Analyzing a modern cryptographic RFID system
- Type
- Audio
- Tags
- RFID
- Authors
- Henryk Plötz, Milosch Meriac
- Event
- Chaos Communication Congress 27th (27C3) 2010
- Indexed on
- Mar 27, 2013
- URL
- http://mirror.fem-net.de/CCC/27C3/mp3-audio-only/27c3-4114-en-analyzing_modern_cryptographic_rfid_stystem.mp3
- File name
- 27c3-4114-en-analyzing_modern_cryptographic_rfid_stystem.mp3
- File size
- 26.4 MB
- MD5
- c584b111c921f51f85071b6c6fc22cf5
- SHA1
- e7963b11f20a5b051886ca2db1d839f30b82de9c
Popular contactless systems for physical access control still rely on obscurity. As we have shown, time and time again, proprietary encryption systems are weak and easy to break. In a follow-up to last year's presentation we will now demonstrate attacks on systems with 'proper' cryptographic algorithms. Since we broke the last of the big players on the market at 26C3, most vendors are now migrating to new systems which rectify our main point of concern: proprietary algorithms. All new technologies use AES or 3DES for encryption and/or authentication and vendors tirelessly tout the security of their systems and the use of these algorithms between card, reader and host. We will discuss the design of the successor to a system we attacked last year, and demonstrate how a system can be insecure despite the use of secure cryptoprimitives.
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
