Topic: Security and MIFARE Classic
Just for fun, I have written a PAM module which use libnfc. It allow me to login my PC with Mifare Classic tag.
At this moment, authentication is based on a pre-associated user and uid. I know it's a really poor security since it seems to be really easy to made an hardware that can provide "custom" uid.
I have think about store a private GPG-like key in Mifare Classic (or a "particular" message crypted with GPG) but it's also possible to "clone" Mifare card.
So, my question is : Is there is any way to provide a secured authentication module using Mifare Classic ?