Title

A spoofing attack against an EPC class one RFID system

Document Type

Conference Proceeding

Publisher

Centre for Security Research, Edith Cowan University

Faculty

Computing, Health and Science

School

Computer and Security Science, Centre for Security Research

RAS ID

9319

Comments

Originally published as: Bolan, C. (2009, December). Spoofing Attack Against an EPC Class One RFID System. In Australian Information Security Management Conference (p. 18-23). Original article available here

Abstract

In computing the term spoofing historically referred to the creation of TCP/IP packets using another device's valid IP address to gain an advantage. The Electronic Product Code (EPC) RFID system was investigated to test the efficacy of spoofing a valid tag response to basic requests. A radio frequency transmission device was constructed to determine whether a valid reader could distinguish between the response of an actual tag and a spoofed response. The results show that the device was able to successfully deceive the EPC reader and further, to replace actual tag responses with a spoofed response. The potential for such attacks against inventory systems using the EPC standard would be significant in terms of both operational and actual costs.

DOI

10.4225/75/57b3fd0830de6

Access Rights

free_to_read

 
COinS
 

Link to publisher version (DOI)

10.4225/75/57b3fd0830de6