Welcome to the resource topic for 2006/054
Title:
How to Build a Low-Cost, Extended-Range RFID Skimmer
Authors: Ilan Kirschenbaum, Avishai Wool
Abstract:Radio-Frequency Identifier (RFID) technology, using the ISO-14443
standard, is becoming increasingly popular, with applications like
credit-cards, national-ID cards, E-passports, and physical access
control. The security of such applications is clearly critical. A
key feature of RFID-based systems is their very short range: Typical
systems are designed to operate at a range of 5-10cm. Despite this
very short nominal range, Kfir and Wool predicted that a rogue
device can communicate with an ISO-14443 RFID tag from a distance of
40-50cm, based on modeling and simulations. Moreover, they claimed
that such a device can be made portable, with low power
requirements, and can be built very cheaply. Such a device can be
used as a stand-alone RFID skimmer, to surreptitiously read the
contents of simple RFID tags. The same device can be as the
``leech’’ part of a relay-attack system, by which an attacker can
make purchases using a victim’s RFID-enhanced credit card—despite
any cryptographic protocols that may be used.
In this study we show that the modeling predictions are quite
accurate. We show how to build a portable, extended-range RFID
skimmer, using only electronics hobbyist supplies and tools. Our
skimmer is able to read ISO-14443 tags from a distance of
~25cm, uses a lightweight 40cm-diameter copper-tube
antenna, is powered by a 12V battery—and requires a
budget of ~$100. We believe that, with some more effort, we can
reach ranges of ~35cm, using the same skills, tools, and
budget.
We conclude that (a) ISO-14443 RFID tags can be skimmed from a
distance that does not require the attacker to touch the victim;
(b) Simple RFID tags, that respond to any reader, are immediately
vulnerable to skimming; and (c) We are about half-way toward a
full-blown implementation of a relay-attack.
ePrint: https://eprint.iacr.org/2006/054
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .