About the series
Speaker: Matthew Green, Johns Hopkins University
The increasing deployment of Radio Frequency Identification (RFID) systems has ignited a vigorous debate over the security and privacy implications of this new technology. RFID tags-- tiny computing devices containing an integrated radio transceiver-- promise to streamline processes such as inventory and supply-chain management, building access control, and electronic payment. At the same time, RFID systems may also present entirely new opportunities for attack, resulting in potentially serious breaches of security and user privacy. To assess the significance of this threat, my team reverse-engineered several widely-deployed "secure" RFID deployments, including the cryptographically-enabled Exxon/Mobil Speedpass system and several vehicle immobilizer technologies. In this talk I will present our results, along with an overview of current challenges and some proposed solutions for securing future RFID systems.
About the speaker:
Matthew Green is a doctoral candidate at the Johns Hopkins University, specializing in applied cryptography and privacy-enhancing technologies. Prior to entering Johns Hopkins, he served for four years as a senior technical staff member at AT&T Laboratories in Florham Park, NJ. During this time, he contributed to a variety of research efforts involving audio coding, secure content distribution, streaming video and wireless localization services. Matthew has several publications in major security conferences, and received an award at Usenix Security (2005) for the paper "Security Analysis of a Cryptographically-Enabled RFID Device". He is a co-founder of Independent Security Evaluators (ISE), a security consulting firm based in the Baltimore area.