Attacking Message Authentication Codes in EFC Using Rainbow Tables
MetadataVis full innførsel
Electronic Fee Collection (EFC) is a system for collecting fee from cars electronically. EFC contains two main components, an On-board Unit (OBU) and a Roadside Equipment (RSE). Dedicated Short-Range Communications (DSRC) is used as a communication protocol, which is a wireless protocol operating on frequencies around 5.8 GHz. As more and more systems take use of EFC and DSRC, it is important to keep security in mind. Money transactions are involved in EFC, making it a wanted target for attackers. In this thesis, the possibilities of conducting an attack on Message Authentication Codes (MACs) in EFC are explored. By stealing a valid key used in the calculation of a MAC, it can be possible to get authenticated as another user and hence do not have to pay any fee. This thesis shows that with a customizable RSE, it is possible to obtain MACs from OBUs. A customizable RSE is built using a Universal Software Radio Peripheral and GNU Radio. Unfortunately, the customizable RSE is not able to communicate with an OBU. Some errors are known, and suggestions on how to solve them are presented. A desktop DSRC transceiver was bought from Q-Free and is used as an RSE in the second part of this thesis. MACs are obtained from a test-OBU using the DSRC transceiver, and it is shown that OBUs can be used as encryption oracles. Before obtaining MACs, access credentials have to be given by the OBU. A test-OBU is used to get access credentials. However, access credentials is not used in every country, making this attack relevant. Possible attacks for obtaining access credentials are also presented. Additionally, the use of Data Encryption Standard (DES) for calculating MACs is studied. The biggest weakness of DES is the 56-bit key, making it feasible to brute-force the entire keyspace. This thesis shows how a rainbow table can be used to find the key in an OBU. Rainbow tables are a time-memory trade-off method for finding keys in a chosen-plaintext attack. A simple rainbow table is implemented in Python, together with suggestions on how improve the rainbow table generation.