NL 2021: EEPROM: It Will All End In Tears by Philippe Teuwen Christian Herrmann

Abstract: RFID tags are supposed to be robust to situations such as a quick removal from the powering field when the user swipes a tag over a reader. In this talk, we describe the various physical effects that can happen when an EEPROM write or erase operation is interrupted, and we explain how to control these side effects to learn about the inner mechanisms of security features and to challenge them. We show how to defeat four types of security features on different tags: erasing OTP bits, recovering a locking password, unlocking a readonly UID and resetting a secure counter. We attack them successfully thanks to the different tools we developed and we share these tools to the community to facilitate future research. Website: Twitter: Facebook: