Hacking RFID Billing Schemes for Fun and Free Rides - Marcio Almeida Macedo - Ekoparty Security Conference - 2014
Offered By: Ekoparty Security Conference via YouTube
Course Description
Overview
Syllabus
Intro
DISCLAIMERS !!
RFID Billing Schemes
Mifare Classic Cards
A tiny history and some facts...
Security Features of Mifare Classic
Mifare Classic Structure
Partial Reverse Enginnering . In 2007 Karsten Noh and Henryk Plötz released at CCC the partial reverse engineering cipher initialization of CRYPTO-1 by hardware analysis
Weaknesses discovered
Full Disclosure of CRYPTO-1
Output Example Proxmark3
CRYPTO1 Cipher Cryptol Cipher
Proxmark3 + Active Sniffing
Card-only Attacks
Nested Attack
Curtouis Dark-Side Attack
Attack Steps
Proof of Concept
Running MFOC First Time
Running MFCUK
Running MFOC Second Time
Creating a Clone
Attack Cost
Analyzing PuntoBIP! Application
Problems Identified only analyzing PuntoBIP.akp
Countermeasures Against
"Decrement-counter" workaround
Conclusions
Taught by
Ekoparty Security Conference
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network