There is an encryption protocol called Triple-Data Encryption Standard (3DES) that is supposed to be pretty darn good. That is to say unbreakable without a lot of serious computing time and power. That is why it is used on contactless smart cards - London's Oyster travel Card, as well as cards used to store money – well you get the picture the list is long.
Christof Paar at Ruhr-University Bochum led a team that hacked 3DES using a low-cost system to break in with just a few hours of work using a small probe, an RFID reader and an oscilloscope who were then able to clone (duplicate) the cards. The cost of the equipment is around £2000.
NXP who manufacture the cards are aware of the problem and recommend customers upgrade t to newer versions of the cards.
Christof Paar at Ruhr-University Bochum led a team that hacked 3DES using a low-cost system to break in with just a few hours of work using a small probe, an RFID reader and an oscilloscope who were then able to clone (duplicate) the cards. The cost of the equipment is around £2000.
NXP who manufacture the cards are aware of the problem and recommend customers upgrade t to newer versions of the cards.
If you have a contactless card – then it may be worth finding out if you need to upgrade
CM
No comments:
Post a Comment