MiFare Lady - Teaching an Old RFID New Tricks

Explore the intricacies of RFID technology and its security implications in this comprehensive conference talk from BSides Tampa 2018. Delve into the world of MiFare cards, various classes of RFID tags, and their historical development. Examine potential threats in targeted network environments and learn about implementation pitfalls to avoid. Discover techniques for sniffing reader network traffic and the importance of encryption. Gain insights into creating system master keys, understanding data keys and tags, and exploring MiFare memory structure. Witness a crypto demo and explore the challenges of encrypted databases and tag updates. Analyze cloning techniques, RFID operating frequencies, and quadrature sampling. Investigate reflection coefficients and tag comparisons using a scientific setup. Conclude with a discussion on overcoming challenges in RFID technology and explore valuable references for further study.

Intro
My Fare Lady
Classes of RFID Tags
A Brief History
Targeted Network Environment
Threats
Implementation Pitfalls
Sniff the Reader's network traffic
Rule #6 Encrypt all the things
Creating a System Master Key
Data Keys and Tags
Mifare Memory
Crypto Demo
The other side of Encrypted DBS
Encrypted Tag Update
One last addition
Comparing outputs
Frustrating Analysis
Revisiting the Past Example
Clones
How RFID works
Standard RFID Operating Frequencies
A model in a lab
Quadrature Sampling
My Super Sciencey Setup
Plotting Reflection Coefficients
Comparing Tags
Challenges to overcome
Conclusion
References