izpis_h1_title_alt

Orodje za izvajanje rele napada nad sistemi RFID/NFC
ID Burja, Andrej (Author), ID Bulić, Patricio (Mentor) More about this mentor... This link opens in a new window, ID Jelenc, David (Co-mentor)

.pdfPDF - Presentation file, Download (9,55 MB)
MD5: C76B37797BA90775267FF42E0DA5DCB8

Abstract
Rele napad je razširitev dosega med značko in čitalcem. Napadalec lahko z dvema namenskima napravama podaljša doseg delovanja sistema RFID/NFC. Eno napravo prisloni na strani pristne značke, drugo napravo pa na strani čitalca. Škodljivi napravi skrbita, da gre vsa komunikacija, ki si jo izmenjata čitalec in značka, prek njiju. V tem delu smo raziskali različne možnosti izvedbe rele napada in v skladu z ugotovitvami izdelali svoje orodje za izvajanje rele napada. Med izvajanjem rele napada lahko komunikacijo tudi spreminjamo in dodajamo, lahko tudi z namenom, da pridobimo več časa, kar je pri izvajanju rele napada ključnega pomena. Naše orodje najbolje deluje pri standardu ISO/IEC 14443-4A, ki se v praksi tudi najpogosteje pojavlja. Škodljivi napravi med seboj komunicirata preko brezžične povezave. Za upravljanje našega orodja smo izdelali tudi uporabniški vmesnik, preko katerega lahko tudi spreminjamo nastavitve, gledamo zgodovino komunikacije, beremo dogodke itn. Na koncu smo orodje testirali na nekaj sistemih, ki se uporabljajo v praksi. Pri testiranjih smo merili čas in tako izmerili zakasnitev, ki jo za izvedbo napada povzroča naše orodje. Testirali smo tudi, kolikšne so največje zakasnitve, ki nam jih dovoljujejo posamezni sistemi in ugotovili, da so v nekaterih primerih te tako visoke, da lahko komunikacijo zakasnimo za več sekund.

Language:Slovenian
Keywords:rele napad, MITM, NFC, RFID, Proxmark
Work type:Master's thesis/paper
Typology:2.09 - Master's Thesis
Organization:FRI - Faculty of Computer and Information Science
Year:2022
PID:20.500.12556/RUL-143225 This link opens in a new window
COBISS.SI-ID:136683523 This link opens in a new window
Publication date in RUL:08.12.2022
Views:466
Downloads:53
Metadata:XML RDF-CHPDL DC-XML DC-RDF
:
Copy citation
Share:Bookmark and Share

Secondary language

Language:English
Title:A tool for performing relay attacks on RFID/NFC systems
Abstract:
A relay attack is an attack where the attacker extends the communication range of an RFID/NFC system. The attack usually involves two dedicated and malicious devices, one on the side of the actual tag, and the other on the side of the actual reader; the first pretends to be a reader, the second to be a tag. The two devices then communicate and thus bridge the physical gap between the actual tag and the actual reader. We investigated various possibilities for implementing a relay attack and, based on the findings, created our own tool for performing them. The tool can modify exchanged messages and thus gain additional time; a crucial capability in such attacks. The tool works best with most common systems in practice, that is, those based on ISO/IEC 14443-4A standard. In our solution, the malicious devices communicate via a wireless connection. We have also created a graphical user interface through which one can change settings, view communication history, read logs, etc. Finally, we tested the tool on a few real-world systems. We measured the delay that an attack introduces, and we probed systems for the maximum delays allowed. We found that in some cases these are so high that we can delay communication by several seconds.

Keywords:relay attack, MITM, NFC, RFID, Proxmark

Similar documents

Similar works from RUL:
Similar works from other Slovenian collections:

Back