rfid: threats, failures, and fixes

7/22/2019 RFID: THREATS, FAILURES, AND FIXES

1/43

RFID: THREATS, FAILURES, AND FIXES

BY

Rusty A. Deaton

A Significant Paper submitted in partial fulfillment of the Requirements for the Degree of

MASTERS OF Science in Business Information Technology

Troy, MIMarch, 2014


2/43

Revision History

Author Date: Reason For Changes

Rusty Deaton 3/4/2014 Original Draft #001

Julie (Stanley) Skidmore 3/14/2014 Draft revisions for grammar

Rusty Deaton 3/16/2014 Draft revisions for content

Julie (Stanley) Skidmore 3/17/2014 Final revisions for grammar

Rusty Deaton 3/17/2014 Final revisions for content


3/43

Table of Contents

II Literature Review ................................................................................................................... 2

LOGISTICS MANAGEMENT ................................................................................................ 2PHYSICAL SECURITY ....................................................................................................... 4INFORMATION STORAGE .................................................................................................. 8TRANSACTIONAL USE ...................................................................................................... 8POTENTIAL FIXES .......................................................................................................... 10QUESTIONS AND TAKEAWAYS ......................................................................................... 12

III Methodology and Approach ................................................................................................ 13

LOGISTICS MANAGEMENTWALMART AND RFIDROLLOUT............................................. 13INFORMATION STORAGEE-DOCUMENTS AND IDENTITY THEFT....................................... 15

PHYSICAL SECURITYRFIDIN TRANSIT ........................................................................ 17TRANSACTIONAL SECURITYCREDIT WHERE IT IS DUE ................................................... 19

IV Results ................................................................................................................................ 21

PROOF OF CONCEPTINTRODUCING THEARDUINO........................................................ 22BUILDING,FLASHING,AND TESTING THEARDUINO ............................................................ 23SIMPLIFYING THE EQUATION13.56MHZAPPLICATIONS ON SMARTPHONES..................... 27

V Summary and Conclusions .................................................................................................. 33

SUGGESTIONS FOR FURTHER RESEARCH....................................................................... 34

References ................................................................................................................................ 35


4/43

RFID: THREATS, FAILURES, AND FIXES 1

I Introduction/Background

One of the greatest objectives of technology is to make daily life more convenient

for the users of it. Much like ploughs used in lieu of hand tools to the eventual clustered

computing to detect anomalies in DNA to determine the state of genetic diseases in

humans; there is an undeniable drive to help make life easier and thus, more valuable.

Radio Frequency Identification (RFID) Systems are a part of this technological

cornucopia. In its modern implementation it may offer an unrivalled level of

transparency into positions of items as they move through an area, an ease of entry

(And subsequently access management) that makes keys a thing of the past, allows for

rapid transactions to occur between customer and business, and several other uses. In

its myriad implementations it no doubt meets the expectation that technology make life

easier.

There is, unfortunately, a darker side to making life easier. The same principles

that RFID uses may be used against it; its data captured freely, and used against those

systems where it is usable without an issue. If left unconsidered and its

misappropriated use uncontested, it could be ultimately disastrous.

This project seeks to outline cases where this unchecked diffusion of data, while

typically infinitesimal and static in nature, can be exceedingly useful in a well-designed

strategy to infiltrate an organization, commit fraud, or both.


5/43


II Literature Review

In the realm of RFID, there are a number of benefits that may be associated with

it. It is commonly used as a means of logistics management, a layer of physical

security, a token for transactional applications; a static reference to a point in a

predefined database, and so forth. The information security discipline has wasted no

time in taking these models used for RFID, exploding them, and discussing their

findings. There is a wealth of knowledge that may be found for RFID that hails from

sources that range from the purely scholastic and research-oriented to the bombastic

and glory-minded. There is merit in discussing these findings, particularly as they relate

to the realm of information security, and the salient fixes (or lack thereof) that come

forward.

Logistics Management

There are a number of issues that make the logistics management angle of RFID

ripe for attack from an information security standpoint. The most basic example in

understanding the role of RFID in logistics management is to identify inventory in a

given shipment. There are of course other uses from a logistics management

standpoint, such as efficiency measurements e.g., determining when part A hit scan

station 1, scan station 2, etc., or heuristics analysis e.g., determining how often an

RFID-tagged ring is removed from its case and looked at, indicating potential interest. It

is at these most basic uses of RFID where some of the most egregious abuses of the

technology may occur.


6/43


The first and perhaps most simply executed of all threats associated with RFID

are those associated with the physical RFID chip itself as discussed by Mitrokotsa,

Rieback, and Tanenbaum (2010), wherein a suitably-informed threat agent may commit

attacks that span across multiple layers of the chips architecture with very little

committed resources. Chawla and Robins (2013) discuss how a threat agent looking to

commit espionage might easily track an RFID chip or chips across locations, duplicate

those chips to knowingly introduce faulty items into a rivals production base, or modify

the RFID chips to redirect inventory flow. Another grim scenario would be disabling the

tags- whether through physical destruction or through KILL commands- or sending

mass amounts of false RFID requests through the attached monitoring systems to

obfuscate traffic or attempt to break them (as discussed in Mitrokotsa, Rieback,

Tanenbaum, 2010).

There are some possible fixes to the presented vulnerabilities. Cryptography

could be used with the RFID chip setup to help ensure that communications between

the chip and its ultimate destination are authentic. Temporary restraint mechanisms

could also be used, such as sleep/wake functions available on higher-end chips,

faraday cage constructs over sensitive transport items, or RFID re-writing stations

where all scanned items are re-written to meet a new set of criteria. Examples include a

new cryptographic key or new metadata to throw off spoofing/cloning attempts (as

discussed in Crispo, Rieback, Tanenbaum, 2006). Chawla and Robins (2013) posit

other ideas, including authentication requirements to modify tag metadata such as

passing a token or password (built into the EPC Gen2 RFID standard), pseudonym


7/43


generation to foil tracking, or the inclusion of RFID chips that possess Physically

Unclonable Functions (PUF) to generate authentication responses.

