The team that produced the RFDump research/hacker tool for cloning and altering data stored on radio-frequency ID tags has now come out with a product to thwart RFID hackers.
German security researcher Lukas Grunwald, who made headlines two years ago for uncovering security vulnerabilities in new electronic passports being adopted by the U.S. and other countries, created RFDump with colleague Boris Wolf in 2004.
Now the two have created RF-Wall (shown on the lower shelf in the picture at right) to help thwart RFID fraud and attacks against e-passports, electronic access cards and payment cards -- such as the Mifare Classic card that is used in the London Underground and which security researchers recently cracked.
The device, which Grunwald and Wolf are producing for their new California-based company NeoCatena, is a hybrid firewall and intrusion-detection system that sits between an RFID reader and its back-end system. It's designed to detect counterfeit and cloned RFID chips and prevent an attacker from injecting malware into a back-end system with a rogue RFID chip. They'll be debuting the device this week at the RFID Journal Live conference in Las Vegas but gave me a demonstration of it this weekend.
The box can be loaded with virus signatures to detect known types of attacks and uses heuristics to detect other malicious activity, such as generic SQL-injection attacks (such as the one that appears in the screenshot above right). The device can be restricted to read only RFID cards that have specific serial numbers and reject all others. It also can be used to digitally sign chips so that any chips that are altered after being issued are rejected by the RFID reader. The system uses the HMAC algorithm for the digital signature. Grunwald and Wolf hold a patent on the use of HMAC with RFID technology.
No comments:
Post a Comment