UVa Student & Two Other Hackers Crack Security Code

Karsten Nohl, a graduate student of University of Virginia, together with two Germany-based hackers, claimed that they decoded the encryption key that protects vast numbers of credit cards, security badges and subway passes. Dailyprogress published this in news on February 28, 2008.

The team of three computer whizzes declared their results at the Chaos Communications Congress in Berlin during December 27-30, 2008. The event is an annual gathering of worldwide computer hackers. Although they did not announce the details of their method of cracking the security code, they said they used PCs to access the code.

With the help of hacking equipment, the 26-year-old student with his accomplices opened the parts of a small chip that is fixed into 'smart cards', and then figured out its secret code. Having determined the cryptographic algorithm, the hackers then executed it on a computer program to try out all possible keys. This cracked the encryption within hours.

However, Nohl said that he did not have any malicious motive in mind while hacking the security code. He said he didn't intend to help in any attack, but wanted to show people the vulnerabilities in the cards.

Nohl said that 'hacking' involves investigation of the in-built processes of the computing technology. But there is a frequent mistake of regarding it as 'cracking', which refers to infringing on computer security for vandalism, fun, or profit. Hence, studying systems and determining the process to break into them speak a lot of how to erect improved systems, Nohl said.

Besides, the digital chips, which use technology called RFID i.e. Radio-Frequency Identification, are found in many credit cards, security keycards, subway passes, and car keys.

Yet Nohl along with his partners - Henryk Plotz and another hacker calling himself as Starbug -discovered that it was not difficult to decrypt code of the RFID chip, potentially letting a tech-savvy crook to create duplicate credit cards, steal cars, or have a free Metro ride.

Hence, Nohl said that RFID codes could be made more secure by using publicly familiar and long time proved security configurations. He added that private algorithms have more chances of containing vulnerabilities.

» SPAMfighter News - 10-03-2008

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial