News items for tag rfid - Koos van den Hout

2022-01-21 Looking at RFID cards and NFC again
I haven't done anything with NFC in ages. Almost three years ago I dug up my knowledge again and learned about UID changeable cards and before that the last real digging into RFID was 11 years ago: Interesting development with the magna carta rfid card.

Anyway, my interest is renewed due to several factors, with "just looking for something to learn about and enjoy the process" as main one. As a first step I dug up my trusty touchatag reader and the collection of RFID tokens/cards. The touchatag reader still doesn't see any of the collected ski passes so I guess those are for other frequencies.

The collection of RFID tokens includes a number of one-use public transport tickets. Those are based on Mifare Ultralight "MF0ICU1" according to NXP TagInfo. The little bit that annoys me is that NXP TagInfo manages to list the transport company and the transaction date/time while I can't find any listing of the fields in a Mifare Ultralight for transport use online on a first search. Later searches (see below) give a lot more!

So I have to do some digging myself. And maybe get a few more recent one-time-use public transport tickets to get an idea.
Read the rest of Looking at RFID cards and NFC again

Tags: , ,
2020-11-17 Mifare classic is still insecure... and still in use
I came across Using MIFARE Classic in 2020 - revk which states
So please, do not use MIFARE Classic as if they are secure!
and I couldn't agree more. There seem to be newer attacks that are even faster to crack the keys, which I will give a try soon.

Tags: ,
2019-03-08 Nieuwe experimenten met RFID kaarten
Na mijn experimenten met RFID kaarten in 2011 heb ik er een tijd niets aan gedaan. Het afgelopen half jaar kwam het onderwerp weer op door wat beveiligingsvragen rond RFID kaarten en heb ik weer de software uitgezocht.

Naast de linux tools is RFID support onder Android nu ook normaal en ik heb ontdekt dat NFC TagInfo by NXP prima software is om snel een kaart te onderzoeken. Bij sommige MiFare classic kaarten geeft deze software dan al een melding dat er standaard bekende sleutels ('factory default keys') gebruikt worden.

In vergelijking met 2011 is het wel anders dat Mifare classic kaarten met een wijzigbare UID (uniek kaartnummer) gewoon te koop zijn (zoek op 'UID changeable card') en de wijziging kan met nfc-mfsetuid wat onderdeel is van libnfc en dus bij een moderne linux uit package libnfc-examples komt. Een complete clone van een mifare classic kaart is dus prima mogelijk, zie bijvoorbeeld deze beschrijving: Cloning Mifare 1K cards (engelstalig).

Tags: ,
2015-02-16 Non-unique RFID Unique numbers
I recently learned that more than one Android mobile phone with NFC support has the same Unique ID: 01020304 (hex). If you want to use RFID tokens for authentication for certain tasks and let users bring their own tokens you need to block this specific not so unique ID.

Together with the fact that there are cards on the market where you can change the UID this means depending on an RFID UID only for authentication needs a serious risk assessment. But gaining access to more information on an ISO/IEC 14443 RFID device means that you either have to set the rules for the card (and probably pay for it) or make a rule for every type of card you find and still have issues.

Tags: ,
2013-11-01 (#)
In the UK the first tests are done with contactless payments based on RFID. According to the specifications eavesdropping on the transaction signals should not be possible from further than 10 centimeters. And predictably radio signals don't follow specifications: At a distance of 45 centimeter the data was received using equipment which could be hid in a backpack in a shopping trolley.

Via Contactless cards: data intercepted - Southgate Amateur Radio News

Tags: , , ,
2013-08-07 (#)
Yet another flawed mifare in public transport implementation: Hackers Expose Security Holes That Allow 'Free Rides for Life' - This time the city of Turin in Italy implemented a ticket system based on Mifare Ultralights.

Original Mifare Ultralight tags are not very secure (there is no crypto involved at all) and the spread of NFC enabled systems (such as smartphones) can turn simple vulnerabilities into widespread system failures.

Interesting to me is that the earlier vulnerabilities in Mifare systems in the Netherlands and England aren't mentioned in this article.

Tags: , ,
2013-08-04 (#)
Software defined radio makes a lot of things possible, including exposing vulnerabilities that were earlier described as "only possible in specially set up laboratories with expensive equipment". The USRP boards still count as expensive to me, but they make RF technology more accessible. This video is about reading the ID from a tollroad transponder (brand name FasTrak) in a car. I thought one of the basic design choices in RFID was that the reader has to authenticate to the rfid card before the card answers. I guess in this case there is too little authentication and it is possible to read the ID of the transponder. There are interesting privacy implications when anyone can set up a transponder ID reader.

Found via Reading a FasTrak tag ID with USRP + GNU Radio - Stuart Irwin on Google+

Update: I did some more reading on FasTrak and found out this could be the prelude to a complete system failure: FasTrak talk summary and slides explains there is no security at all in the RFID protocol used to interrogate and maybe update transponders.

Tags: , , ,
2011-07-06 (#)
Vermakelijk nieuws: er was iemand die wel een businesscase zag in grootschalige fraude met ov-chipkaarten. Dat heeft Translink Systems altijd ontkent, het was allemaal theoretisch. Deze keer werd de poging snel ontdekt, maar ik ga er van uit dat binnen de kortste keren iemand dit beter probeert.

Via Gekraakte OV-chipkaarten massaal verhandeld - Webwereld. Voor degenen die probeerden met de kaarten iets te doen minder leuk: Reizigers dupe van vervalste OV-chipkaarten - Webwereld.

Met een mooi advies van TLS
De voorlichter heeft een duidelijk advies aan reizigers: "Advies aan de consument is deze kaart niet aan te schaffen, want ook het reizen met gemanipuleerde kaarten is en blijft strafbaar.

Tags: , ,
2011-06-15 (#)
Interesting development with the magna carta rfid card: I gained access to a card from a different organisation and what I found for the other card did not apply at all.

Tags: ,
2011-04-28 (#)
Naast het bijhouden van de Mifare classic kaarten waar ik naar gekeken heb op de ov-chipkaart wiki bij pc-active wil ik natuurlijk ook mijn onderzoek zelf publiceren. Het blijft een wiki, dus wil ik 'mijn' feiten ook ergens neerzetten waar ze van mij blijven. Dus alles rond mijn RFID experimenten nu bij elkaar: RFID experimenten met ook hoe ik de touchatag reader gebruik onder Linux

Tags: ,

IPv6 check

Running test...
, reachable as PGP encrypted e-mail preferred. PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers

Meningen zijn die van mezelf, wat ik schrijf is beschermd door auteursrecht. Sommige publicaties bevatten een expliciete vermelding dat ze ongevraagd gedeeld mogen worden.
My opinions are my own, what I write is protected by copyrights. Some publications contain an explicit license statement which allows sharing without asking permission.
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews
This page generated by $Id: newstag.cgi,v 1.37 2022/02/15 21:48:19 koos Exp $ in 0.024542 seconds.