This repository is accompanying the paper "BREAKMEIFYOUCAN!": Exploiting Keyspace Reduction and Relay Attacks in 3DES and AES-protected NFC Technologies, available at https://eprint.iacr.org/2026/100 .
A local copy of the paper is available here.
| Directory | Description |
|---|---|
cards |
Data on various cards, see details here |
flipper_apps |
Flipper Zero apps implementing select attacks, see details here |
paper |
LaTeX source files of the paper |
tools |
Other helpful scripts for manual testing |
| Date | Event |
|---|---|
| 2025-07-23 | Initiated contact with NXP |
| 2025-07-23 | NXP acknowledged initial contact |
| 2025-07-24 | Sent draft of vulnerability report to NXP |
| 2025-07-24 | NXP acknowledged receipt of the report draft |
| 2025-08-05 | NXP confirmed findings and requested changes to draft |
| 2025-08-12 | Acknowledged feedback, shared research updates, requested NTAG-22x sample sources |
| 2025-08-12 | NXP acknowledged receipt of update |
| 2025-10-20 | Delivered second draft of vulnerability report to NXP, requested publication timeline |
| 2025-10-20 | NXP acknowledged receipt of second draft |
| 2025-11-03 | NXP indicated they will request additional time for recertification, and will provide more information soon |
| 2025-12-01 | NXP requested disclosure is delayed to Q2 2026 for product recertification |
| 2025-12-08 | Anticipated publication date communicated to NXP (January 20, 2026), disclosure timeline scoped to customer risk mitigation |
| 2026-01-25 | Paper and Proof-of-Concept exploits published |
