bachelor

Recommendations

Info

22 Security analysis and threat model 2.3.7 Layered approach Rejsekortet’s security model is based on a layered approach, i.e. several different security mechanisms on top of each other comprising the overall security of Rejsekortet. This is a very clever choice if the system is expected to run for an extended period; there will always be an interest in proving or disproving the security of systems, especially those contributing to some kind of infrastructure like the public transit system, and RKF did the right thing opting for a layered security model.
Chapter 3 Attacks on Rejsekortet As described in the previous chapter attacks on Rejsekortet can be divided into four different categories of cheating the system, plus vandalism. Vandalism is important to bring into the picture because personal gain might not be the only motivation to perform an attack; if it is possible to make “digital graffiti,” or just cause a general disruption of the system, some people might still be interested. Especially if it introduces plausible deniability (“I couldn’t check-in because all the terminals were broken”). The other attacks can be assumed to be motivated by the outlook to free travel. We can divide these attacks into two different kinds: • Attacks that enable free travel for just the attacker’s card. These attacks are the rollback and masquerading attacks. As we shall see in section 3.3, the latter is at this point impossible due to a technical constraint. • Attacks that are focused on the core security system. If such an attack is carried out, the overall security of Rejsekortet is decreased. Such an attack is described in 3.2.
Page 1 and 2: Cryptanalysis of Rejsekortet Jens C
Page 3: 3 Abstract. This bachelor thesis an
Page 7: Resumé Denne bachelorafhandling er
Page 10 and 11: vi Glossary Rejsekort(et) Danish fo
Page 12 and 13: viii
Page 14 and 15: x CONTENTS 4.3 Other improvements .
Page 16 and 17: 2 On Rejsekortet Disclaimer: This r
Page 18 and 19: 4 On Rejsekortet are even capable o
Page 20 and 21: 6 On Rejsekortet 1.2.3 Mifare Mifar
Page 22 and 23: 8 On Rejsekortet 1. Reader sends a
Page 24 and 25: 10 On Rejsekortet Time of transacti
Page 26 and 27: 12 On Rejsekortet Figure 1.3: The C
Page 28 and 29: 14 On Rejsekortet 1.3.2.1 CBC-MAC C
Page 30 and 31: 16 On Rejsekortet
Page 32 and 33: 18 Security analysis and threat mod
Page 34 and 35: 20 Security analysis and threat mod
Page 38 and 39: 24 Attacks on Rejsekortet 3.1 Rollb
Page 40 and 41: 26 Attacks on Rejsekortet 3.2 Attac
Page 42 and 43: 28 Attacks on Rejsekortet and cumbe
Page 44 and 45: 30 Attacks on Rejsekortet hash valu
Page 46 and 47: 32 Attacks on Rejsekortet 3.2.4 Int
Page 48 and 49: 34 Attacks on Rejsekortet 3.2.5 App
Page 50 and 51: 36 Attacks on Rejsekortet 3.2.6.2 T
Page 52 and 53: 38 Attacks on Rejsekortet Language
Page 54 and 55: 40 Attacks on Rejsekortet It is not
Page 56 and 57: 42 Attacks on Rejsekortet specifica
Page 58 and 59: 44 Attacks on Rejsekortet might pro
Page 60 and 61: 46 Attacks on Rejsekortet that the
Page 62 and 63: 48 Attacks on Rejsekortet
Page 64 and 65: 50 Improvements 4.1.1 New MAC algor
Page 66 and 67: 52 Improvements functions tend to b
Page 68 and 69: 54 Improvements
Page 70 and 71: 56 Conclusion of the pre-computatio
Page 72 and 73: 58 Related research Sector 04 - UNK
Page 74 and 75: 60 Mail correspondence enquire abou
Page 76 and 77: 62 Mail correspondence * Kodningspr
Page 78 and 79: 64 Mail correspondence Som ingeniø
Page 80: 66 BIBLIOGRAPHY [9] Philippe Oechsl

bachelor

Create successful ePaper yourself

Delete template?

Save as template?