Hacking RFID Billing Schemes for Fun and Free Rides - Marcio Almeida Macedo - Ekoparty Security Conference - 2014

Hacking RFID Billing Schemes for Fun and Free Rides - Marcio Almeida Macedo - Ekoparty Security Conference - 2014

Ekoparty Security Conference via YouTube Direct link

Problems Identified only analyzing PuntoBIP.akp

25 of 28

25 of 28

Problems Identified only analyzing PuntoBIP.akp

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Hacking RFID Billing Schemes for Fun and Free Rides - Marcio Almeida Macedo - Ekoparty Security Conference - 2014

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 DISCLAIMERS !!
  3. 3 RFID Billing Schemes
  4. 4 Mifare Classic Cards
  5. 5 A tiny history and some facts...
  6. 6 Security Features of Mifare Classic
  7. 7 Mifare Classic Structure
  8. 8 Partial Reverse Enginnering . In 2007 Karsten Noh and Henryk Plötz released at CCC the partial reverse engineering cipher initialization of CRYPTO-1 by hardware analysis
  9. 9 Weaknesses discovered
  10. 10 Full Disclosure of CRYPTO-1
  11. 11 Output Example Proxmark3
  12. 12 CRYPTO1 Cipher Cryptol Cipher
  13. 13 Proxmark3 + Active Sniffing
  14. 14 Card-only Attacks
  15. 15 Nested Attack
  16. 16 Curtouis Dark-Side Attack
  17. 17 Attack Steps
  18. 18 Proof of Concept
  19. 19 Running MFOC First Time
  20. 20 Running MFCUK
  21. 21 Running MFOC Second Time
  22. 22 Creating a Clone
  23. 23 Attack Cost
  24. 24 Analyzing PuntoBIP! Application
  25. 25 Problems Identified only analyzing PuntoBIP.akp
  26. 26 Countermeasures Against
  27. 27 "Decrement-counter" workaround
  28. 28 Conclusions

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.