Eavesdropping an EFC transaction using SDR
MetadataVis full innførsel
The use of Electronic Fee Collection (EFC) system is widespread in Europe, to charge drivers for the use of toll roads. It is based on a wireless high-frequency communication between a tag in the car (OBU) and a device placed in the road (RSE). The protocol used in this communication is Dedicated Short Range Protocol (DSRC), and the working frequency is 5.8 GHz. Several projects and research have shown that EFC lacks good security features. A weak encryption mechanism (Data Encryption Algorithm) is used to provide authentication features, and the link is not encrypted. Therefore, the system is susceptible of suffering an attack, which could bring undesirable consequences for both the road users and the service providers. In this thesis, the feasibility of building a device capable of eavesdropping the communication in EFC has been explored. For this, Universal Software Radio Peripherals (USRP) and the GNU Radio framework have been used. These tools are part of the Software Defined Radio (SDR) scope, and are publicly available and cheap. To establish a DSRC link, commercial RSE and OBU devices have been utilized. Although an error-free signal receiver was not achieved, the developed program is able to obtain a high amount of information from the system. It makes possible to visualize the downlink and uplink signals, both in time and frequency domain. This shows that, without an encryption mechanism, it can be possible to eavesdrop the communication and potentially read private data from the users. Additionally, some other tests have been performed with the described tools. One of them shows that, the signal emission of other wireless systems in the 5.8 GHz band, could cause an interference and interrupt the EFC communication. The risk of suffering a replay attack is also explored.