RSS feed
A team of three researchers reports that they have been able to break the encryption scheme used in many RFID cards, including the "Charlie Card" which acts as a stored-value ticket for Boston's transit system.
A press release issued by the University of Virginia said Nohl's research team obtained the same kind of chip, then used abrasives to scrape away the chip layer by layer. By examining the chip circuitry, they were able to figure out the encryption algorithm it uses and found weaknesses that made it easy to break. Next, the team was able to use commercially available RFID readers to capture data from any RFID-equipped cards that came within range. They could then decrypt the data on those cards and copy them. Nohl said that his team needed only about $1,000 worth of equipment to dismantle the chip and crack the code.
NXP Semiconductors, the maker of the chip, claims that there are other security layers which have not been cracked. According to another report, NXP also says that the chip which was crack