Today vonJeek/THC released his tool and a video how to duplicate (clone) and modify a Passport with RFID chip. http://freeworld.thc.org/thc-epassport/ The weakness is in the way the system has been rolled out. The terminal accepts self-signed data. This attack is different to the grunwald attack. VonJeek's attack makes it possible to copy, forge and modify the data so that it is still accepted as a genuine valid passport by the terminal. Using a Certification Authority (CA) could solve the attack but at the same time introduces a new set of attack vectors:
The Risk of ePassports and RFID | rfidied.com
Posted by himangim under TechnologyFrom http://www.rfidied.com 5594 days ago
Who Voted for this Story
Subscribe
“Rachel: Great to hear! Thanks for your kind words! :)
All the Best,
Martin...”
“Thank you, Martin. That's a fantastic motto... and I couldn't agree more!...”
“Lisa: Good to hear! Thanks for your response....”
“For sure, I know I did years ago when I was working for others....”
“Lisa: I wonder if they potential employee is doing a background check on...”
Comments