At Thu, 10 Sep 2009 05:05:08 -0700, Joel Jaeggli wrote: > > > > Eric Rescorla wrote: > > > Can you clarify what, if any, the security properties of this system > > are: > > > > In particular: > > > > 1. Will the RFID tag in question respond to any reader or just those > > controlled by the secretariat? > > 2. Is the information on the tag in the clear or encrypted? > > normal 125khz tags don't contain much data. The radio equivalent of a 1 > dimensional barcode is just a serial number. any data is a product of > association with that token stays in the network rather than the chip. > These are vulnerable to (trivial) replay attacks. but challenge response > requires more logic. more powerful card systems of course exist in > profusion it's just a matter of picking one. Yes. This is why I asked. -Ekr _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf