I got one of the sleeves that is designed to prevent unauthorized reading of the RFID information in a Washington State EDL. I didn't have an actual EDL or reader so I used my building's physical access card and reader which are also a form of RFID. I tested various materials that might shield the card and impair reading the data.
Basically I held a ruler perpendicular to the reader and slid the card and any shielding along until the reader unlocked the door. I repeated this twice for each setup and got the same reading each time. Here is the data:
Distance Description
(millimeters)
146 Raw card, no shielding
62 Card inside EDL sleeve
146 Card inside mylar anti-static envelope
146 Card inside pink (anti-static) bubblewrap envelope
46 Card wrapped in one layer of aluminum foil
22 Card wrapped in two layers of aluminum foil
52 Card with a single sheet of aluminum foil shielding card (not wrapped)
17 Card inside EDL sleeve, then wrapped in two layers aluminum foil
So you can see that the sleeve does make some difference but means an attacker would need to be closer or have a better antenna. I think I will put any EDL or passport I own inside the official sleeve and THEN wrap two layers of aluminum foil over that.
Caveats: this test might not be as accurate as a real test with a real EDL and reader but it shows relative effectiveness.
Since posting this I found out some more info:
Typical building access cards (prox cards) usually run at 125 kHz, The EDL seems to operate at 13.5 Mhz and now it is quite common to operate RFID in the hundreds of MHz.
For some real science about RFID in passports and Enhanced Driver Licenses, check out the paper at www.rsa.com/rsalabs/node.asp?id=3557
Tuesday, August 11, 2009
Subscribe to:
Posts (Atom)