[Dewayne-Net] Cellphone could crack RFID tags, says cryptographer

Dewayne Hendricks dewayne at warpspeed.com
Wed Feb 15 12:45:58 PST 2006 

Cellphone could crack RFID tags, says cryptographer

Rick Merritt
(02/14/2006 4:26 PM EST)
URL: <http://www.eetimes.com/showArticle.jhtml?articleID=180201688>

SAN JOSE b A well known cryptographer has applied power analysis
techniques to crack passwords for the most popular brand of RFID tags.

Adi Shamir, professor of computer science at the Weizmann Institute,
reported his work in a high-profile panel discussion at the RSA
Conference here. Separately, Ron Rivest, who co-developed the RSA
algorithms with Shamir, used the stage of the annual panel to call
for an industry effort to create a next-generation hashing algorithm
to replace todaybs SHA-1.
In recent weeks, Shamir used a directional antenna and digital
oscilloscope to monitor power use by RFID tags while they were being
read. Patterns in power use could be analyzed to determine when the
tag received correct and incorrect password bits, he said.
"The reflected signals contain a lot of information," Shamir said.
"We can see the point where the chip is unhappy if a wrong bit is
sent and consumes more power from the environmentb&to write a note to
RAM that it has received a bad bit and to ignore the rest of the
string," he added.

"I havenbt tested all RFID tags, but we did test the biggest brand
and it is totally unprotected," Shamir said. Using this approach, "a
cellphone has all the ingredients you need to conduct an attack and
compromise all the RFID tags in the vicinity," he added.

Shamir said the pressure to get tags down to five cents each has
forced designers to eliminate any security features, a shortcoming
that needs to be addressed in next-generation products.

Separately, cryptographers discussed the weaknesses in the
fundamental SHA-1 hashing algorithm that were announced at the
groupbs panel in 2005. "That was a real wake up call for
cryptographers," said Rivest, who is also professor of electrical
engineering and computer science at MIT.

[snip]
Weblog at: <http://weblog.warpspeed.com>

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]

More information about the cypherpunks-legacy mailing list