Manufacturers and governments recently have begun to take notice of a University Engineering graduate student's research that cracked the encryption code on radio frequency identification chips, commonly used in wireless security passes and subway cards.
NXP Semiconductors, a company founded by Philips and producer of the RFID Mifare subway technology, announced Wednesday that an improved, more secure chip will be available next year, Nohl said.
Computer Science Prof. David Evans, who is Engineering graduate student Karsten Nohl'sfaculty adviser, said Nohl and two German collaborators hoped that "by understanding why systems fail, people will learn how to build more secured systems."
With less than $1,000 worth of equipment and a computer, Nohl's research team was able to study the inner circuits of the chip by rubbing off the outer layers with sandpaper and found the cryptographic algorithm that only the manufacturing company is supposed to know, Nohl said. The discovery of the insufficiently guarded information uncovers the possible threat of criminal activity.
"We don't want to help [criminals break the code]," Nohl said. "We would rather see this technology disappear."
Its removal would demand international cooperation. According to Nohl, RFID chips are universally used in fare cards, multiple security levels at German military weapons storage facilities, chemical plants, telecommunications hubs and in student ID cards. He noted that the University, however, chose to opt out of using this wireless technology in favor of traditional swipe cards for dorm security.
While Nohl is concerned by the chip's vulnerabilities, he said the larger threat exists when hackers can use the chip to access personal information through tools such as wiretapping.
News of the cracked encryption has begun to travel. The Dutch government was the first to examine Nohl's research independently, Nohl said, and though it originally determined it would be too expensive for anyone to break into its subway system, after reading Nohl's research, it has begun encouraging widespread migration to other technologies.
The Dutch government is also pushing for open discussions among universities, manufacturers and governments when designing RFID cards for public use, he noted.
"We couldn't dream of that as an outcome," Nohl said of the speedy international response.
Nohl will continue his research on building better cryptology, part of which involves revealing the vulnerabilities of different encryption codes. Nohl will next research credit cards in search of a constructive counterpart, he said.
Read More
Students say package deliveries are unpredictable on 14th Street
By Lauren Seeliger | 59 minutes agoStudents say delivery drivers are careless when placing packages on doorsteps, sometimes resulting in delivery to an entirely wrong building.
From the Archives: Celebration and Reflection (4/28 - 5/4)
By Clara Franklin and Annabelle Nee | 15 hours agoFrom The Purple Shadows breaking into the Dean of Students’s office to multiple student athletes accused of honor code violations, the graduating class’s four years were a wild ride.
PBS NewsHour correspondent speaks on bringing humanity to international conflict
By Grace Little | 2 days agoSchifrin's work exploring Putin’s Russia, his coverage of COVID-19 and his reporting in Afghanistan and Ukraine have earned him various accolades.
