Eavesdropping an EFC Transaction Using SDR
Felipe Blanco, Javier
MetadataShow full item record
In Norway, as well as in many other European countries, Electronic Fee Collection (EFC) is used to charge drivers for using toll roads. This technology is based on the communication between a so-called On-Board Unit (OBU), installed in the vehicles, and a Road Side Equipment (RSE) device placed in the toll road, by means of a wireless link. Proper mechanisms against the increasing security threats are fundamental nowadays for every communication system. This is particularly relevant when the system performs sensitive transactions with user data, such as EFC. Many vulnerabilities have been detected in this system in the last years. Weak authentication and access control mechanisms, based in DES algorithm, and no encryption in the wireless link, make possible performing an attack against the system. This project will take a step further in the analysis of the EFC system security, recreating a real transaction by using commercial RSE and OBUs in a lab environment. This communication will be later eavesdropped using a Software Defined Radio (SDR) device, and the received signal will be processed, aiming to read and store the exchanged EFC data.