Software defined radio makes a lot of th ... / 2013-08-04

2013-08-04 Software defined radio makes a lot of th ... 5 years ago
Software defined radio makes a lot of things possible, including exposing vulnerabilities that were earlier described as "only possible in specially set up laboratories with expensive equipment". The USRP boards still count as expensive to me, but they make RF technology more accessible. This video is about reading the ID from a tollroad transponder (brand name FasTrak) in a car. I thought one of the basic design choices in RFID was that the reader has to authenticate to the rfid card before the card answers. I guess in this case there is too little authentication and it is possible to read the ID of the transponder. There are interesting privacy implications when anyone can set up a transponder ID reader.


Found via Reading a FasTrak tag ID with USRP + GNU Radio - Stuart Irwin on Google+

Update: I did some more reading on FasTrak and found out this could be the prelude to a complete system failure: FasTrak talk summary and slides explains there is no security at all in the RFID protocol used to interrogate and maybe update transponders.

Tags: , , ,

, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred.

PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers pgp key statistics for 0x5BA9368BE6F334E4 Koos van den Hout
RSS
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews
This page generated in 0.004036 seconds.