DocumentCode :
2144277
Title :
A Practical Experience with RFID Security
Author :
Chun-Chieh Chen ; Chen, Chun-Chieh ; Chen-Mou Cheng ; Ming-Yang Chih ; Shih, Jie-Ren
Author_Institution :
Grad. Inst. of Networking & Multimedia, Nat. Taiwan Univ., Taipei
fYear :
2009
fDate :
18-20 May 2009
Firstpage :
395
Lastpage :
396
Abstract :
Radio-frequency identification (RFID) technologies allow remote identification as well as generic data access using radio waves. It is also commonly used in transportation and other payment systems, e.g., the MIFAREof NXP Semiconductors, one of the most widely deployed contactless smart card standards. Recently, the interest in using RFID for micro payment grows rapidly as users get used to the convenience brought by RFID,and corporations discover that RFID can significantly lower the cost of operation. However, there are security concerns, as many passive RFID technologies do not have adequate cryptographic protection. Furthermore, thecommunication can be eavesdropped by a third party, making RFID particularly vulnerable to all sorts of attacks.In this work, we examine the EasyCard of the Taipei Metro Rapid Transit (MRT) Corporation, a transportation ticketing system based on the MIFARE Classic technology. We capture and analyze the communication between a legitimate reader and an EasyCard using GNURadio, an open-source software-defined radio running on PC. We will share our experiences with EasyCard security and hopefully provide some insights into RFID security inpractice.
Keywords :
cryptography; radiofrequency identification; software radio; EasyCard security; GNURadio; MIFARE classic technology; RFID security; cryptographic protection; data access; micro payment; open-source software-defined radio; payment system; radiofrequency identification technology; remote identification; smart card standard; transportation ticketing system; Communication system security; Costs; Cryptography; Data security; Passive RFID tags; Protection; Radio frequency; Radiofrequency identification; Road transportation; Smart cards; Cryptographic; ISO14443; MIFARE Classic; RFID; Radio Frequency; Security; algebra attack.;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Mobile Data Management: Systems, Services and Middleware, 2009. MDM '09. Tenth International Conference on
Conference_Location :
Taipei
Print_ISBN :
978-1-4244-4153-2
Electronic_ISBN :
978-0-7695-3650-7
Type :
conf
DOI :
10.1109/MDM.2009.71
Filename :
5088976
Link To Document :
بازگشت