25C3 - 1.4.2.3

25th Chaos Communication Congress
Nothing to hide

Speakers
Henryk Plötz
Karsten Nohl
Schedule
Day Day 3 (2008-12-29)
Room Saal 1
Start time 16:00
Duration 01:00
Info
ID 3032
Event type lecture
Track Hacking
Language used for presentation en
Feedback

Analyzing RFID Security

Many RFID tags have weaknesses, but the security level of different tags varies widely. Using the Mifare Classic cards as an example, we illustrate the complexity of RFID systems and discuss different attack vectors. To empower further analysis of RFID cards, we release an open-source, software-controlled, and extensible RFID reader with support for most common standards.

RFID tags and contact-less smart cards are regularly criticized for their lack of security. While many RFID tags have weaknesses, the security level of different tags varies widely. Using the Mifare Classic cards as an example, we illustrate the complexity of RFID systems and discuss different attack vectors. To empower further analysis of RFID cards, we release an open-source, software-controlled, and extensible RFID reader with support for most common standards.