Without using sufficiently strong encryption models, the possibility of cracking the

encryption on a tag rises significantly. This is most especially important within the

scope of cryptographic key use or metadata reconstruction. Bono, Green, Juels, et al.

(2008) shows how the 40-bit encryption used by Texas Instruments Digital Signature

Transponder can, in the worst case, be cracked in an hour by reconstructing a key from

two arbitrary challenges.

Physical Security

As a physical security device, RFID lends itself to having the capacity of a key in

that it can act as a trigger to open doors while having the manageability attributed to a

directory or entitlement system. Many vendors that offer RFID-based solutions are

based off of Wiegand swipe card technology; that is to say a specific format in which

data is to be placed on the RFID chip. ZHLab.com (2011) discusses how this is most

commonly done with 26 bits, but may be up to 64 bits with some systems. For the

purposes of the literature in this area of RFID study, it is not necessary to understand

the exact specifications of the Wiegand format, nor the thousands of permutations of bit

structures used with it. In fact, many attacks disregard these issues entirely.

The attack surface for physical security devices are small, possibly out of the way

and often directly related to the physical system. There is often no consideration for

application proxies or mechanisms connected to these physical systems to root out

potentially harmful data pushed through the interface, thus making them ripe for attack.


8/43


An example of a standard physical environment infrastructure used along-side RFID

can be seen in Figure 1:

Figure 1: RFID use in Physical Environment Security

There are three primary paths to attack RFID in the realm of physical defense. There

are brute force techniques such as slamming as much Wiegand-appropriate data as

possible at a system until the door unlocks. Another technique is cloning, which

consists of creating a direct copy of the card for later use. The third method is attacking

the system that runs the physical security system through its interfaces- often times, this

is done by using a specifically designed RFID card.

In a brute forcing scenario, the attacker sends values that are potentially valid as

fast as possible until a correct value is found. However, brute force can take an


9/43


incredibly long time. For instance, a 26-bit Wiegand system would have over

67,000,000 different combinations. Antoniewicz (2011) demonstrated how under one

attempt a second, which is what the Proxmark III (A noted RFID capture/store/replay

tool) performs at, exhausting the 26-bit space would take over two years. In perfectly

ideal circumstances, Byers, Lofton, Vangari-Balraj, et al. (2007) showed that the

average time to brute force an EPCglobal UHF Class-1 Generation-2 RFID tag is 29

days, which means that this route of physical security mitigation is far too lengthy to be

of genuine value. What emerges is that as with a password of suitable length, breaking

into a building using RFID as physical security through brute force takes time.

Cloning bypasses the problems that might be seen with brute-forcing a given

system and gets to the root of the issue; copying keys, especially physical keys, will

always be a valid path into a building. At its most basic, there are RFID cloning devices

that may capture a single card and emulate it for future use, such as the open-source

RFID tag developed by Ramiro Pareja (2011). At its most complex, there are devices

that are designed to capture, store, and replay RFID tags from up to three feet away

using a weaponized off-the-shelf RFID reader- Francis Brown (2013) described and

provided a how-to for such a device. The problem with cloning as an attack vector is

that it relies upon access to a valid card in order to create a duplicate of it; without

access to the card, this method becomes worthless to a potential attacker.

A final direction of research into bypassing RFID physical security mechanisms is

to attack the backend systems controlling the RFID security device through the interface

itself. Because of the intricate nature of systems and their interactions, RFID as a

transmission medium can be extremely devious. For example, Rieback, Simpson,


10/43


Crispo, et al (2006) wrote an article on how an RFID tag could be coded to inject

shutdown commands into a Structured Query Language (SQL) server. Figure 2

demonstrates an example of this.

Figure 2: RFID as an Attack Surface

Additionally, RFID tags could be used to stage RFID-pathed malware if the backend

server connects to the internet, such as using SQL Injection Attack-based methods to

execute a Trivial File Transfer Protocol-based connection to a host server to download

and execute malware (as additionally shown by Rieback, Crispo, Tanenbaum, 2006). In

the event that an RFID backend server connected to the internet and allowed such an

attack, it could be a gateway for a host of other, deeper attacks- not the least of which

unlocking all doors.


11/43


Information Storage

RFID tags can be used to store information presented upon activation, that being

the basis for the majority of uses. A very high-profile use of RFID as an information

storage device are passports. Nogueira and Greis (2009) outline how RFID chips may

be embedded into passport documentation, and how those chips contain several data

entries, including name, date of birth, a digital photograph of the person, and so forth.

Research into the implementation of these documents shows that they fall victim to

many of the issues that are endemic to the technology itself. Research done by

Koscher, Juels, Brajkovic, and Kohno (2009) suggests that it is currently feasible to

clone the data contained within these RFID tags. Further research suggests that even if

sensitive e-documents applied the currently established standards presented by the

International Civil Aviation Organization regarding encryption that it would not be of

particular worth; it has such low entropy that a laptop could crack the key encrypting an

e-document in a few hours (as presented by Juels, Molnar, Wagner, 2005).

Transactional Use

As evidenced previously by Bono, Green, Juels, et al. (2008), there are

transactional systems that rely upon RFID. There may be a number of very steep

problems with this given the sensitivity of data involved and the risks associated with

leaked data related to financial transactions. There are a number of articles on issues

associated with RFID as a transactional exchange medium, and the challenges

associated. Garfinkel, Juels, Pappu (2005) outlined a number of threats that matter to

all RFID systems- one example includes issues regarding the metadata of the token,

such as the token being sensed in a given location at a given time. Another issue is


12/43


the consequence of association, such as having your identity tied to a token that may be

removed from your presence and again of cloning the device. Kaspar, Silbermann, and

Parr (2010) showed that one may create counterfeit cards that appear legitimate to a

poorly-devised transactional system. In this, there is a capacity to set up cards to have

no value associated with them or conversely, have the capability to set them to a high

value.

