Differential Fault Analysis of Secret Key Cryptosystems
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
A Cryptanalytic Time-Memory Tradeoff: First FPGA Implementation
FPL '02 Proceedings of the Reconfigurable Computing Is Going Mainstream, 12th International Conference on Field-Programmable Logic and Applications
Unbalanced Feistel Networks and Block Cipher Design
Proceedings of the Third International Workshop on Fast Software Encryption
RFID Privacy: An Overview of Problems and Proposed Solutions
IEEE Security and Privacy
Strengthening EPC tags against cloning
Proceedings of the 4th ACM workshop on Wireless security
Security Standards for the RFID Market
IEEE Security and Privacy
The Evolution of RFID Security
IEEE Pervasive Computing
Protecting RFID communications in supply chains
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Universally composable and forward-secure RFID authentication and authenticated key exchange
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Protocols for RFID tag/reader authentication
Decision Support Systems
Reducing medical errors using secure RFID technology
ACM SIGCSE Bulletin
IEEE Transactions on Dependable and Secure Computing
OSLO: improving the security of trusted computing
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Automotive system security: challenges and state-of-the-art
Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead
Power and EM Attacks on Passive $13.56\,\textrm{MHz}$ RFID Devices
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
RFID System Security Using Identity-Based Cryptography
UIC '08 Proceedings of the 5th international conference on Ubiquitous Intelligence and Computing
Provably Secure Grouping-Proofs for RFID Tags
CARDIS '08 Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Reconsidering physical key secrecy: teleduplication via optical decoding
Proceedings of the 15th ACM conference on Computer and communications security
Proceedings of the 15th ACM conference on Computer and communications security
rfidDOT: RFID delegation and ownership transfer made simple
Proceedings of the 4th international conference on Security and privacy in communication netowrks
Cryptanalysis of a novel authentication protocol conforming to EPC-C1G2 standard
Computer Standards & Interfaces
Reverse-engineering a cryptographic RFID tag
SS'08 Proceedings of the 17th conference on Security symposium
rfid in pervasive computing: State-of-the-art and outlook
Pervasive and Mobile Computing
Universally Composable RFID Identification and Authentication Protocols
ACM Transactions on Information and System Security (TISSEC)
Secure RFID authentication scheme for EPC class Gen2
Proceedings of the 3rd International Conference on Ubiquitous Information Management and Communication
Information Systems Frontiers
Advances in Ultralightweight Cryptography for Low-Cost RFID Tags: Gossamer Protocol
Information Security Applications
PAP: A privacy and authentication protocol for passive RFID tags
Computer Communications
EPC RFID tag security weaknesses and defenses: passport cards, enhanced drivers licenses, and beyond
Proceedings of the 16th ACM conference on Computer and communications security
A server centric authentication protocol for a RFID system
CASE'09 Proceedings of the fifth annual IEEE international conference on Automation science and engineering
Trust in RFID-enabled Supply-Chain Management
International Journal of Security and Networks
Secure communication for RFIDs proactive information security within computational security
SSS'06 Proceedings of the 8th international conference on Stabilization, safety, and security of distributed systems
Vulnerabilities in first-generation RFID-enabled credit cards
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Comprehensive experimental analyses of automotive attack surfaces
SEC'11 Proceedings of the 20th USENIX conference on Security
Securing RDS broadcast messages for smart grid applications
International Journal of Autonomous and Adaptive Communications Systems
ACSP: A novel security protocol against counting attack for UHF RFID systems
Computers & Mathematics with Applications
Authenticating pervasive devices with human protocols
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Shoehorning security into the EPC tag standard
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
Investigating security in multi-tree based technique in RFID systems
KES'06 Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part III
Privacy for public transportation
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
mCrypton – a lightweight block cipher for security of low-cost RFID tags and sensors
WISA'05 Proceedings of the 6th international conference on Information Security Applications
Reducing time complexity in RFID systems
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
Peeling away layers of an RFID security system
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
SP 800-98. Guidelines for Securing Radio Frequency Identification (RFID) Systems
SP 800-98. Guidelines for Securing Radio Frequency Identification (RFID) Systems
EDA for secure and dependable cybercars: challenges and opportunities
Proceedings of the 49th Annual Design Automation Conference
Attacking an AES-Enabled NFC tag: implications from design to a real-world scenario
COSADE'12 Proceedings of the Third international conference on Constructive Side-Channel Analysis and Secure Design
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Gone in 360 seconds: Hijacking with Hitag2
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Neighborhood watch: security and privacy analysis of automatic meter reading systems
Proceedings of the 2012 ACM conference on Computer and communications security
Applying remote side-channel analysis attacks on a security-enabled NFC tag
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
Security challenges in automotive hardware/software architecture design
Proceedings of the Conference on Design, Automation and Test in Europe
Hi-index | 0.00 |
We describe our success in defeating the security of an RFID device known as a Digital Signature Transponder (DST). Manufactured by Texas Instruments, DST (and variant) devices help secure millions of SpeedPassTM payment transponders and automobile ignition keys. Our analysis of the DST involved three phases: 1. Reverse engineering: Starting from a rough published schematic, we determined the complete functional details of the cipher underpinning the challenge-response protocol in the DST. We accomplished this with only "oracle" or "black-box" access to an ordinary DST, that is, by experimental observation of responses output by the device. 2. Key cracking: The key length for the DST is only 40 bits. With an array of of sixteen FPGAs operating in parallel, we can recover a DST key in under an hour using two responses to arbitrary challenges. 3. Simulation: Given the key (and serial number) of a DST, we are able to simulate its RF output so as to spoof a reader. As validation of our results, we purchased gasoline at a service station and started an automobile using simulated DST devices. We accomplished all of these steps using inexpensive off-the-shelf equipment, and with minimal RF expertise. This suggests that an attacker with modest resources can emulate a target DST after brief short-range scanning or long-range eavesdropping across several authentication sessions. We conclude that the cryptographic protection afforded by the DST device is relatively weak.