Javascript must be enabled for the correct page display

University Card security

Rinsma, T. (2015) University Card security. Bachelor's Thesis, Computing Science.

thesis.pdf - Published Version

Download (903kB) | Preview
[img] Text
Toestemming.pdf - Other
Restricted to Backend only

Download (47kB)


Over the past couple of decades, systems and protocols based on personal RFID tags and specifically on contactless Smart Cards have seen a large increase in use. One such system is the so-called University Card of the University of Groningen. Every employee and student of the university owns such a card. These are contactless Smart Cards based on a chipset by NXP called Mifare DESFire EV1. The cards can be used to pay for drinks at beverage machines at all the university buildings, for parking lot access and for printing and photocopying. Systems like this are very convenient for their users, but when implementing them one has to be extra diligent about keeping every aspect of the system secure. This thesis tries to find out whether that is the case in this system. It contains an analysis of the University Card and of the various systems around it. Based on this analysis, several methods of user impersonation are described, including the cloning and emulation of University Cards. These methods are brought to practice and tested on the system itself, resulting in successful authentication of a user without their original University Card at both the printer systems and the parking lot gates.

Item Type: Thesis (Bachelor's Thesis)
Degree programme: Computing Science
Thesis type: Bachelor's Thesis
Language: English
Date Deposited: 15 Feb 2018 08:04
Last Modified: 15 Feb 2018 08:04

Actions (login required)

View Item View Item