In those transactional systems that store the relative worth of the token on a

backend server, the relative security of the token could be increased but research

suggests there are still a number of issues that must be addressed. First generation

contactless cards appeared to have many of the issues that a backend-less system

had. Heydt-Benjamin, Bailey, Fu, et al. (2009) indicated how these issues included

unmitigated replay attacks, the capacity to capture cards through a number of means

such as skimming, eavesdropping, etc., as well as privacy invasion issues due to user

data being stored within the card on the RFID chip. Kristina Paget (2012), during their

Shmoocon presentation, expounded further on the flaws inherent within using RFID as

a financial transaction medium. While each component such as the cards, the readers,

and the transaction protocol, is relatively secure, the system is expected to talk to the

point of sale system. Therefore, it has to effectively dumb itself down to communicate

to these systems. Figure 3 demonstrates this graphically:


13/43


Figure 3: Findings from Pagets 2012 Shmoocon Analysis

Potential Fixes

Given the current implementation of RFID chips and the constraints placed on

them by the nature of their uses, traditional fixes might be taken to securitize fall flat.

However, there is a lot of research dedicated to authentication protocols between

readers and tags as well as encryption methods to prevent the simple eavesdropping of

data between tag and reader. Indeed a good deal of the research texts out there

acknowledge that one of the major failings of RFID is that anyone, with any reader, may

read the data off of a given RFID chip and then use that data for whatever they need to.

The authentication protocol research about RFID has to deal almost exclusively

with mutual authentication schemes. This research primarily deals with using areas

within the RFID tag to store a key. Changes are allowed at the tag level so long as the


14/43


expected response is entered (as shown by the work of Peris-Lopez, Hernandez-

Castro, Tapiador, and Ribagorda, 2006). An example that sums up much of the

research done at a conceptual level can be seen in a paper by Yijuan Luo et al. (2010),

wherein pseudo-random numbers are used to facilitate secure updates between tag and

backend. This in turn reduces the likelihood of bad actors performing tasks on the

tags, e.g., editing data. When it comes to data, the tag will only allow editing by a

reader that presents the proper key to decrypt based on the mutual authorization

schema or tracking them by means of remembering the data they present since the

data changes at each authorization step. A graphical representation of this workflow

can be seen in figure 4:

Figure 4: Overview of WG-7 Cipher


15/43


There are, of course, issues within these proposed resolutions. In 2012, a rather

compelling analysis was done of the stream cipher authentication process presented by

Luo et al. in 2010. Determined by Orumiehchiha, Pieprzyk and Steinfeld (2012), the

mutual authentication schema along with the encryption schema used by Luo et al.

(2010) could be broken with relative ease due to flaws in the protocol itself. Additional

analyses from other teams have shown similar findings with other protocols. A paper

presented by Avoine and Carpent (2013) has shown that these ultralight protocols are

lacking and with one proposed ultralight protocol, the LMAP protocol (as proposed by

Peris-Lopez, Hernandez-Castro, Tapiador and Ribagorda, 2006), an attacker need only

eavesdrop for around 18 sessions on average in order to recover enough of the secret

key to mutually authenticate and begin effectively communicating with the back end

server.

Questions and Takeaways

There are a few questions that must be asked from the standpoint of a security

professional in regards to RFID. For starters, has a focus on cheap technology rendered

a genuinely inferior product for any purpose? Can the issues outlined by researchers

overcome short of re-engineering the product? Further, does its lack of security

necessarily debase it as a tool, provided the understanding of its inherently insecure

nature?

Some very key points to take away from the research is how easy it is to copy

RFID data. Every discussed use of RFID had the same issue, and indeed it could be

argued that every physical system will have this flaw. Another point is that RFID is a

viable attack surface. Several researchers in various fields have shown whether it is


16/43


corporate espionage or malware, without securitizing and streamlining business

processes, misuse and abuse can occur to these systems.

III Methodology and Approach

Logistics Management Walmart and RFID rollout

An article by Violino (2003) cited that Walmart made a bold declaration: to have

its top 100 suppliers place RFID tags on pallets and cases by 2005, meaning roughly 1

billion cases a year would be tagged. Figure 5 shows an example of the style of RFID

tags to be used- passively powered, built in antennas, made to be relatively small and

inexpensive.

Figure 5: Flexible RFID Transponder, taken by Andre Nitsche (2009)

This was a massive change in the process as it was and not only did suppliers have a

tough time meeting this change; Walmart did, as well. An article by Matt Malone (2012)

detailed the pains witnessed on both sides:


17/43


Not only hadn't adoption spread quickly to other retailers and suppliers, Wal-

Mart faced its own issues with implementation, including pushback from suppliers

and technical problems. In the early days, the company's database wasn't big

enough to handle the volume of data generated by the new system. By late 2005,

its ambitions had already been scaled back. Wal-Mart announced that the "next

300" of its top suppliers would begin tagging by 2007-- a far cry from the full

compliance the company spokesman had touted just two years earlier.

The technical challenges presented by RFID implementation are very real. Walmart saw

at the very beginning a key issue with RFID; it generates a lot of data very quickly that

can be difficult to scale. A smart attacker could have used denial of service attacks on

the newly-minted RFID infrastructure itself. As outlined by Mitrokotsa, Rieback, and

Tanenbaums (2010) research on RFID attacks, the intent would be to wreak havoc. If

the RFID application isnt segmented from the standard network, it could lead to a

denial of service across the entirety of the organizations local infrastructure.

Another problem at the time of Walmarts decision to roll out was that the

standards behind RFID and systems to reliably work with the standard were still in a

very formative state. As written in a retrospective piece on Walmarts RFID woes by

Sharon Gaudin (2008), Part of the problem was that the plan was unveiled before the

RFID industry was ready for it, users and analysts said. There were no standards, the

technology was in its infancy, prices were high, and fly-by-night vendors and

consultants littered the industry. With such a large gap in familiarity, it is easy to see

potential issues that could arise in the implementation, such as leaving middleware


18/43


servers vulnerable to SQL injection attacks via RFID as outlined by Rieback, Crispo,

and Tanenbaum (2006) in their work on the subject.

