Real RFID Hacking Scenarios

← Back to Stories (view on slashdot.org)

Posted by ryuzaki0 on Thursday May 25, 2006 @02:44AM from the rfid-underground dept.

kjh1 writes "Wired is running an article on RFID hacking that has potentially scary implications. Many RFID tags have no encryption and will happily transmit their information in the clear if they are active or within range of a reader. Worse yet is that they can be overwritten. Some interesting scenarios and experiments: snagging the code off of a security badge and replaying it to gain access to a secure building; vandalizing library contents by wiping or changing tags on books; changing the prices of items in a grocery or other store; and getting free gas by tweaking the ExxonMobil SpeedPass tags."

5 of 180 comments (clear)

Min score:

Reason:

Sort:

Regarding security badges by benjjj · 2006-05-25 02:48 · Score: 5, Informative

I think it's common practice for most serious security badges to rely on RFID for part of the verification, but some sort of user input for the rest. I have a prox card at work (which, I assume, is an RFID-based card), but the card only activates a keypad. Without my PIN, it's useless.
1. Re:Regarding security badges by tinkertim · 2006-05-25 03:16 · Score: 4, Informative
  
  I'm recollecting many, many instances where I got through a door swiping a key with no pin or other authentication based on what I know.
  
  Ideall you authenticate on 2 out of these three:
  
  1 - what you know
  2 - what you have
  3 - what you are (or aren't, depending).
  
  Now that I think about it, most buildings I've been in that use RFID tags to open doors do not use anything but #2.
  
  I found this gizmo at fidgetsjust poking around on Google after reading TFA and feeling curious. That's the biggest one I found, the rest once stripped of their case would be very much like the scanner described in TFA.
  
  I'm sure this will become a growing problem, quickly.
Make has a project in the current issue by hal9000(jr) · 2006-05-25 02:51 · Score: 5, Informative

It is interesting reading and looks like a fun project. RFID for Makers
RFID Spoofing Guide by Anonymous Coward · 2006-05-25 02:51 · Score: 5, Informative

http://cq.cx/prox.pl
factual error in TFA about SHA-1 by pikine · 2006-05-25 03:36 · Score: 4, Informative

The last sentence on page 2 says: "Compare that to the hundreds of years experts estimate it would take for today's computers to break the publicly available encryption tool SHA-1, which is used to secure credit card transactions on the Internet."

This is incorrect.

SHA-1 is a digest algorithm. You give it some data, it outputs a 160-bit string that represents a fingerprint of the data. This fingerprint does not allow you to reconstruct the original input, but you can use it to verify data integrity, that data have not been tempered with. This does not protect against eavesdropping. Hacking a digest algorithm means to find, in a reasonable amount of time, two different inputs that produce the same digest.

SHA-1 is not a cipher. A cipher takes plain-text and a cipher-key in, and produces cipher-text out, which would appear to a third person without a cipher-key as a pretty random string.

--
I once had a signature.