• všechny e-ziny od 9/1999
  • celou databázi NEWS
  • soutěže 2000-2011
  • další články a BONUSY

Security - News


Crypto - News | Security - News

09 / 2006
Vybrali pro vás: TR - Tomáš Rosa, JP - Jaroslav Pinkava, PV - Pavel Vondruška, VK - Vlastimil Klíma

Ke klonování RFID

V ?lánku je komentována nedávno publikovaná studie (jejími autory jsou John Halamka, Ari Juels, Adam Stubblefield, studie byla vydaná v Journal of the American Medical Informatics Association, dostupná je jen p?edplatitel?m).

Abstrakt studie:
The VeriChipTM is an Radio-Frequency Identification (RFID) tag produced commercially for implantation in human beings. Its proposed uses include identification of medical patients, physical access control, contactless retail payment, and even the tracing of kidnapping victims. As we explain, the VeriChip is vulnerable to simple, over-the-air spoofing attacks. In particular, an attacker capable of scanning a VeriChip, eavesdropping on its signal, or simply learning its serial number can create a spoof device whose radio appearance is indistinguishable from the original. We explore the practical implications of this security vulnerability. We argue that: 1. The VeriChip should serve exclusively for identification, and not authentication or access control. 2. Paradoxically, for bearer safety a VeriChip should be easy to spoof; an attacker then has less incentive to coerce victims or extract VeriChips from victims' bodies.
Zdroj: http://www.rfidjournal.com/article/articleview/2607/1/1/
Autor: JP

<<- novější - Ajax - prevence exploit?
Bruce Schneier - Co to znamená - být hackerem? - starší ->>
Design: Webdesign