The cellphone and the RFID tag
February 15th, 2006

“A well known cryptographer has applied power analysis techniques to crack passwords for the most popular brand of RFID tags,”the EETimes reports.Professor of computer science at the Weizmann Institute,Adi Shamir,”used a directional antenna and digital oscilloscope to monitor power use by RFID tags while they were being read.Patterns in power use could be analyzed to determine when the tag received correct and incorrect password bits,he said.The reflected signals contain a lot of information,” Shamir said. “We can see the point where the chip is unhappy if a wrong bit is sent and consumes more power from the environment…to write a note to RAM that it has received a bad bit and to ignore the rest of the string,” he added.”I haven’t tested all RFID tags,but we did test the biggest brand and it is totally unprotected,”Shamir said.Using this approach,”a cellphone has all the ingredients you need to conduct an attack and compromise all the RFID tags in the vicinity,”he added.Shamir said the pressure to get tags down to five cents each has forced designers to eliminate any security features,a shortcoming that needs to be addressed in next-generation products”.
(Via Newscientist technology blog)

Cellphone could crack RFID tags,says cryptographer

Fatal error: Call to undefined function sociable_html() in /home/permutype/ on line 36