Unfortunately, there are no quick alternatives in the arena of logistics

management. A massive motivator in the use of RFID as a tracking tool continues to be

cost. Palmer (2004) noted a 2004 case study done by the ARC Advisory Group that

determined the average cost for a passive RFID tag was 57 cents, which is what

Walmart wanted instituted. When one takes into consideration the average price for an

RFID tag at that time may very well have been half of the profit from a given crate of

goods, it is easy to see why the adoption of RFID stagnated amongst Walmarts

suppliers. Even today, with prices for possible alternatives such as low-powered

Bluetooth transponders coming down, they cannot meet the significant cost advantage

provided by current RFID chip costs, which RFID Journal (2014) places anywhere

between 7 and 15 cents, depending on volumes ordered. As for the baseline security of

these older deployments of RFID technology, security researchers agree that the focus

was not as much on security as it should have been. According to Craig Schmugar, a

noted threat researcher regarding RFID rollouts around Walmarts time frame, In

general, the impression the companies have is slightly skewed to things being more

secure than they've been proven to be! The emphasis is first on getting the

technology widely deployed, and then security is secondary" (As quoted by Zappone,

2007).

Information Storage E-Documents and Identity Theft


19/43


It is no secret that the United States has become incredibly concerned with

security since the events of September 11, 2001. One such aspect of security is

ensuring that people are whom they say they are, particularly when entering and exiting

the country. It was under this rationale that, in 2007, the United States began issuing e-

passports. In addition to the standard passport, it possesses a small RFID-enabled chip

that stores various information about the individual as well as a digital copy of the

individuals photograph so that it can be ran through facial recognition software at points

of entry (per the U.S. Department of State, 2014). The United States is not the only

country that has adopted the use of RFID-enabled passports. Clary (2012) outlines in

an article that per the International Civil Aviation Organization, 93 of 193 U.N. member

states in 2012 used e-passports with an additional 21 countries deploying the

technology for RFID-enabled passports in the next four years.

It seems at odds that a technology proven to be insecure would be implemented

across the globe. Chris Paget (2009), at Shmoocon V, provided proof of the concept

wherein he was able to pull data from a portion of these e-documents such as

enhanced drivers licenses, at a range of 250 feet and readily clone them. Passports

are a harder to access set of e-documents that often have additional security measures

built into them. As previously shown, these security measures often have such low

entropy that they may be defeated in a matter of hours by a laptop. Cem Paya (2012),

a security researcher, noted how easily one could read the United States passport with

an Android Smartphone. If one were to pay attention to the pages of another persons

passport while they looked it over, for instance, the information contained therein could

be retrieved without issue and the contents harvested. Of further interest is the


20/43


traceability of RFID technology. Chothia and Smirnovs (2010) study indicated that the

data sent back from as well as the time taken to respond to a challenge for each

countrys passport differs. This means that one can determine the nationality of an

individual by passively reading the passport tag.

Physical Security RFID in Transit

Given the speed data is processed via RFID for logistics, which is what drove

Walmart to implement RFID in the previous case, it only makes sense that

organizations would seek to implement it for other mobile bodies, such as people. It

stands to reason that by being able to track access; to know when to let a turnstile

activate and let someone through that the costs of system monitoring could be reduced.

The time needed to process individuals could likewise reduce. One would not need to

look any further than city streets to see RFID in action.

A particularly major rollout of RFID as physical access may be found in Europe.

As of 2011, the Netherlands moved entirely to an RFID-based system for public transit

called OV-Chipkaart (per Trans Link Systems, 2011). Per publically released

documents cited by Martin (2008), the OV-Chipkaart system uses the MIFARE Classic

chipset, which does have cryptographic features that protect it from out-and-out

tampering. These cards are then used to check-in at gates by deducting a boarding

fare. The cards then check-out either after completing the transit or after moving to

another form of transportation. The cards then refund the boarding fare, minus the

amount travelled on the service. The goal is to charge people a rate that is fair based

on the use while offering incentive to users to disclose traffic data (Per Trans Link

Systems, 2014).


21/43


The security community, for lack of a better description, has turned this system

on its head. Before the system rolled out extensively across the Netherlands, Nohl and

Pltz (2007) reported on the cryptographic failings of the MIFARE classic card during

the 2007 Chaos Communication Conference. While Nohl and Pltz did not directly

release the low-level elements of the MIFARE classic card, their work was foundational

for the programmatic defeat of MIFARE classic security features. These failings on

behalf of MIFAREs creator, NXP Semiconductors, allowed for what little security that

the card had to be ripped apart. The Chipkaart-OV system relies on trusted

components to perform authentication and authorization; therefore, an evil actor can

wreak havoc by exploiting systemic weaknesses.

As previously discussed, there are three real inroads on a physical security

system; brute forcing the system, cloning valid access into the system, or attacking the

infrastructure surrounding the RFID system. With the security compromised on the OV-

Chipkaart system, these attacks became not only possible, but extremely well-

documented. Gans, Hoepman, and Garcia (2008) presented within their research that

while brute-forcing is, traditionally, a poor method with regards to bypassing RFID-

based physical security, it was offline brute-forcing where thousands of attacks can be

done per second- as opposed to a few per second- that enabled the attack and damned

the chipset as a whole. As for cloning strategies, there are a number of applications

reported by bloggers such as The Linkielist (2011) that allow for filling up anonymous

Chipkaards once, generating a copy of it, and reverting back to the copy occasionally.

Per the Linkielists (2011) anecdotal coverage of the issue, this is undetectable by the

service. The worst case scenario behind the cloned RFID chip information being


22/43


blacklisted is loss of initial payment. If the system takes too long to catch on to the

clone, it may be irrelevant and long since spent. Another impressive feat is the capacity

to work around the system entirely using the compromised RFID card. Per an article by

Brenno de Winter (2011), an application was made available to edit the data on the

RFID card in order to check-in automatically for a specific time and date. With the use

of this application, the attacker never has to deal with the back end of the infrastructure.

With the information on the card appearing entirely valid, even to conductors who see

the check in time when scanning the card, the fraud is entirely undetectable. Even

more interesting is the escalation and abstraction of these attacks into devices outside

of the OV-Chipkaard, by way of using RFID-capable phones and possibly pulling the

data of legitimate users cards at range (Johnson, 2013).

