The security researchers Karsten Nohl and Henryk Plötz cloned RFID-cards from the “Prime” product line of the Swiss manufacturer Legic. These RFID-cards are widely used in access control to nuclear power plants or airports in spite of the age of the system. According to Plötz the system is not encrypted and therefore unsecure. The developer of the system had attempted to create the impression of a secure system by various methods of “Code Obfuscation”.
The researchers are able to emulate the card reader, change commands and to emulate cards. They recommend all firms using the RFID-cards based on the “Prime” product line to replace as fast as possible to the newer product line “Advant”.
