Range extension attacks on contactless smart cards

Yossef Oren, Dvir Schirman, Avishai Wool

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

The security of many near-field RFID systems such as credit cards, access control, e-passports, and e-voting, relies on the assumption that the tag holder is in close proximity to the reader. This assumption should be reasonable due to the fact that the nominal operation range of the RFID tag is only few centimeters. In this work we demonstrate a range extension setup which breaks this proximity assumption. Our system allows full communications with a near-field RFID reader from a range of 115cm - two orders of magnitude greater than nominal range - and uses power that can be supplied by a car battery. The added flexibility offered to an attacker by this range extension significantly improves the effectiveness and practicality of relay attacks on real-world systems.

Original languageEnglish
Title of host publicationComputer Security, ESORICS 2013 - 18th European Symposium on Research in Computer Security, Proceedings
Pages646-663
Number of pages18
DOIs
StatePublished - 2013
Event18th European Symposium on Research in Computer Security, ESORICS 2013 - Egham, United Kingdom
Duration: 9 Sep 201313 Sep 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8134 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference18th European Symposium on Research in Computer Security, ESORICS 2013
Country/TerritoryUnited Kingdom
CityEgham
Period9/09/1313/09/13

Keywords

  • Contactless smart card
  • ISO/IEC 14443
  • RFID
  • Relay attack

Fingerprint

Dive into the research topics of 'Range extension attacks on contactless smart cards'. Together they form a unique fingerprint.

Cite this