Electronics World articles Popular Electronics articles QST articles Radio & TV News articles Radio-Craft articles Radio-Electronics articles Short Wave Craft articles Wireless World articles Google Search of RF Cafe website Sitemap Electronics Equations Mathematics Equations Equations physics Manufacturers & distributors LinkedIn Crosswords Engineering Humor Kirt's Cogitations RF Engineering Quizzes Notable Quotes Calculators Education Engineering Magazine Articles Engineering software RF Cafe Archives Magazine Sponsor RF Cafe Sponsor Links Saturday Evening Post NEETS EW Radar Handbook Microwave Museum About RF Cafe Aegis Power Systems Alliance Test Equipment Centric RF Empower RF ISOTEC Reactel RF Connector Technology San Francisco Circuits Anritsu Amplifier Solutions Anatech Electronics Axiom Test Equipment Conduct RF Copper Mountain Technologies Exodus Advanced Communications Innovative Power Products KR Filters LadyBug Technologies Rigol TotalTemp Technologies Werbel Microwave Windfreak Technologies Wireless Telecom Group Withwave Resources Vintage Magazines RF Cafe Software WhoIs entry for RF Cafe.com Thank you for visiting RF Cafe!
Axiom Test Equipment - RF Cafe

ConductRF Phased Matched RF Cables - RF Cafe

LadyBug RF Power Sensors

Please Support RF Cafe by purchasing my  ridiculously low-priced products, all of which I created.

RF Cascade Workbook for Excel

RF & Electronics Symbols for Visio

RF & Electronics Symbols for Office

RF & Electronics Stencils for Visio

RF Workbench

T-Shirts, Mugs, Cups, Ball Caps, Mouse Pads

These Are Available for Free

Espresso Engineering Workbook™

Smith Chart™ for Excel

RF Cascade Workbook 2018 - RF Cafe

Secure RFID. Or Not.

Kirt's Cogitations™ #197

RF Cafe University"Factoids," "Kirt's Cogitations," and "Tech Topics Smorgasbord" are all manifestations of my ranting on various subjects relevant (usually) to the overall RF Cafe theme. All may be accessed on these pages:

 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37

< Previous                      Next >

 

Secure RFID. Or Not.

Security issues frequently appear in the news regarding interception of Wireless Local Area Network (WLAN) and Bluetooth device traffic, and each time they do, engineers get busy trying to plug the newly revealed holes. As with the Windows™ operating system, most of the effort tends to be reactive rather than proactive; resources are just too scarce and expensive to act otherwise. Also as with Windows™ most of the effort on the part of the miscreants tends to be directed toward the most popular, and therefore the most likely to receive ample news coverage. Attacks on the MAC OS or Linux just does not create enough of a media frenzy to make the work involved worthwhile.

Radio Frequency Identification Devices (RFID) are sort of in that MAC OS and Linux category in the wireless data theft business. That is not to say there is no reason for concern. Once confined to uses in commercial shipping and maybe pet recovery implants, RFID is appearing in more and more every-day products. Wal-Mart famously announced a plan to incorporate RFID product price scanning in all their stores, both as a convenience to the shopper and as a means to more tightly track inventory and, yes, customers. Car and truck keys have had embedded RFID chips for many years now as a theft-prevention feature (Ford recently charged me $65 for a single duplicate), as well as some forms of credit/debit cards, and specially-designed access implements. Those last items, and other personal items like them, are what you should begin worrying about.

A team of computer scientists Johns Hopkins University in Baltimore and RSA Laboratories in Bedford, MA, has successfully deciphered the codes of RFID-equipped keys that protect cars from theft and cards meant to prevent fraudulent gasoline purchases. They demonstrated that "an attacker with modest resources—just a few hundred dollars" of off-the-shelf equipment could pull off the crime.  The stubby wands that trigger the pumps at ExxonMobil gas stations are particularly vulnerable according to a report at www.rfid-analysis.org. Inside the head of an ignition key, the transponder must convince the vehicle's computer that it has the correct 40-bit code before fuel will flow to the engine. The transponders allow ExxonMobil customers to buy gas by waving the wand in front of the pumps that use the Speedpass system.

While details of the code-breaking technique and the results are not divulged, the information casts doubts on the usefulness of the Texas Instruments (TI) RFID chip used in the anti-theft keys and the gas pump wands. The researchers assert, "It's very important to ensure that we get security right in wireless devices from the very start," and insist the theft is preventable by using a larger number of bits. They suggest the de facto standard of 128 bits. Surely such notoriety has gotten the attention of TI by now.

As can be seen in the pictures on the website, codes were ascertained merely by trying every possible code until the correct one is found. Intercepting the code is as simple as standing or sitting next to a person carrying the RFID implement long enough to run through as many code tries as necessary. The next time you are sitting in an airport with someone typing busily away on his laptop, he might just be stealing your SUV key code or preparing for a few free trips to the gas station on your account. Now, 2^40 is a pretty big number, and a lot of trials, but it does not take all that long for a computer to crank through them. Besides, there's a 50-50 chance that the thief will only have to try 2^39 of them.

RF Cascade Workbook 2018 - RF Cafe
KR Electronics (RF Filters) - RF Cafe

Windfreak Technologies Frequency Synthesizers - RF Cafe

Anatech Electronics RF Microwave Filters - RF Cafe