Decoding RFID: A comprehensive overview of security, attacks, and the latest innovations

RFID reverse engineering has seen significant advancements, yet a comprehensive overview of the field remains scattered across research and practitioner communities. Here the authors presents a structured survey of existing RFID technologies, encryption protocols, and known attack methodologies. Take the opportunity to listen to both Kirils’ practical experiences and the deep insights of Iceman when it comes to RFID hacking.

The talk will cover: 1) An overview of RFID types, including both low-frequency (LF) and high-frequency (HF) cards, briefly touching upon ultra-high-frequency (UHF) systems as well. 2) A breakdown of encryption protocols used in RFID security, highlighting their strengths and weaknesses. 3) A review of documented attacks, including cloning, sniffing, relay, cryptographic, and side-channel techniques.

Additionally, analysis of the latest developments in magic RFID cards will be presented. Findings are based on an aggregation of academic research, industry reports, and hands-on testing of RFID systems in real-world environments.

About the Speakers

Kirils Solovjovs

Kirils Solovjovs is Latvia’s leading white-hat hacker and IT policy activist, renowned for uncovering and responsibly disclosing critical security vulnerabilities in both national and international systems. Kirils started programming at age 7 and by grade 9 was spending his lunch breaks writing machine code directly in a hex editor. With deep expertise in network flow analysis, reverse engineering, social engineering, and penetration testing, he has significantly contributed to cybersecurity advancements. Notably, Kirils developed the jailbreak tool for MikroTik RouterOS and played a pivotal role in creating e-Saeima, enabling the Latvian Parliament to conduct a fully remote legislative process, the first of its kind globally. He currently serves as the lead researcher at Possible Security and as a research assistant at the Institute of Electronics and Computer Science.

Iceman

Christian Herrmann, better known throughout the hacker community as “Iceman”, is a co-founder of AuroaSec, RRG and helped produce many of the most common RFID research tools available today including the Proxmark3 RDV4, and Chameleon Mini. He is an RFID hacking and Proxmark3 evangelist, serving the RFID community as both forum administrator and major code-contributor alongside other community developers since 2013. He has spoken at hacker conferences around the world including Black Hat Asia, DEF CON, NullCon, Pass-the-Salt, BlackAlps and SaintCon

He has provided bespoke software development services for over 14 years specializing in .NET platforms, and is a Certified MCPD Enterprise Architect.

Christian Hermann has nearly unmatched knowledge of Proxmark3 architecture and a variety of RFID technologies, and was an instructor for the Red Team Alliance (RTA) during which also included Black Hat trainings.