This was a project done for an introductory computer security class at the University of British Columbia.
A hardware device was developed to block the debiting of a stored value smart card.
DEFCON slides: Archive video (m4v)
Vimeo: Montage :D & Full talk
Other contributors: Neil Pahl
DEFCON 18 description:
Atmel CryptoMemory based smart cards are deemed to be some of the most secure on the market,
boasting a proprietary 64-bit mutual authentication protocol, attempts counter, encrypted checksums, anti-tearing counter measures,
and more. Yet none of these features are useful when the system implementation is flawed.
Communications were sniffed, protocols were analyzed, configuration memory was dumped, and an elegant hardware
man-in-the-middle attack was developed. From start to finish, we will show you how concepts learned from an introductory computer
security class were used to bypass the security measures on a Cryptomemory based stored value smart card laundry system, with
suggestions on how things can improve.