Transactional Security Credit Where it is Due

With the number of flaws already pointed out in RFID as a technology, it is not

surprising that as a transactional token that RFID makes a less than optimal choice.

Consider the EasyCard system, implemented by the city of Taipei. The EasyCard acts

as a payment card for public transit, which as previously demonstrated by the OV-

Chipkaard system, is insecure. The differentiating factor between the OV-Chipkaard

system and EasyCard is that EasyCard has become significantly more than a transit

card. An article by Mo Yan-chih (2011) describes how the EasyCard may also be used

as an electronic wallet and indeed, the article expresses its expansion from

convenience stores and restaurants to fast food chains and gas stations. Harald Welte

(2010), at the 27thChaos Communication Congress, clearly demonstrated methods by

which values on the card could be increased, decreased, or otherwise, altered by an


23/43


attacker. Financial transactions have far more visibility; for instance, an article by Mo

Yan-chih (2011) describes how an attacker was caught by monitoring transactions and

tracking them down. This goes to show that while the processes by which people

attempt to steal may change, their patterns may not.

A more sophisticated attacker might elect to target credit cards. Given the

research done by Kristina Paget (2012) presented during Shmoocon, a suitably

motivated attacker could hop on a crowded subway with a weaponized card reader and

copy several RFID-enabled credit cards without issue. Once captured, there is a myriad

of things the attacker can do with the information. On the low-end of technical

requirements, the card could be cloned for later use and applied to a single transaction

requiring a CVV. On the technically intricate side of things, Eddie Lee (2012) during

Defcon 20 was able to demonstrate how an attacker could use one smartphone to skim

transactions, transmit that data to another smartphone directly, and use that

smartphones NFC capabilities to activate a genuine card reader to execute a purchase.

A graphical representation of this can be seen in Figure 6.


24/43


Figure 6: Workflow of NFCProxy Application

IV Results

As has been demonstrated in both academic research and reported cases

throughout the world, RFID as a technology is insecure. It is assumed that individuals

perpetrating these crimes are technically savvy. Solutions required to abuse such

systems necessitate experience-building hardware, programming knowledge to make

the hardware act as required, and systems data in order to act on the information

gleaned by the attack.

It has become incredibly easy to perpetrate these attacks, regardless of technical

expertise. In an attempt to debunk the idea that it takes true technical brilliance to

exploit these systems, two paths were taken to achieve the same result. The first path

was the creation of a proof of concept device to scan passive RFID tags. The second

was to see if off-the-shelf technology could present this same effect.


25/43


Proof of Concept Introducing the Arduino

In order to present proof of concept for capturing RFID, an entire technological

base needed to be determined. What voltage should be used? Should it be portable?

How should the device interface for transmitting RFID data from the capturing

component to a computer? How would the antenna for receiving and/or transmitting

RFID data be designed? Fortunately, these questions are easily answered by a wide

range of single-board microcontroller, breakout board, and attached component kits that

have come out in recent years, in the hobbyist sphere. There are too many choices and

configurations for the scope of this discussion, but it should be noted that many

microcontrollers could do everything as required within the above questions.

For the project, an Arduino Uno was selected as the microcontroller base. The

Uno could be powered off of multiple sources such as a USB, a 9V battery, or a

standard 120V wall plug. It could be portable if required and can connect via USB to a

computer to offload data received from components attached to it. A few examples

include breakout boards or stackable attached components commonly referred to as

shields. As for the RFID component, the Adafruit PN532 RFID/NFC shield was chosen.

Firstly, the Adafruit shield operates in the 13.56MHz frequency; this is the same

frequency that all ISO/IEC 14443 compliant contactless cards operate under, which

happens to be the same exact frequency that MIFARE classic and contactless credit

cards operate. This frequency is commonly used for Near Field Communications

(NFC). Secondly, the stackable nature of the shield means that it could be paired with

other shields, such as when a GPS shield determines where a card was scanned or a

Wifi card in a static installation clones cards when they pass a predetermined area and


26/43


pass that data forward. Thirdly, an integrated antenna allowed for testing without

having to design, construct, and integrate an antenna into a proof of concept. An

example of the workflow can be seen below in Figure 7.

Figure 7: POC Use Case

Building, flashing, and testing the Arduino

Courtesy the procurement source, the Arduino came pre-assembled. The shield,

too, came pre-assembled. The real problem was getting the two components joined

together. Fortunately, the components were easily soldered together using techniques

and reading the instructions available on the Adafruit website (Courtesy Adafruit, 2013).

For the sake of keeping the proof of concept on a surface that was non-conductive to

ensure components were not damaged during the various moving, packing, and

unpacking the device might see, it was mounted onto an acrylic base. The finished

result of the soldering and mounting effort can be seen in Figure 8.


27/43


Figure 8: Completed soldiering of POC

Now that the device was assembled, and all components powered on when

plugged in, the next step was to program the microcontroller to do its intended purpose.

One of the key reasons Arduino was chosen for this project was the incredibly robust

Integrated Development Environment (IDE) that is available for it. The development

environment allows the microcontroller on the Arduino to be properly programmed to

our needs. The Adafruit team was even kind enough to provide a sample code for

MIFARE classic card reading. Figure 9 displays an example of the IDE, and an

example of the programming language used on the Arduino itself.


28/43


Figure 9: Arduino IDE

Since the code was provided via the hobbyist community, the next thing to do

was to upload it to the device. The Arduino has an onboard, flashable ROM that is used

to operate the various components of the device. Properly written, it is then compiled

into machine language and uploaded via USB onto the device. Once this is done, the

device becomes usable. Figure 10 shows the expected output from a successful

compile and upload to the device.

Figure 10: Compilation and Uploading to Arduino


29/43


Once the compilation and uploading of the project to the device are complete,

now is the time to test it. The problem with testing is that there is a necessary process

to interface with the Arduino, which turns out to be surprisingly easy. The information

that comes over the Arduino is easily accessible. One option is through the IDEs built-

in serial monitor; a dedicated serial port logging application in the event of using

Windows as your development environment. Another is by using the Linux command

TAIL in a terminal session to capture data from the relevant serial port. It is

recommended to use something other than the built-in serial monitor, as it lacks the

capacity to save results. Once a monitoring/logging method has been chosen, the

device can be adequately tested. Figure 11 displays results from the Arduino running a

Memory Dump application that seeks to pull all of the relevant data off of an MIFARE

card for later cloning.

