New Attack to RFID-Systems and their Middleware and Backends presented at BlackhatUSA 2006

by Lukas Grunwald,

Summary : This talk provides an overview of new RFID technologies used for dual-interface cards (credit cards, ticketing and passports), and RFID tags with encryption and security features. Problems and attacks to these security features are discussed and attacks to these features are presented. After dealing with the tags, an overview to the rest of an RFID-implementation, middleware and backend database and the results of special attacks to this infrastructure are given. Is it possible that your cat is carrying an RFID virus? And how might one attack the backend systems, and what does an RFID malware design look like? At the end of this talk, there is a practical demonstration of these discussed attacks.