{"title":"逆向工程的RFID公共交通卡的通信协议","authors":"P. Fraga-Lamas, T. Fernández-Caramés","doi":"10.1109/RFID.2017.7945583","DOIUrl":null,"url":null,"abstract":"Radio Frequency Identification (RFID) security has not been properly handled in numerous applications, such as in public transportation systems. In this paper, a methodology to reverse engineer and detect security flaws is put into practice. Specifically, the communications protocol of an ISO/IEC 14443-B public transportation card used by hundreds of thousands of people in Spain was analyzed. By applying the methodology with a hardware tool (Proxmark 3), it was possible to access private information (e.g. trips performed, buses taken, fares applied…), to capture tag-reader communications, and even emulate both tags and readers.","PeriodicalId":251364,"journal":{"name":"2017 IEEE International Conference on RFID (RFID)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"32","resultStr":"{\"title\":\"Reverse engineering the communications protocol of an RFID public transportation card\",\"authors\":\"P. Fraga-Lamas, T. Fernández-Caramés\",\"doi\":\"10.1109/RFID.2017.7945583\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Radio Frequency Identification (RFID) security has not been properly handled in numerous applications, such as in public transportation systems. In this paper, a methodology to reverse engineer and detect security flaws is put into practice. Specifically, the communications protocol of an ISO/IEC 14443-B public transportation card used by hundreds of thousands of people in Spain was analyzed. By applying the methodology with a hardware tool (Proxmark 3), it was possible to access private information (e.g. trips performed, buses taken, fares applied…), to capture tag-reader communications, and even emulate both tags and readers.\",\"PeriodicalId\":251364,\"journal\":{\"name\":\"2017 IEEE International Conference on RFID (RFID)\",\"volume\":\"12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-05-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"32\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE International Conference on RFID (RFID)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/RFID.2017.7945583\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE International Conference on RFID (RFID)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RFID.2017.7945583","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Reverse engineering the communications protocol of an RFID public transportation card
Radio Frequency Identification (RFID) security has not been properly handled in numerous applications, such as in public transportation systems. In this paper, a methodology to reverse engineer and detect security flaws is put into practice. Specifically, the communications protocol of an ISO/IEC 14443-B public transportation card used by hundreds of thousands of people in Spain was analyzed. By applying the methodology with a hardware tool (Proxmark 3), it was possible to access private information (e.g. trips performed, buses taken, fares applied…), to capture tag-reader communications, and even emulate both tags and readers.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
