2025-08-09 –, Andromeda
Language: English
RFID reverse engineering has seen significant advancements, yet a comprehensive overview of the field remains scattered across research and practitioner communities.
Here the authors presents a structured survey of existing RFID technologies, encryption protocols, and known attack methodologies. Take the opportunity to listen to both Kirils' practical experiences and the deep insights of Iceman when it comes to RFID hacking.
The talk will cover:
1) An overview of RFID types, including both low-frequency (LF) and high-frequency (HF) cards, briefly touching upon ultra-high-frequency (UHF) systems as well.
2) A breakdown of encryption protocols used in RFID security, highlighting their strengths and weaknesses.
3) A review of documented attacks, including cloning, sniffing, relay, cryptographic, and side-channel techniques.
Additionally, analysis of the latest developments in magic RFID cards will be presented.
Findings are based on an aggregation of academic research, industry reports, and hands-on testing of RFID systems in real-world environments.
Kirils Solovjovs is Latvia's leading white-hat hacker and IT policy activist, known for uncovering and responsibly disclosing critical security vulnerabilities in national and international systems. An expert in penetration testing, network flow analysis, and reverse engineering, he is also a lifelong command-line enthusiast. Kirils started programming at age 7 and by grade 9 was spending his lunch breaks writing machine code directly in a hex editor. He uses bash daily for hacking, automation, and large-scale data processing and is sometimes contracted by major online education providers to proofread their bash certification exams. He currently is the lead researcher at Possible Security.
Christian Herrmann, better known throughout the hacker community as “Iceman”, is a co-founder of AuroaSec, RRG and helped produce many of the most common RFID research tools available today including the Proxmark3 RDV4, and Chameleon Mini. He is an RFID hacking and Proxmark3 evangelist, serving the RFID community as both forum administrator and major code-contributor alongside other community developers since 2013. He has spoken at hacker conferences around the world including Troopers, Black Hat Asia, DEF CON, SSTIC, NullCon, Pass-the-Salt, BlackAlps and SaintCon
He also have a youtube channel where he talks about RFID hacking to the public.
He has provided bespoke software development services for over 14 years specializing in .NET platforms, and is a Certified MCPD Enterprise Architect.
Christian Hermann has nearly unmatched knowledge of Proxmark3 architecture and a variety of RFID technologies, and was an instructor for the Red Team Alliance (RTA) during which also included Black Hat trainings.