SlideShare ist ein Scribd-Unternehmen logo

160110_ChameleonMini_history_smaller.pdf

C
christopheradams878824

history of chameleon mini

Technologie
1 von 19
Downloaden Sie, um offline zu lesen
A Multifunctional RFID/NFC Tool A Bit of History
2 2006: Coffee Cup Tag Emulator
3 2006: Coffee Cup Tag Emulator 1. Antenna Design
4 2006: Coffee Cup Tag Emulator 2. Load Modulation
7 2007: Fake Tag
8 2010: The Primal- A Versatile Emulator for Contactless Smartcards  Mifare Classic: Crypto1 stream cipher  Mifare DESFire MF3ICD40: Auth. with (3)DES  Mifare DESFire EV1: Auth. with AES-128, (3)DES  … and other ISO14443 / ISO15693 cards Atmel ATXmega
9 2013: Rev.D
10 2014: Rev.E open source project: https://github.com/emsec/ChameleonMini • 8 card slots • Breakable antenna • Improved USB command set • Widespread
11 Rev.E Block Diagram of Hardware
12 Rev.E Block Diagram of Firmware
13 Rev.E is not enough… Testing FRAM and ATXMega128A4U
14 Rev. F • FRAM • Li-Ion Battery • (Basic) RFID Reader • ISO 14443/15693 • Sniffing • Log Mode
15 Rev.F Log Mode / Sniffing • Emulation: monitor RFID reader and Chameleon • Sniffing: Chameleon is „invisible“ during recording • Precise time stamps • Live logging
16  Virtual wallet with up to eight cards  User-definable token for access control  upgrade of (cryptographic) algorithms possible  Compliance tests (in fab)  Functional tests with NFC door lock systems  Pentesting/Fuzzing of RFID/NFC Readers: send unexpected data  buffer overflow, …  Power-switch: effective privacy protection/ Relay-attack countermeasure (user interaction)  Research / teaching (RFID / NFC / lightweight crypto)  …. Some Use Cases
17 as a Flight Recorder 1. System in test mode (everything is allowed)  Record and analyze all communication  Distinguish normal behavior / attacks / bugs / user errors 2. Block all unwanted actions 3. System in „normal operation“ mode  Keep track of further errors and react
18 Creative Usage of (Florian Bache @ RUB)
19 Long Range ISO14443 Contactless Card
20 A Useful Book: (NFC Tag Range Extension: more than 70cm)
21 Thanks for supporting the ChameleonMini project!

Empfohlen

Rooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valero
Rooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valeroRooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valero
Rooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valero
RootedCON
 
RFID Security Module
RFID Security ModuleRFID Security Module
RFID Security Module
cgvwzq
 
amrapali builders@@sub way hacking.pdf
amrapali builders@@sub way hacking.pdfamrapali builders@@sub way hacking.pdf
amrapali builders@@sub way hacking.pdf
amrapalibuildersreviews
 
Introduction to Bus Pirate - Presentation
Introduction to Bus Pirate - PresentationIntroduction to Bus Pirate - Presentation
Introduction to Bus Pirate - Presentation
Fernando Muñoz
 
SBC6020 SAM9G20 based Single Board Computer
SBC6020 SAM9G20 based Single Board ComputerSBC6020 SAM9G20 based Single Board Computer
SBC6020 SAM9G20 based Single Board Computer
yclinda666
 
An Overview Study on AVR32UC3 MCU: AT32UC3A3256
An Overview Study on AVR32UC3 MCU: AT32UC3A3256 An Overview Study on AVR32UC3 MCU: AT32UC3A3256
An Overview Study on AVR32UC3 MCU: AT32UC3A3256
Premier Farnell
 
Arduino Model's
Arduino Model'sArduino Model's
Arduino Model's
Ali Izmir
 
Computer Maintanance
Computer MaintananceComputer Maintanance
Computer Maintanance
Mostafa Elgamala
 

Empfohlen

Rooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valero
Rooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valeroRooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valero
Rooted2020 roapt evil-mass_storage_-_tu-ya_aqui_-_david_reguera_-_abel_valero
RootedCON
 
RFID Security Module
RFID Security ModuleRFID Security Module
RFID Security Module
cgvwzq
 
amrapali builders@@sub way hacking.pdf
amrapali builders@@sub way hacking.pdfamrapali builders@@sub way hacking.pdf
amrapali builders@@sub way hacking.pdf
amrapalibuildersreviews
 
Introduction to Bus Pirate - Presentation
Introduction to Bus Pirate - PresentationIntroduction to Bus Pirate - Presentation
Introduction to Bus Pirate - Presentation
Fernando Muñoz
 
SBC6020 SAM9G20 based Single Board Computer
SBC6020 SAM9G20 based Single Board ComputerSBC6020 SAM9G20 based Single Board Computer
SBC6020 SAM9G20 based Single Board Computer
yclinda666
 
An Overview Study on AVR32UC3 MCU: AT32UC3A3256
An Overview Study on AVR32UC3 MCU: AT32UC3A3256 An Overview Study on AVR32UC3 MCU: AT32UC3A3256
An Overview Study on AVR32UC3 MCU: AT32UC3A3256
Premier Farnell
 
Arduino Model's
Arduino Model'sArduino Model's
Arduino Model's
Ali Izmir
 
Computer Maintanance
Computer MaintananceComputer Maintanance
Computer Maintanance
Mostafa Elgamala
 
Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64
Scala Italy
 
Dsp on an-avr
Dsp on an-avrDsp on an-avr
Dsp on an-avr
Vikash Kumar
 
System unit and ip cycle
System unit and ip cycleSystem unit and ip cycle
System unit and ip cycle
Atif Nauman
 
Computer Generation
Computer GenerationComputer Generation
Computer Generation
Adeel Malik
 
Cyclone II FPGA Overview
Cyclone II FPGA OverviewCyclone II FPGA Overview
Cyclone II FPGA Overview
Premier Farnell
 
9.atmel
9.atmel9.atmel
9.atmel
Stefano Basile
 
Practical reverse engineering and exploit development for AVR-based Embedded ...
Practical reverse engineering and exploit development for AVR-based Embedded ...Practical reverse engineering and exploit development for AVR-based Embedded ...
Practical reverse engineering and exploit development for AVR-based Embedded ...
Alexander Bolshev
 
Brochure (2016-01-30)
Brochure (2016-01-30)Brochure (2016-01-30)
Brochure (2016-01-30)
Jonah McLeod
 
Electronics Microcontrollers for IoT applications
Electronics Microcontrollers for IoT applicationsElectronics Microcontrollers for IoT applications
Electronics Microcontrollers for IoT applications
Leopoldo Armesto
 
Pc based wire less data aquisition system using rf(1)
Pc based wire less data aquisition system using rf(1)Pc based wire less data aquisition system using rf(1)
Pc based wire less data aquisition system using rf(1)
Vishalya Dulam
 
A 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFCA 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFC
Slawomir Jasek
 
CONFidence 2018: A 2018 practical guide to hacking RFID/NFC (Sławomir Jasek)
CONFidence 2018: A 2018 practical guide to hacking RFID/NFC (Sławomir Jasek)CONFidence 2018: A 2018 practical guide to hacking RFID/NFC (Sławomir Jasek)
CONFidence 2018: A 2018 practical guide to hacking RFID/NFC (Sławomir Jasek)
PROIDEA
 
A 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFCA 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFC
SecuRing
 
Virtual Twins: Modeling Trends and Challenges Ahead
Virtual Twins: Modeling Trends and Challenges AheadVirtual Twins: Modeling Trends and Challenges Ahead
Virtual Twins: Modeling Trends and Challenges Ahead
Brain IoT Project
 
O meu futuro PC
O meu futuro PCO meu futuro PC
O meu futuro PC
mjscampinho
 
Microcontroller from basic_to_advanced
Microcontroller from basic_to_advancedMicrocontroller from basic_to_advanced
Microcontroller from basic_to_advanced
Imran Sheikh
 
Republic of IoT - Hackathon Hardware Kits Hands-on Labs
Republic of IoT - Hackathon Hardware Kits Hands-on LabsRepublic of IoT - Hackathon Hardware Kits Hands-on Labs
Republic of IoT - Hackathon Hardware Kits Hands-on Labs
Alwin Arrasyid
 
The Cell Processor
The Cell ProcessorThe Cell Processor
The Cell Processor
Heiko Joerg Schick
 
17 october embedded seminar
17 october embedded seminar17 october embedded seminar
17 october embedded seminar
Amir Sherman
 
Esp32 datasheet
Esp32 datasheetEsp32 datasheet
Esp32 datasheet
Moises .
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Weitere ähnliche Inhalte

Ähnlich wie 160110_ChameleonMini_history_smaller.pdf

Practical reverse engineering and exploit development for AVR-based Embedded ...
Practical reverse engineering and exploit development for AVR-based Embedded ...Practical reverse engineering and exploit development for AVR-based Embedded ...
Practical reverse engineering and exploit development for AVR-based Embedded ...
Alexander Bolshev
 
Brochure (2016-01-30)
Brochure (2016-01-30)Brochure (2016-01-30)
Brochure (2016-01-30)
Jonah McLeod
 
A 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFCA 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFC
Slawomir Jasek
 
CONFidence 2018: A 2018 practical guide to hacking RFID/NFC (Sławomir Jasek)
CONFidence 2018: A 2018 practical guide to hacking RFID/NFC (Sławomir Jasek)CONFidence 2018: A 2018 practical guide to hacking RFID/NFC (Sławomir Jasek)
CONFidence 2018: A 2018 practical guide to hacking RFID/NFC (Sławomir Jasek)
PROIDEA
 
A 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFCA 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFC
SecuRing
 

Ähnlich wie 160110_ChameleonMini_history_smaller.pdf (20)

Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64Alessandro Abbruzzetti - Kernal64
Alessandro Abbruzzetti - Kernal64
 
Dsp on an-avr
Dsp on an-avrDsp on an-avr
Dsp on an-avr
 
System unit and ip cycle
System unit and ip cycleSystem unit and ip cycle
System unit and ip cycle
 
Computer Generation
Computer GenerationComputer Generation
Computer Generation
 
Cyclone II FPGA Overview
Cyclone II FPGA OverviewCyclone II FPGA Overview
Cyclone II FPGA Overview
 
9.atmel
9.atmel9.atmel
9.atmel
 
Practical reverse engineering and exploit development for AVR-based Embedded ...
Practical reverse engineering and exploit development for AVR-based Embedded ...Practical reverse engineering and exploit development for AVR-based Embedded ...
Practical reverse engineering and exploit development for AVR-based Embedded ...
 
