Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Do you really want to delete this prezi?
Neither you, nor the coeditors you shared it with will be able to recover it again.
Make your likes visible on Facebook?
You can change this under Settings & Account at any time.
Exploiting RFID vulnerabilities using your NFC phone
Transcript of Exploiting RFID vulnerabilities using your NFC phone
includes ISO14443a, ISO14443b, FeliCA, ISO 18000-3
it uses 13.56 Mhz Frequency Mifare Classic / DESFire the most used RFID in the world (more than 1 billion worldwide, more than 1 milion in Slovakia)
used by public transport companies in Bratislava, Prague, London, Krakow, Luxembourg and other cities
parking cards in Bratislava, Warsawa, Prague and other cities
entrance to many areas (buildings, swimming pools, skiing resorts) Mifare Mifare Classic firstly cracked in 2007 in Berlin at CCC conference
in 2009 we in Nethemba s.r.o. published the first opensource world implementation of MFOC cracker Impact possibility to make clones of any card
charge your credit
read all sensitive information
permanently destroy all cards
monitor passenger's movements
emulate card (using Proxmark 3 or NFC reader) Now reading ,writing and emulation of RFID tags is possible using your NFC phone!!! Install and run our MFOC cracker on any Mifare Classic Download and run Mifare Classic Scanner to your Android Setup your own keys you cracked using MFOC, read the whole content and start the emulation :-) it is easy to read your firstname and surname from your Slovak University Card, Bratislava Public Transport Card, etc.
it is easy to emulate hotel access cards (I've just tested it in Malaysia), swimming pool entry cards Biometric RFID passports all passwords has 72 kB RFID chip that contains a lot of sensitive information (personal info, JPEG photo, fingerprint biometric data)
MRZ code is necessary to decrypt and read the passport data
Older passports (without EAC) were possible to clone or emulate using NFC phones
It is necessary to know a private RSA key to read biometric information (AA Public Key) Using NFC phone you can read it easily.. MRZ code consists of:
Expiration Date Italian passport number is generated sequentially.... This is not a private information at all, can be easily gained using multiple ways (social networks, public registries, ..) Password expiration is 10 year (there are 3650 possibilities only) Slovak police claims it is not possible read biometric RFID passports.
"All information stored in your biometric passport can be read with a special device attached to the passport"...told František Blanárik from NBÚ Conclusion it is possible to emulate an "imperfect" clone of the RFID passport using NFC phone
it is possible to read/write/emulate any ISO14443 card
many vulnerable RFID technologies (Hitag2, Legic Prime, Mifare Ultralight, HID Proxy, ...) There are no secure RFID technologies...
Only not cracked yet... NFC history The first implementations were created by Nokia (Nokia 6131, 6212)
Few implementations - Public transport in Plzeňský kraj, ePassport emulator (eClown) NFC history The first implementations were created by Nokia (Nokia 6131, 6212)
Few implementations - Public transport in Plzeňský kraj, ePassport emulator (eClown) The first implementations were created by Nokia (Nokia 6131, 6212)
Few implementations - Public transport in Plzeňský kraj, ePassport emulator (eClown) the first implementations were created by Nokia (Nokia 6131, 6212)
few implementations - Public transport in Plzeňský kraj, ePassport emulator (eClown) NFC History Thanks for your attention! Mifare DESfire MF3ICD40 smartcards were practically cracked few months ago! By exploiting the electro-magnetic information leakage of the cards, its cryptographic keys are revealed:
widespread German payment system was/is affected
Prague's OpenCard was/is affected
Open-source tools for analyzing contactless smartcards:
an ISO 14443 RFID reader (http://sourceforge.net/projects/reader14443)
opensource card emulator Chameleon (http://sourceforge.net/projects/chameleon14443).