12 August 2007

Crashing e-passport readers

An RFID expert named Lukas Grunwald presented some interesting research at the recent DefCon. Grunwald was able to read the data from the RFID tag in a US passport, clone it on a writable RFID chip, and replace the image data (the e-passport RFID tag data includes a JPEG2000-format version of the passport's owner). The new image data contained a buffer overflow exploit which Grunwald demonstrated was able to crash two RFID readers. Grunwald's point is that if the readers can be crashed by altering RFID data, the readers could probably also be exploited to do things like approving an expired passport or altering what a customs official would see on his/her screen after scanning the passport.

No comments: