Steve Bono, Matthew Green, Adam Stubblefield, Ari Juels, Avi Rubin, and
Michael Szydlo have successfully attacked a cryptographically-enabled RFID chip made by Texas Instruments. This chip is used in anti-theft automobile immobilizers and in the ExxonMobil SpeedPass. You can find details at http://www.rfidanalysis.org/ (and a link to the draft paper),
and a New York Times article at http://www.nytimes.com/2005/01/29/national/29key.html
The paper itself is very nice, and combines RF techniques, cryptanalysis, Internet sleuthing, space-time tradeoffs, and more. There are some points I'm sure we'll be discussing at length, such as the authors' decision to withhold some of the details of their attack, the actual effective range of an RFID transponder when the attacker uses a suitable antenna, and the practical significance of the work. But oddly enough, what struck me was TI's response: rather than attacking the researchers, they co-operated, to the extent of providing them with challenge keys to see if the technique was really that effective. TI is to be congratulated -- such a response is all too rare.
Btw, the paper suggests carrying car keys or SpeedPasses in aluminum foil. I suspect that a more practical form factor is a spring-loaded conductive sleeve that normally surrounds the RFID chip, but is push back either manually or on key insertion.
It has been rumoured (in the UK) that car thieves can do this for Mercedes - does anyone know what they use in their keys (they aren't RFID for the relevant models, they're the more traditional infrared kind)?
Cheers,
Ben.
-- http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
