| Radio-frequency identification (RFID) technology is widely used for security applications like access control or payment. However, this kind of application poses risks concerning privacy and identity theft. The aim of this study is to highlight these risks and to create a standard methodology to evaluate them.;At first, we reproduced the results of other research teams concerning the HID iClass access control system. In this process, we implemented the RFID standard ISO/IEC 15693 on the Proxmark3 card. We managed to confirm that one can retrieve the memory of some iClass readers and that it contains keys which permit to clone all iClass cards in the Standard Security level. We also successfully programed on the Proxmark3 all the cryptographic algorithms of this security level, which were revealed in a previous article. Therefore, we can perfectly simulate an iClass reader or an iClass card from the Standard Security level. We can as well spy on iClass RFID communications.;Secondly, we focused on the RFID communication physical limitations. We made the emission part of a system aiming to increase the communication range between the Proxmark3 card and a tag. Our experience shows that our system can power a RFID tag at least at 81 cm and that the tag can understand and answer to the Proxmark3 messages at this range. We also tested some protections using electromagnetic shielding. We showed that there are efficient as long as the card is completely inserted in the protection. However, we managed to establish a communication with a card exceeding the protection by 12 mm.;Finally, we wrote a methodology in four steps to evaluate the risks of an unknown RFID system. This methodology can also be seen as a list of requirements for designing a new RFID solution. |
