1 files changed, 145 insertions, 0 deletions
diff --git a/2005/rfid-ccc_ds2005/rfid-datenschleuder-gliederung.txt b/2005/rfid-ccc_ds2005/rfid-datenschleuder-gliederung.txt
new file mode 100644
index 0000000..05646e2
--- /dev/null
+++ b/2005/rfid-ccc_ds2005/rfid-datenschleuder-gliederung.txt
@@ -0,0 +1,145 @@
+
+- different types of RFID
+	- serial-number-only
+	- read/writeable memory
+	- read/writeable memory with authentication
+	- processor chip cards (like contact-based)
+
+- physical/electrical characteristics
+	- old 125kHz systems
+	- current 13.56MHz systems
+		- ISO 14443-A
+		- ISO 14443-B
+		- ISO 15693
+	- both 125kHz and 13.56MHz are magnetic H-field systems
+	- reader provides strong magnetic field to provide power to PICC
+	- data from reader to PICC is modulated onto carrier.
+	- PICC uses load modulation to send back replies to reader
+
+- ISO 14443
+	- 14443-1
+		- defines physical layer (e.g. field strength, ...)
+	- 14443-2
+	- 14443-3 A
+		- 100% ASK from reader to PICC
+		- binary search tree anticollision 
+	- 14443-3 B
+		- 10% ASK from reader to PICC
+		- slotted aloha anticollision
+	- 14443-4
+		- also called T=CL
+		- datagram-based transport protocol 
+		- handles retransmission, ack/nack
+		- optional signal strength signalling
+		- data rates between 106 and 848 kbps
+
+- Mifare
+	- proprietary system by philips
+	- requires philips circuits in tag and reader
+	- authentication using two 40bit? keys
+	- proprietary encryption algoritm
+	- brute-force of 40bit not possible due to slow devices
+
+- ISO 15693
+	- only used by tags, not by smart cards
+
+- STm
+
+- Legic
+
+- Available readers
+	- generally based on either Philips or STM reader ASIC
+	- reader ASIC integrates analogue RF and digital part
+	- typically offer SPI and/or parallel bus interface
+	- host interface either serial or USB (planned: ethernet, see also
+	  IETF working group on this subject)
+	- serial readers speak either proprietary protocol or sometimes
+	  emulate serial contact-based readers for 14443-4 (T=CL)
+	- stupid readers
+		- only connect reader ASIC to host pc
+		- protocol stack implemented on host pc
+	- intelligent readers
+		- handle protocol stack in firmware of microcontroller in the
+		  reader
+		- sometimes even parts of the application are embedded in the
+		  reader firmware
+		- problem: often only support very specific
+		  protocols/applications
+
+- librfid
+	- implements 14443-1234 and 15693 stack
+	- has hooks for mifare and other proprietary RFID protocols
+	- implements fairly generic driver for Philips CL RC632 ASIC
+	- currently only supports Omnikey CardMan 5121
+	- currently only offers non-standard API for higher-level apps
+	- scheduled to provide OpenCT backend (OpenCT supports CT-API and PC/SC)
+
+- Problems
+	- T=CL looks almost like a layer 4 network protocol, 14443 supports
+	  operation of multiple PICC's simultaneously (by using CID
+	  addressing).  Therefore it looks like a master/slave network
+	  protocol.
+	- Current API's for contact based cards (like PC/SC) cannot deal well
+	  with multiple PICC's coming and going.
+
+- Passive Sniffing of 14443
+	- dream: ethereal-like program for RFID
+	- h-field decreases tremendously with distance
+	- h-field antennas required
+	- reader -> picc signal strong and easily detected, beyon 10m
+	- picc -> reader signal very weak (60-70dB below reader->picc).  so far
+	  barely recognizable beyond 3m, even with 1m-loop-antenna
+	- various hardware approaches
+		- using software defined radio (gnuradio)
+			- quite expensive, unless you happen to already have one
+			- flexible, since everything can be done in software
+			- gnuradio-implementation of 14443 on my TODO list
+		- using dedicated demodulation hardware
+			- way cheaper than SDR
+			- 13.56MHz low enough for DIY-hardware
+			- under development by Milosch
+		- using existing reader ASIC, put it in read-only mode 
+			- might be feasible, but operation is unlikely due to
+			  lack of phase and clock synchronization with external
+			  source
+
+- ICAO compliant MRTDs
+	- ICAO already regulates MRZ on current travel documents in Doc 9303
+	- Working group created standards for new MRTD with biometric data
+	- Specifications publicly available
+		- 14443 A or B PICC
+		- ISO 7816-4 (inter-industry commands)
+		- LDS (Logical Data Structure)
+			- DG1
+				- data as printed on passport
+			- DG2
+				- facial JPEG, min 80pixels between eyes
+			- EF.SOD
+				- signature of DG1, DG2
+			- DG_FIXME
+				- optional fingerprint data
+		- Security
+			- passive auth
+			- basic access control
+				- prevents unauthorized reading by refusing
+				  access until key derived from MRZ is
+				  presented to PICC
+				- probably weak, since key is derived only from
+				  DOB, document expiry date and document number
+				- provides session key generation for SM
+				  encrypted transport layer
+			- active auth
+		- TR-PKI
+			- each country operates its own root CA
+			- intermediate document signer certificates
+			- country root certificates available via public LDAP
+			- certificates of all recognized countries need to be
+			  stored in every inspection system
+			- certificate chain of EF.SOD signature can be verified 
+			- specifies CRL polling intervals, etc.
+
+- libicao
+	- aims to implement all required functions for access to ICAO MRTD
+	- basic access control present, but no secure messaging yet
+	- can use OpenCT or PC/SC as underlying API
+