Security Analysis of a Cryptographically-Enabled RFID Device is the bland-sounding title of an article describing how to crack the security behind the Speedpass payment system, and some of those RFID-based immobilizer key fobs used by auto makers. The article caught my attention because I’m a user of both devices.

The authors describe some of the steps they followed to reverse engineer the codes. They attribute the weakness of the architecture to the use of (far-too-short) 40-bit keys, and describe some steps end users can follow to improve security slightly…e.g. wrap the transponder in aluminum foil when not in use.

The authors also have an article with videos detailing their approach, including how to read an RFID tag while its still in the victim’s pocket:

Funny … transponder sniffing, and its concomitant countermeasure of wrapping the key in tin foil, are not mentioned in Edmund’s article:- “Top 10 Ways to Steal a Car (and how to defend against them) “.

This entry was posted on Sunday, January 30th, 2005 at 9:30 pm and is filed under General. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.