Hacking RFID Billing Schemes for Fun and Free Rides - Marcio Almeida Macedo - Ekoparty Security Conference - 2014

Hacking RFID Billing Schemes for Fun and Free Rides - Marcio Almeida Macedo - Ekoparty Security Conference - 2014

Ekoparty Security Conference via YouTube Direct link

Weaknesses discovered

9 of 28

9 of 28

Weaknesses discovered

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Hacking RFID Billing Schemes for Fun and Free Rides - Marcio Almeida Macedo - Ekoparty Security Conference - 2014

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 DISCLAIMERS !!
  3. 3 RFID Billing Schemes
  4. 4 Mifare Classic Cards
  5. 5 A tiny history and some facts...
  6. 6 Security Features of Mifare Classic
  7. 7 Mifare Classic Structure
  8. 8 Partial Reverse Enginnering . In 2007 Karsten Noh and Henryk Plötz released at CCC the partial reverse engineering cipher initialization of CRYPTO-1 by hardware analysis
  9. 9 Weaknesses discovered
  10. 10 Full Disclosure of CRYPTO-1
  11. 11 Output Example Proxmark3
  12. 12 CRYPTO1 Cipher Cryptol Cipher
  13. 13 Proxmark3 + Active Sniffing
  14. 14 Card-only Attacks
  15. 15 Nested Attack
  16. 16 Curtouis Dark-Side Attack
  17. 17 Attack Steps
  18. 18 Proof of Concept
  19. 19 Running MFOC First Time
  20. 20 Running MFCUK
  21. 21 Running MFOC Second Time
  22. 22 Creating a Clone
  23. 23 Attack Cost
  24. 24 Analyzing PuntoBIP! Application
  25. 25 Problems Identified only analyzing PuntoBIP.akp
  26. 26 Countermeasures Against
  27. 27 "Decrement-counter" workaround
  28. 28 Conclusions

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.