Figure 11: Results of MIFARE memdump program


30/43


Simplifying the equation 13.56MHz Applications on Smartphones

The amazing thing about technology is a constant push for the integration of

devices. As such, the smartphone has become such a platform for integration. The

phone was once a means to communicate verbally. Now it is used for internet access,

photography, basic computing tasks, video games, and fairly recently-the ability to read

NFC. Googles Android platform was crucial for the implementation of NFC on

smartphones. This was primarily due to the creation of Google Wallet, a digital wallet

that securely store payment information and allows for NFC-based payments

reminiscent of a standard credit card (Per Google, 2014). What this means to a

dedicated attacker is that instead of having to carry around a laptop with attached

antennas, or weaponized reading devices, an attacker need only use their phone to

skim data from potential targets.

With NFC technology integrated into the smartphone, it stands to reason that

there would be a number of applications that would allow for at the very least,

interaction with the medium and at the very most abuse of those real world systems that

rely on NFC. As it turns out, this is true. Eddie Lees (2012) NFCProxy was developed

on Android. For the sake of argument, however; the applications that will be targeted

are those freely available on the Google Play store, meaning no special access is

needed to software or hardware components to use them. While there are a rather

large number of applications that are on the Google Play store that deal with NFC, there

are a few that offer very strong capabilities given the topic at hand.


31/43


At a basic level, there are applications that allow for the creation, reading,

updating, and deletion of data within a given RFID tag. Perhaps the most robust is NFC

Tools by Wakdev (2014). The application quickly reads a given tag and determines

some simple information about it. Figures 12 and 13 demonstrate the base read UI of

NFC Tools, and what happens when the application encounters a tag.

Figures 12, 13: NFC Tools UI

While NFC tag allows for a simple hobbyist to explore NFC and perform tasks, such as

an RFID tag automatically opening a site, it does not give the depth required to capture

and clone RFID.

Enter the Mifare Classic Tool (MCT), developed by IKARUS Projects (2014).

MCT is specifically built to capture anything that an interested party might want from an


32/43


MIFARE classic card, and effectively replaces the Arduino proof of concept for purposes

of capturing, storing, and cloning those stored elements to other cards. The workflow

for cloning cards is relatively simple, as evidenced in figures 14 and 15- choose the

read option, and select the option to read the tag.

Figures 14, 15: MCT Card Mapping Workflow

It is in this way that stealing MIFARE classic data (Such as that used in the previously

mentioned OV-Chipkaard case) becomes a lot like pickpocketing as opposed to what is

traditionally thought of as a technologically-enabled heist.

Once the data has been successfully scanned, the scan results are displayed on-

screen as raw hexadecimal. No decoding need occur, as a full clone of the data on the

RFID chip has been taken- since there are no authentication mechanisms to stop this, it


33/43


is no different from copying a key to a lock. Figures 15 and 16 demonstrate what the

raw hexadecimal output looks like in the application, as well as how the save interface

should appear.

Figures 15, 16: MCT Data Saving

It is through the ability to save the fully dumped MIFARE card that one of the true

exploitive properties of RFID becomes apparent. When a system relies on the RFID

token for subtracting value or to determine the initial status, and the user is able to

create a copy of when the token was valid or had a high value, the entire system

becomes broken and worthless.

The final step of using MCT to clone an MIFARE card is to transfer the data

copied onto another card, or the same card-but after the card has been used and the


34/43


resources tracked have been expended. In order to do this, the Write Tag function of

the software is used; figures 17 and 18 outline this process, which is fairly similar to the

reading process except the need to select the cloned data.

Figures 17, 18: MCT Data Writing

It is with this final step that the flaw of RFID without a challenge and response system,

or any authentication/authorization system becomes apparent. Data is data, and by its

very nature can be copied as many times as desired. One need only a rudimentary

grasp of the application, not even the technologies behind it, to be able to commit theft

and fraud.

These sorts of reading or cloning applications need not be restricted to public

transportation cards. Squareless is an application that allows for the reading of the NFC


35/43


elements inside credit cards (Stephen, 2011). While the user may have needed some

amount of expertise to navigate MCT, Squareless requires very little by comparison.

The application has two real windows, as evidenced by figures 19 and 20, which come

courtesy of the developer (Stephen, 2011), so as not to reveal any genuine card data.

Figures 19, 20: Squareless UI

While the application itself does not have a direct saving feature, the Android OS allows

for easy screenshots. Once a clean scan of the card is taken, the resulting data can be

saved for later use. Whether it means abusing the one-time CVV from RFID-based

transactions through creating a clone later, or using the data to create an amazon

account and purchase goods, the application offers up everything on the card. The

ability to change the distance one needs to be to steal from someone, is remarkable.


36/43


V Summary and Conclusions

There is an abundant amount of evidence that RFID, in its current

implementations across a number of industries, is insecure. In logistics management,

what it provides in convenience of tracking, it takes away in potential for espionage and

operational failure. As a physical token, it has been revealed that RFID offers not only

the ease of cloning, but also allows smart attackers to passively capture new physical

tokens. This effectively allows them to remain anonymous and hard to trace within the

system. As a transactional token, the counter-measures that are currently in place have

substantial weak points that, with a few simple applications that are publically available,

may be exploited.

As a research and case study of RFID as a transactional token showed, the

focus on cheap technology has not rendered a genuinely bad technology. The protocol

transmitted by a given credit card to a card reader is secure; both the card and the

reader are secure elements. As recalled, the failing is in the aforementioned legacy

infrastructure conflicting with the newer technology. What needs to be understood is

that in having to connect to legacy infrastructures, any hope of security is obliterated.

Without removing or reinforcing the legacy infrastructure, which will be of significant cost

to retailers, the loophole that enables credit card skimming will be available for the

foreseeable future.

