Document Type

Conference Proceeding

Publisher

CSREA Press

Faculty

Faculty of Computing, Health and Science

School

School of Computer and Security Science

RAS ID

14359

Comments

This article was originally published as: Bolan, C. M. (2012). Utilizing the RFID LOCK Command Against Multiple Targets. Proceedings of International Conference on Security and Management. (pp. 695-697). Las Vegas, Nevada, USA. CSREA Press. Original article available here

Abstract

An unlocked Electronic Product Code (EPC) tag allows for issuance of most commands without the need for any authorization. This means that a system with unlocked tags would allow any attacker to modify tag data at will, whilst also opening the door to a range of other misuse. One possible avenue of active misuse against unlocked tags would be to issue LockID commands and ‘permanently’ lock some or all of a system‘s RFID tags. As this attack is simply an issuance of a valid command it fits firmly in the category of an active misuse and could also be considered a limited form of DoS as future valid commands would be ignored and limit or cripple the functionality of a system dependent on operation. This paper details an experiment using the LockID command to lock multiple tags within range.

Access Rights

free_to_read

Share

 
COinS