An Introduction to RFID/NFC v1.0
An Introduction to RFID/NFC v1.0
Written by: Faith Connors (1678360)
Released under GPLv3
All sources/links listed are used under Creative Commons (CC BY-NC-ND)
Table of Contents:
1.0: Introduction
-->1.1: Who is this guide for?
-->1.2: What you will/will not learn in this guide
-->1.337: Licensing
-->1.4: Extra notes
-->1.5: Special Thanks
2.0: The Technology
-->2.1: NFC versus RFID
-->2.2: Analog versus Digital
-->2.3: Standards and Regulation (ISO)
---->2.31: ISO 14443 (RFID)
---->2.32: ISO 18092 (NFC)
---->2.33: Other Standards
-->2.4: How it works
---->2.41: Reading
---->2.42: Writing
-->2.5: Reader technology
3.0: Special Features
-->3.1: Encryption
---->3.11: Dynamic versus Static
-->3.2: Parity
4.0: Try-it-yourself
-->4.1: Phone Reader (Android)
-->4.2: DIY Arduino Reader
-->4.3: Read+Write to Clone
5.0: Potential use-cases/Projects/Set-Ups
6.0: On the topic of Bank/Transit/Fare Cards
7.0: FAQ and Conclusion
-->7.1: General RFID+NFC FAQ
-->7.2: Contact Info for additional questions
-->7.3: Final conclusion + Thoughts
1.0: Introduction
Hello! Welcome to the guide. This is the longest guide I've written here, and I've taken quite a few hours out of my life to write it. Even more so to actually do the research. Luckily, I originally did the research roughly a year ago since the date this was posted when I was really interested in Radio Frequency (RF) technology. I'm Canadian, and I'm seeing the tech grow in popularity, from people using it for their cars, door locks, payments, or transit. After all my extensive research on the subject, I'm personally a big fan. I've been seeing the subject gain some traction here as well, with a small influx of users asking about the technology and what they can do to learn about it.
The truth is, there currently isn't really any gold standard to learning about RF technology. There are some books on the subject, but for someone who maybe doesn't have a huge background in low-level electronics development, it may be difficult or daunting to read through a 500 page book and try to understand 10% of the words used. So, I've come up with my own form of a guide that will at the very least teach you the fundamentals on how RF technology works, specifically with RFID and NFC devices, and help you get started with using the technology for your own purposes. You may have some specific questions, about how it may be used in a field of security, ie. cloning or somehow 'hacking' a card, and I aim to answer those questions later on in the guide.
But that's enough from me, let's get on to the next section!
1.1: Who is this guide for?
In general, this guide is for people who are relatively new to the world of RF technology who have an interest in RFID and/or NFC. It would be beneficial to have at least a small background in computer engineering (ie. understanding the binary numbering system) before reading through, but I will give my own instruction on these sorts of topics as we go along. I'm no professional teacher, so my explanations on these topics may not be up-to-par with what you learn in an actual class, but I will do my best to keep things simple.
Aside from foundational knowledge, if you have any desire to even try to learn, then this guide is also for you. I wrote it to teach, but at the same time, you can lead a horse to water but you can't make it drink. It's up to you to use this guide at your own discretion to try and learn anything from it.
1.2: What you will/will not learn in this guide
Let's start with what you will learn:
-->How RFID/NFC technology works
-->Some fundamental knowledge on how it all works
-->About RF standards
-->Small projects to get started
-->Potential use-cases
-->Different set-ups
Now, for things that will not be explicitly explained:
-->How to 'hack' cards
The thing is, 'hacking' these kind of systems in any way is incredibly situational. We'll be covering different set-ups that may be used in relation between card/reader/data, but it's too open-ended. But, from the fundamentals you learn here, you may be able to come up with potential ways to use all of this for security projects.