Does RFID require re-engineering? In many implementations, that answer is yes

due to the focus many institutions have placed on getting costs of individual tags down

over implementing security measures between the tags and the server. That is not to


37/43


say that systems could not be designed with security in mind; using newer tags and

technologies, such as those outlined by Chawla and Robins (2013). The issue comes

down to risk, and the mitigation thereof. It may not be worth it to the business to spend

money securing the entire RFID process. It is in this case that an organization would be

wise to understand the potential failings of the system as-is so that if the system is

compromised; there is a starting point for analysis and possible discovery.

Suggestions for Further Research

RFID as a current platform severely lacks in a secure, low-overhead method by

which authentication of individual tags can be made. Great inroads could be taken in

devising a system that fixes the current challenges faced by modern stream cipher

implementations such as WG-7, or more traditional, but ultra-lightweight authentication

protocols such as LMAP. A particular challenge would be ensuring the standard works

with the EPC Gen 2 standard, which is severely constrained on what it can do,

particularly in terms of space for holding encrypted data of any substantial length.

Further research into the current wave of NFC transactional tokens is another

option. The limits of their protocols and encryption should be tested, and the results

reviewed by the larger community. Kristina Paget (2012), during their Shmoocon talk

on the relative ease of cloning credit cards using NFC as an attack surface due to the

lack of encryption at the last mile. Should this hole be patched, Paget (2012) also

identified the possibility of the protocol being a point of potential exploits in her report. It

is through this analysis, this systemic approach and testing of each link in the chain,

which allows for a protected environment.


38/43


References

Antoniewicz, B. (2011). Proxbrute: taking proxcard cloning to the next level. [e-book]McAfee. http://www.mcafee.com/us/resources/white-papers/foundstone/wp-

proxbrute.pdf [Accessed: 25 Feb 2014].

Avoine, G. & Carpent, X. (2013). Yet another ultralightweight authentication protocol

that is broken. Springer, pp. 20--30.

Bono, S., Green, M., Stubblefield, A., Juels, A., Rubin, A. & Szydlo, M. (2005). Security

analysis of a cryptographically-enabled rfid device. 1 p. 16.

Byers, M., Lofton, A., Vangari-Balraj, A. K. & Thompson, D. R. (2007). Brute force

attack of epcglobal uhf class-1 generation-2 rfid tag. pp. 386--390.

Chothia, T. & Smirnov, V. (2010). A traceability attack against e-passports. Springer, pp.

20--34.

Clary, R. (2012). E-passports spread to half the globe - secureidnews. [online]

Retrieved from: http://secureidnews.com/news-item/e-passports-spread-to-half-the-

globe/ [Accessed: 10 Mar 2014].

De Koning Gans, G., Hoepman, J. & Garcia, F. D. (2008). A practical attack on the

mifare classic. Springer, pp. 267--282.

De Winter, B. (2011). Nieuwste ov-chipkraak maakt zwartrijder onzichtbaar. [online]

Retrieved from: http://webwereld.nl/beveiliging/46076-nieuwste-ov-chipkraak-

maakt-zwartrijder-onzichtbaar [Accessed: 10 Mar 2014].

Duc, D. N., Lee, H. & Kim, K. (2006). Enhancing security of epcglobal gen-2 rfid against

traceability and cloning.Auto-ID Labs Information And Communication University,

White Paper.


39/43


Gaudin, S. (2008). Some suppliers gain from failed wal-mart rfid edict. [online] Retrieved

from:

http://www.computerworld.com/s/article/317207/Some_suppliers_gain_from_failed

_Wal_Mart_RFID_edict [Accessed: 15 Mar 2014].

Google.com. (n.p.). Faq google wallet. [online] Retrieved from:

http://www.google.com/wallet/faq.html [Accessed: 10 Mar 2014].

Hern & Ribagorda (2006). "LMAP: A real lightweight mutual authentication protocol for

low-cost RFID tags", p. 6.

Heydt-Benjamin, T. S., Bailey, D. V., Fu, K., Juels, A. & OHare, T. (2007).

Vulnerabilities in first-generation rfid-enabled credit cards. Springer, pp. 2--14.

Johnston, C. (2013). Dutch public transportation may be hackable with an android

smartphone. [online] Retrieved from: http://arstechnica.com/security/2013/06/dutch-

public-transportation-may-be-hackable-with-an-android-smartphone/ [Accessed: 10

Mar 2014].

Journal, R. (n.d.). Rfid frequently asked question - rfid journal. [online] Retrieved from:

http://www.rfidjournal.com/faq/show?85 [Accessed: 10 Mar 2014].

Juels, A., Molnar, D. & Wagner, D. (2005). Security and privacy issues in e-passports.

Security And Privacy For Emerging Areas In Communications Networks, pp. 74--

88.

Kasper, T., Silbermann, M. & Paar, C. (2010). All you can eat or breaking a real-world

contactless payment system. Financial Cryptography And Data Security, pp. 343--

350.

Koscher, K., Juels, A., Brajkovic, V. & Kohno, T. (2009). Epc rfid tag security

weaknesses and defenses: passport cards, enhanced drivers licenses, and

beyond. pp. 33--42.


40/43


Learn.adafruit.com. (n.d.). Shield wiring | adafruit pn532 rfid/nfc breakout and shield |

adafruit learning system. [online] Retrieved from: http://learn.adafruit.com/adafruit-

pn532-rfid-nfc/shield-wiring [Accessed: 10 Mar 2014].

Lee, E. (2014). Def con 20 - nfc hacking the easy way - eddie lee. [online] Retrievedfrom: https://www.youtube.com/watch?v=55vU9imDMZ4 [Accessed: 10 Mar 2014].

Luo, Y., Chai, Q., Gong, G. & Lai, X. (2010). A lightweight stream cipher wg-7 for rfid

encryption and authentication. pp. 1--6.

Malone, M. (2012). Did wal-mart love rfid to death?. [online] Retrieved from:

http://www.smartplanet.com/blog/pure-genius/did-wal-mart-love-rfid-to-death/

[Accessed: 10 Mar 2014].

