"see":[64],"what":[66,118],"extent":[67],"vulnerabilities":[69],"discovered":[72],"could":[73],"be":[74],"exploited":[75],"criminals.":[77],"particular":[79],"look":[81],"at":[82],"case":[84],"MiFare":[85],"Classic":[86],"cards,":[87],"which":[89],"two":[91],"hundred":[92],"million":[93],"are":[94,130],"still":[95],"use":[97],"worldwide.":[98,179],"examined":[101],"50":[103],"from":[106],"different":[107],"countries":[108],"discover":[110],"that":[111],"it":[112],"is":[113,125],"not":[114],"entirely":[115,126],"clear":[116],"if":[117],"was":[119],"previously":[120],"written":[121],"about":[122],"topic":[124],"correct.":[127],"These":[128],"facts":[129],"highly":[131],"relevant":[132],"practical":[135],"feasibility":[136],"cloning":[139],"enter":[143],"make":[146],"purchases":[148],"or":[149],"many":[154,177],"countries.":[155],"also":[157],"show":[158],"examples":[159],"serious":[161],"security":[162],"issues":[163],"due":[164],"poor":[166],"entropy":[167],"with":[168],"another":[169],"very":[170],"popular":[171],"buildings":[178]},"counts_by_year":[{"year":2022,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":2},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":2},{"year":2013,"cited_by_count":1}],"updated_date":"2026-03-11T14:59:36.786465","created_date":"2025-10-10T00:00:00"}