Brochure (2016-01-30)
Brochure (2016-01-30)Brochure (2016-01-30)
Brochure (2016-01-30)
 
Electronics Microcontrollers for IoT applications
Electronics Microcontrollers for IoT applicationsElectronics Microcontrollers for IoT applications
Electronics Microcontrollers for IoT applications
 
Pc based wire less data aquisition system using rf(1)
Pc based wire less data aquisition system using rf(1)Pc based wire less data aquisition system using rf(1)
Pc based wire less data aquisition system using rf(1)
 
A 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFCA 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFC
 
CONFidence 2018: A 2018 practical guide to hacking RFID/NFC (Sławomir Jasek)
CONFidence 2018: A 2018 practical guide to hacking RFID/NFC (Sławomir Jasek)CONFidence 2018: A 2018 practical guide to hacking RFID/NFC (Sławomir Jasek)
CONFidence 2018: A 2018 practical guide to hacking RFID/NFC (Sławomir Jasek)
 
A 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFCA 2018 practical guide to hacking RFID/NFC
A 2018 practical guide to hacking RFID/NFC
 
Virtual Twins: Modeling Trends and Challenges Ahead
Virtual Twins: Modeling Trends and Challenges AheadVirtual Twins: Modeling Trends and Challenges Ahead
Virtual Twins: Modeling Trends and Challenges Ahead
 
O meu futuro PC
O meu futuro PCO meu futuro PC
O meu futuro PC
 
Microcontroller from basic_to_advanced
Microcontroller from basic_to_advancedMicrocontroller from basic_to_advanced
Microcontroller from basic_to_advanced
 
Republic of IoT - Hackathon Hardware Kits Hands-on Labs
Republic of IoT - Hackathon Hardware Kits Hands-on LabsRepublic of IoT - Hackathon Hardware Kits Hands-on Labs
Republic of IoT - Hackathon Hardware Kits Hands-on Labs
 
The Cell Processor
The Cell ProcessorThe Cell Processor
The Cell Processor
 
17 october embedded seminar
17 october embedded seminar17 october embedded seminar
17 october embedded seminar
 
Esp32 datasheet
Esp32 datasheetEsp32 datasheet
Esp32 datasheet
 

Kürzlich hochgeladen

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 

Kürzlich hochgeladen (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 

160110_ChameleonMini_history_smaller.pdf

  • 1. A Multifunctional RFID/NFC Tool A Bit of History
  • 2. 2 2006: Coffee Cup Tag Emulator
  • 3. 3 2006: Coffee Cup Tag Emulator 1. Antenna Design
  • 4. 4 2006: Coffee Cup Tag Emulator 2. Load Modulation
  • 6. 8 2010: The Primal- A Versatile Emulator for Contactless Smartcards  Mifare Classic: Crypto1 stream cipher  Mifare DESFire MF3ICD40: Auth. with (3)DES  Mifare DESFire EV1: Auth. with AES-128, (3)DES  … and other ISO14443 / ISO15693 cards Atmel ATXmega
  • 8. 10 2014: Rev.E open source project: https://github.com/emsec/ChameleonMini • 8 card slots • Breakable antenna • Improved USB command set • Widespread
  • 11. 13 Rev.E is not enough… Testing FRAM and ATXMega128A4U
  • 12. 14 Rev. F • FRAM • Li-Ion Battery • (Basic) RFID Reader • ISO 14443/15693 • Sniffing • Log Mode
  • 13. 15 Rev.F Log Mode / Sniffing • Emulation: monitor RFID reader and Chameleon • Sniffing: Chameleon is „invisible“ during recording • Precise time stamps • Live logging
  • 14. 16  Virtual wallet with up to eight cards  User-definable token for access control  upgrade of (cryptographic) algorithms possible  Compliance tests (in fab)  Functional tests with NFC door lock systems  Pentesting/Fuzzing of RFID/NFC Readers: send unexpected data  buffer overflow, …  Power-switch: effective privacy protection/ Relay-attack countermeasure (user interaction)  Research / teaching (RFID / NFC / lightweight crypto)  …. Some Use Cases
  • 15. 17 as a Flight Recorder 1. System in test mode (everything is allowed)  Record and analyze all communication  Distinguish normal behavior / attacks / bugs / user errors 2. Block all unwanted actions 3. System in „normal operation“ mode  Keep track of further errors and react
  • 17. 19 Long Range ISO14443 Contactless Card
  • 18. 20 A Useful Book: (NFC Tag Range Extension: more than 70cm)
  • 19. 21 Thanks for supporting the ChameleonMini project!