Cryptanalytic attack on an RFID chip
Steven M. Bellovin
smb at cs.columbia.edu
Sat Jan 29 13:09:32 EST 2005
Steve Bono, Matthew Green, Adam Stubblefield, Ari Juels, Avi Rubin, and
Michael Szydlo have successfully attacked a cryptographically-enabled
RFID chip made by Texas Instruments. This chip is used in anti-theft
automobile immobilizers and in the ExxonMobil SpeedPass. You can find
details at http://www.rfidanalysis.org/ (and a link to the draft paper),
and a New York Times article at http://www.nytimes.com/2005/01/29/national/29key.html
The paper itself is very nice, and combines RF techniques,
cryptanalysis, Internet sleuthing, space-time tradeoffs, and more.
There are some points I'm sure we'll be discussing at length, such as
the authors' decision to withhold some of the details of their attack,
the actual effective range of an RFID transponder when the attacker
uses a suitable antenna, and the practical significance of the work.
But oddly enough, what struck me was TI's response: rather than
attacking the researchers, they co-operated, to the extent of providing
them with challenge keys to see if the technique was really that
effective. TI is to be congratulated -- such a response is all too
rare.
Btw, the paper suggests carrying car keys or SpeedPasses in aluminum
foil. I suspect that a more practical form factor is a spring-loaded
conductive sleeve that normally surrounds the RFID chip, but is push
back either manually or on key insertion.
--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list