funsec mailing list archives
Re: RFID credit cards cracked (yet again ...)
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Fri, 29 Feb 2008 16:35:17 -0500
Related papers can be found here: http://www.rfid-cusp.org/workshop/2008/post_workshop.html RFID SECURITY WORKSHOP: FROM THEORY TO PRACTICE January 23 & 24, 2008 Johns Hopkins University Baltimore, MD This small, informal workshop aims to give voice to the security needs of intensive deployers of RFID in the pharmaceutical, medical, transportation, consumer-payment, and retail industries. By representing a broad cross-section of the RFID community, the workshop will look to shape the research programs of technologists in the service of pressing, real-world problems and to connect industrial RFID users with the scientists crafting next-generation RFID systems. The workshop will include two days of invited talks, panel discussions, and breakout sessions. The workshop will be off the record for media attendees. The workshop has been planned in conjunction with Vrije Universiteit Amsterdam. A European companion workshop will take place Spring 2008 at the Lorentz Center, Leiden, the Netherlands. Richard -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Rob, grandpa of Ryan, Trevor, Devon & Hannah Sent: Friday, February 29, 2008 2:53 PM To: funsec () linuxbox org Subject: [funsec] RFID credit cards cracked (yet again ...) "I want to inform people about the vulnerabilities of these cards" A University of Virginia graduate student and two fellow hackers say they have cracked the encryption code that protects billions of credit cards and security badges. With readily available equipment that cost less than $1,000, the student and his two Germany-based partners dismantled a chip that is found inside many "smartcards" and mapped out its security algorithm. The hackers were then able to run it through a brute force computer program that broke the encryption after a few hours. If they were to try again, he said, it would take a matter of minutes. "I don't want to help attackers, but I want to inform people about the vulnerabilities of these cards," said the Ph.D. candidate in computer engineering at UVa who is originally from Germany. The findings were announced at the Chaos Communications Congress in Berlin. They are not releasing the details of how they beat the chip's security code. http://www.dailyprogress.com/servlet/Satellite?pagename=CDP/MGArticle/CDP_Ba sicArticle&c=MGArticle&cid=1173354778618 ====================== (quote inserted randomly by Pegasus Mailer) rslade () vcn bc ca slade () victoria tc ca rslade () computercrime org Funny. I've never heard `Project Gutenberg' called `Yahoo' before - http://ars.userfriendly.org/cartoons/?id=20051004&mode=classic http://victoria.tc.ca/techrev/rms.htm _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RFID credit cards cracked (yet again ...) Rob, grandpa of Ryan, Trevor, Devon & Hannah (Feb 29)
- Re: RFID credit cards cracked (yet again ...) Richard M. Smith (Feb 29)