Our Labs

The Information Security Group develops some pratical RFID-tools for its research purposes, for pointing out weaknesses in practical solutions, or just for fun. Below are some examples of such tools.

Time-memory Trade-off: Fingerprint Tables to crack Windows NTLM Passwords

The GSI developed a new type of precalculated tables, called fingerprint tables that allow for significantly faster cryptanalytic time-memory trade-offs. These tables provide better performances than the rainbow tables introduced by Philippe Oechslin in 2003. An online password cracking tool has been developed to retrieve any Windows NTLM password from its hash value. [Online NTLM Hash Cracker]

ePassport Viewer: Read your Biometric Passport

Biometric passports aka ePassport possess a microchip that embeds personal data on the owner and can be remotely read at a distance of 10 cm with a common reader. Standard Doc9303 issued by the International Civil Aviation Organization (ICAO) includes the use of cryptographic means to prevent unauthorized remote access to this information. The GSI developped an API "pypassport" that allows everyone to read his passport, and the GUI "ePassport Viewer" that provides a friendly interface to the API. The tool allows everyone to check whether his passport resists to the attacks known in the literature.

Version 1.0 of ePassport Viewer is available for Windows and Linux since 2009. The Version 2.0 will be released early in 2013 (a beta version can be obtained upon request)

MOBIB Extractor

Brussels' public transportation company (STIB) launched in 2008 a ticketing system (MOBIB) based on a contactless technology (Radio Frequency IDentification) that will eventually replace the former system based on magnetic strip cards. MOBIB relies on the Calypso standard that is already used by more than 20 countries.
The Information Security Group got a particular interest for the MOBIB card in 2009 and developed Mobib Extractor, which allows anyone to read a Mobib card. For legal reasons, the software is no longer available on this website.


Samuel Bizien from ENS developped e-retriever during an internship in the GSI. The Linux-friendly tool e-retriever allows to extract data from dumps of chips, expecially RFID cards. In particular, it compares dumps of several cards in order to detect their logical structure. [Download version 1.0 of e-retriever].