sniffing and cracking rfid crypto
posted Feb 19th 2005 6:51am by Jason Striegelfiled under: Uncategorized
i always get a kick out of companies using proprietary crypto in their products. hackaday reader b-rad writes,
Researchers at Johns Hopkins University and RSA Laboratories have demonstrated how too crack the encryption of a Texas Instrument RFID transponder used in many “immobilizer-equipped” car keys and ExxonMobile SpeedPass e-payment fobs.
the team was able to reverse engineer the protocol and come up with a system for brute forcing the key recovery process in a matter of hours. they also created a proof-of-concept radio device that could be used to mimic a speedpass fob to purchase gasoline.
their cracking device utilizes 16 fpgas and is able to do in a couple hours what 10 general purpose pcs would do in 2 weeks, all for the price of about $3500. this reminds me of the bombes used by british cryptanalysts to crack enigma cyphers in world war 2. pretty cool stuff.
Ironically, i just decided to go to rfid.org, and this article was on their frong page:
http://www.aimglobal.org/members/news/templates/rfidinsights.asp?articleid=292&zoneid=24