Cloning a VeriChip

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • bascule
    omgpwnies!
    • Jul 2003
    • 1946
    #1

    Cloning a VeriChip

    Yes, just because something's subdermally implanted doesn't make it secure:

    http://cq.cx/verichip.pl

    Been reading all sorts of crazy stories about these recently. I'd hate to have a subdermally implemented security measure get compromised and then go obsolete...

    Some background:
    http://www.chron.com/disp/story.mpl/...s/3656833.html
    http://sf.indymedia.org/news/2006/02/1724563.php
    http://www.chicagotribune.com/techno...technology-hed
    45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
    45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
    [ redacted ]
    Tags: None
    • renderman
      Notorious Canadian Hacker
      • Mar 2003
      • 1428
      #2
      Realativly old news. Any ID only chip without any cryptographic functions is stupidly
      easy to clone. Johnathan's device just proves how easy it is.

      Might want to checkout http://www.spychips.com/
      Never drink anything larger than your head!





        Comment

        • bascule
          omgpwnies!
          • Jul 2003
          • 1946
          #3
          Needs more HMAC-driven challenge/response
          45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
          45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
          [ redacted ]

            Comment

            • renderman
              Notorious Canadian Hacker
              • Mar 2003
              • 1428
              #4
              Originally posted by bascule
              Needs more HMAC-driven challenge/response

              Problem is the limited computing power on the chip, limits the kinds of crypto that can be done. Usually what happens is some half-baked proprietary scheme gets used and eventually broken, as in the case of Exxon/Mobil Speedpass tags (http://www.rfidanalysis.org)
              Never drink anything larger than your head!





                Comment

                • bascule
                  omgpwnies!
                  • Jul 2003
                  • 1946
                  #5
                  I would think that if these devices are RF powered, the amount of power required to compute a secure challenge/response algorithm would be the biggest concern. But of course, the energy requirements ultimately limit the computing power which is of course the ultimate bottleneck in algorithm selection.
                  45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
                  45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
                  [ redacted ]

                    Comment

                    Previous template Next
                    Working...