Peeling Away Layers of an RFID Security System
暂无分享,去创建一个
The Legic Prime system uses proprietary RFIDs to secure building access and micropayment applications. The employed algorithms rely on obscurity and consequently did not withstand scrutiny.
This paper details how the algorithms were found from opening silicon chips as well as interacting with tags and readers. The security of the tags is based on several secret check-sums but no secret keys are employed that could lead to inherent security on the cards. Cards can be read, written to and spoofed using an emulator. Beyond these card weaknesses, we find that Legic's trust delegation model can be abused to create master tokens for all Legic installations.
[1] David Evans,et al. Reverse-Engineering a Cryptographic RFID Tag , 2008, USENIX Security Symposium.
[2] Martin Stigge,et al. Reversing CRC { Theory and Practice , 2006 .
[3] Matthew Green,et al. Security Analysis of a Cryptographically-Enabled RFID Device , 2005, USENIX Security Symposium.
[4] Ravi S. Sandhu,et al. Cryptographic Implementation of a Tree Hierarchy for Access Control , 1988, Inf. Process. Lett..