On top of this, I do not under any circumstances endorse, support or encourage any form of illicit/unethical activity, such as data theft and cloning cards which don't belong to you, or trying to scam the system by giving yourself money. There is a small section here which will outline why most of it's impossible anyway, from a security point-of-view.
1.337: Licensing
If you were paying attention, you may have noticed some licenses right under the title. I'll quickly summarize why they're there/what they do/what you can do.
Let's start with GPLv3.
This license was released in 2007. It protects both you and me by making this guide available for free. By free, I mean as in freedom. This guide is free to be shared, modified and read by any user who finds it. It respects your freedoms to do whatever you'd like with it, but it restricts the ability for you to 'close' it. This means that whatever you do with this guide, you must give credit to the original author, AKA. me. In other words, you cannot take out my name and license here, at least legally.
GPL also allows the selling of the licensed product for commercial purposes. If you really want to sell it, go for it, but that's where license number two comes into play.
Creative Commons have a few different licenses, but the one I used (CC BY-NC-ND) does impose a few limitations. I am using this license for the links and any sources I mention because it ensures that I acknowledge the information I received was free and non-commercial, and by me using them in my guide, I agree that this guide will not be used for commercial purposes. It also prohibits modification. You are still free to download/save/view/share the file, but you cannot edit out the links.
And because you cannot edit out any links or sources, you cannot sell the guide. So, sorry for getting your hopes up, but this is a free guide, released by me, for free. Don't be a dick.
1.4: Extra notes/Changelog
Were you paying attention? The last section was numbered 1.337, also known as the leet (l33t) number.
That's because version numbering is completely arbitrary and doesn't mean anything. The same thing will apply to the title of this guide, as changes or modifications are introduced, that number will change.
This section may be a bit empty, it will serve as a changelog in the future as I update this guide.
1.5: Special Thanks
Crystallize. -- Posts Reservation
Do you see an error? Maybe somehow, something can be explained better and you want to give it a shot? Go ahead, post your change here or see the contact information in a section below. I will consider adding it here, and you'll get your shiny name here with the reason you're up here.
Written by: Faith Connors (1678360)
Released under GPLv3
All sources/links listed are used under Creative Commons (CC BY-NC-ND)
Table of Contents:
1.0: Introduction
-->1.1: Who is this guide for?
-->1.2: What you will/will not learn in this guide
-->1.337: Licensing
-->1.4: Extra notes
-->1.5: Special Thanks
2.0: The Technology
-->2.1: NFC versus RFID
-->2.2: Analog versus Digital
-->2.3: Standards and Regulation (ISO)
---->2.31: ISO 14443 (RFID)
---->2.32: ISO 18092 (NFC)
---->2.33: Other Standards
-->2.4: How it works
---->2.41: Reading
---->2.42: Writing
-->2.5: Reader technology
3.0: Special Features
-->3.1: Encryption
---->3.11: Dynamic versus Static
-->3.2: Parity
4.0: Try-it-yourself
-->4.1: Phone Reader (Android)
-->4.2: DIY Arduino Reader
-->4.3: Read+Write to Clone
5.0: Potential use-cases/Projects/Set-Ups
6.0: On the topic of Bank/Transit/Fare Cards
7.0: FAQ and Conclusion
-->7.1: General RFID+NFC FAQ
-->7.2: Contact Info for additional questions
-->7.3: Final conclusion + Thoughts
1.0: Introduction
Hello! Welcome to the guide. This is the longest guide I've written here, and I've taken quite a few hours out of my life to write it. Even more so to actually do the research. Luckily, I originally did the research roughly a year ago since the date this was posted when I was really interested in Radio Frequency (RF) technology. I'm Canadian, and I'm seeing the tech grow in popularity, from people using it for their cars, door locks, payments, or transit. After all my extensive research on the subject, I'm personally a big fan. I've been seeing the subject gain some traction here as well, with a small influx of users asking about the technology and what they can do to learn about it.