Martin, Z. (2008). Nohl: nxp making terrible decision' - secureidnews. [online] Retrieved

from: http://secureidnews.com/news-item/nohl-nxp-making-terrible-decision/


Miri, A., Kirti, C. & Robins, G. (2013).Advanced security and privacy for rfid

technologies. Hershey, PA: Information Science Reference.

Mitrokotsa, A., Rieback, M. R. & Tanenbaum, A. S. (2010). Classification of rfid attacks.

Gen, 15693 p. 14443.

Nitsche, A. (2009). Transponder flexible. [online] Retrieved from:

http://www.123rf.com/photo_6868290_transponder-flexible.html [Accessed: 10 Mar

2014].

Nogueira, M. & Greis, N. (2009). Uses of rfid technology in u.s. identification

documents. Institute For Homeland Security Solutions, Retrieved from:

http://sites.duke.edu/ihss/files/2011/01/Greis_RFIDBrief1.pdf [Accessed: 25 Feb

2014].

Nohl, K. & Pltz, H. (2007). 24c3: mifare. [online] Retrieved from:

http://events.ccc.de/congress/2007/Fahrplan/events/2378.en.html [Accessed: 10

Mar 2014].


41/43


Orumiehchiha, M. A., Pieprzyk, J. & Steinfeld, R. (2011). Cryptanalysis of wg-7 (a

lightweight stream cipher for rfid encryption). IACR Cryptology Eprint Archive, 2011

p. 687.

Ov-chipkaart.nl. (n.p.). Ov-chipkaart - strippenkaart weg. [online] Retrieved from:

https://www.ov-chipkaart.nl/nieuws/nieuwsoverzicht/strippenkaart_weg?pagina=5


Ov-chipkaart.nl. (n.p.). Ov-chipcard - how does travelling work?. [online] Retrieved from:

https://www.ov-chipkaart.nl/reizen/gebruikovchipkaart/?taal=en [Accessed: 10 Mar

2014].

Paget, C. (2009). Shmoocon 2009 - edl-paget.m4v. [online] Retrieved from:

https://www.youtube.com/watch?v=6xQ-iVvf91w [Accessed: 10 Mar 2014].

Paget, K. (2012). Shmoocon 2012: credit card fraud: the contactless generation. [video

online] Available at: https://www.youtube.com/watch?v=HRXb-FZ6WFM

[Accessed: 25 Feb 2014].

Palmer, W. (2004). Understanding the impact of rfid on retail. Loss Prevention, pp. 42-

48.

Pareja, R. (2009). Schematics and firmwares. [online] Retrieved from:

http://www.t4f.org/projects/open-rfid-tag/schematics-and-firmwares/ [Accessed: 25

Feb 2014].

Peris-Lopez, P., Hern, Ez-Castro, J. C., Est'Evez-Tapiador, J. M. & Ribagorda, A.

(2006). Lmap: a real lightweight mutual authentication protocol for low-cost rfid

tags. p. 6.

Play.google.com. (2014). Nfc tools. [online] Retrieved from:

https://play.google.com/store/apps/details?id=com.wakdev.wdnfc [Accessed: 10

Mar 2014].


42/43


Play.google.com. (2014). Mifare classic tool - mct. [online] Retrieved from:

https://play.google.com/store/apps/details?id=de.syss.MifareClassicTool


Play.google.com. (2011). Squareless. [online] Retrieved from:

https://play.google.com/store/apps/details?id=com.noSquare [Accessed: 10 Mar

2014].

Rieback, M. R., Crispo, B. & Tanenbaum, A. S. (2006). Rfid malware: truth vs. myth.

Security & Privacy, IEEE, 4 (4), pp. 70--72.

Rieback, M. R., Crispo, B., Tanenbaum, A. S. & Others (2006). The evolution of rfid

security. IEEE Pervasive Computing, 5 (1), pp. 62--69.

Rieback, M. R., Simpson, P. N., Crispo, B. & Tanenbaum, A. S. (2006). Rfid malware:

design principles and examples. Pervasive And Mobile Computing, 2 (4), pp. 405--

426.

Robin.tripany.com. (2011). Ov chipkaart hacked, software available @ the linkielist.

[online] Retrieved from: http://robin.tripany.com/blog/hacks/ov-chipkaart-hacked-

software-available/ [Accessed: 10 Mar 2014].

Sachgau, O. (2013). Protect new passport from hackers: expert. [online] Retrieved from:

http://www.winnipegfreepress.com/local/protect-new-passport-from-hackers-expert-

222921521.html [Accessed: 03 Mar 2014].

SIMSON, L., Juels, A. & Pappu, R. (2005). Rfid privacy: an overview of problems and

proposed solutions. IEEE Security & Privacy, 3 (3), pp. 34-43.

Travel.state.gov. (2014). Frequently asked questions. [online] Retrieved from:

http://travel.state.gov/content/passports/english/passports/FAQs.html#ePassport


Violino, B. (2003). Wal-mart expands rfid mandate - rfid journal. [online] Retrieved from:

http://www.rfidjournal.com/articles/view?539 [Accessed: 15 Mar 2014].


43/43


Welte, H. (2010). Reverse engineering a real-world rfid payment system. [online]

Retrieved from: http://www.madchat.fr/bricolo/RFID/easycard.pdf [Accessed: 10

Mar 2014].

Yan-Chih, M. (2011). Taipei easycard corporation to expand use of cards - taipei times.

[online] Retrieved from:

http://www.taipeitimes.com/News/taiwan/archives/2011/04/08/2003500219


Yan-Chih, M. (2011). Young engineer hacked into easycard, police say - taipei times.

[online] Retrieved from:

http://www.taipeitimes.com/News/taiwan/archives/2011/09/28/2003514388


Zappone, C. (2007). Rfid backlash gains momentum, from states up - may. 21, 2007.

[online] Retrieved from: http://money.cnn.com/2007/05/21/technology/rfid/index.htm


Zhu hun Technlogy Laboratory. (n.d.). Pyramid series wiegand data format. [online]

Retrieved from: http://www.zhlab.cn/technique/T0000006.htm [Accessed: 25 Feb

2014].