The truth is, there currently isn't really any gold standard to learning about RF technology. There are some books on the subject, but for someone who maybe doesn't have a huge background in low-level electronics development, it may be difficult or daunting to read through a 500 page book and try to understand 10% of the words used. So, I've come up with my own form of a guide that will at the very least teach you the fundamentals on how RF technology works, specifically with RFID and NFC devices, and help you get started with using the technology for your own purposes. You may have some specific questions, about how it may be used in a field of security, ie. cloning or somehow 'hacking' a card, and I aim to answer those questions later on in the guide.
But that's enough from me, let's get on to the next section!
1.1: Who is this guide for?
In general, this guide is for people who are relatively new to the world of RF technology who have an interest in RFID and/or NFC. It would be beneficial to have at least a small background in computer engineering (ie. understanding the binary numbering system) before reading through, but I will give my own instruction on these sorts of topics as we go along. I'm no professional teacher, so my explanations on these topics may not be up-to-par with what you learn in an actual class, but I will do my best to keep things simple.
Aside from foundational knowledge, if you have any desire to even try to learn, then this guide is also for you. I wrote it to teach, but at the same time, you can lead a horse to water but you can't make it drink. It's up to you to use this guide at your own discretion to try and learn anything from it.
1.2: What you will/will not learn in this guide
Let's start with what you will learn:
-->How RFID/NFC technology works
-->Some fundamental knowledge on how it all works
-->About RF standards
-->Small projects to get started
-->Potential use-cases
-->Different set-ups
Now, for things that will not be explicitly explained:
-->How to 'hack' cards
The thing is, 'hacking' these kind of systems in any way is incredibly situational. We'll be covering different set-ups that may be used in relation between card/reader/data, but it's too open-ended. But, from the fundamentals you learn here, you may be able to come up with potential ways to use all of this for security projects.
On top of this, I do not under any circumstances endorse, support or encourage any form of illicit/unethical activity, such as data theft and cloning cards which don't belong to you, or trying to scam the system by giving yourself money. There is a small section here which will outline why most of it's impossible anyway, from a security point-of-view.
1.337: Licensing
If you were paying attention, you may have noticed some licenses right under the title. I'll quickly summarize why they're there/what they do/what you can do.
Let's start with GPLv3.
This license was released in 2007. It protects both you and me by making this guide available for free. By free, I mean as in freedom. This guide is free to be shared, modified and read by any user who finds it. It respects your freedoms to do whatever you'd like with it, but it restricts the ability for you to 'close' it. This means that whatever you do with this guide, you must give credit to the original author, AKA. me. In other words, you cannot take out my name and license here, at least legally.
GPL also allows the selling of the licensed product for commercial purposes. If you really want to sell it, go for it, but that's where license number two comes into play.
Creative Commons have a few different licenses, but the one I used (CC BY-NC-ND) does impose a few limitations. I am using this license for the links and any sources I mention because it ensures that I acknowledge the information I received was free and non-commercial, and by me using them in my guide, I agree that this guide will not be used for commercial purposes. It also prohibits modification. You are still free to download/save/view/share the file, but you cannot edit out the links.
And because you cannot edit out any links or sources, you cannot sell the guide. So, sorry for getting your hopes up, but this is a free guide, released by me, for free. Don't be a dick.
1.4: Extra notes/Changelog
Were you paying attention? The last section was numbered 1.337, also known as the leet (l33t) number.
That's because version numbering is completely arbitrary and doesn't mean anything. The same thing will apply to the title of this guide, as changes or modifications are introduced, that number will change.
This section may be a bit empty, it will serve as a changelog in the future as I update this guide.
1.5: Special Thanks
Crystallize. -- Posts Reservation
Do you see an error? Maybe somehow, something can be explained better and you want to give it a shot? Go ahead, post your change here or see the contact information in a section below. I will consider adding it here, and you'll get your shiny name here with the reason you're up here.
Comments
Post a Comment