RFID Security and Privacy Training Week

For Engineers, Researchers, and Project Managers
Monday 21 January 2013 to Friday 25 January 2013
Limited to 20 participants


Any question? Contact: gildas.avoine@uclouvain.be


The objective of this course given by Prof. Gildas Avoine is to provide to engineers, researchers, and managers competences in RFID security and privacy, including contactless smartcards and NFC, in order to allow them to better understand and analyze the security needs of their RFID solutions. Both theory and practice will be considered, with a special full day devoted to practices in labs under the guidance of Philippe Teuwen, principal researcher in security at NXP Semiconductors. The course especially targets the following audience (but is not limited to): integrators, suppliers, sellers, and manufacturers, which can be SMEs or larger companies, public organizations, or research groups. The training is not a concatenation of seminars but a structured course with a clear thread all along the training. The lectures will be interactive and are consequently limited to 20 participants.


Monday (PM): Basics in RFID

Tuesday: Crypto and Security

Introduction to token-based authentication.
RFID primer, capabilities, applications.
ISO 14443, ISO 15693, ISO 18000, NFC.
Collision avoidance protocols.
Classification of security and privacy threats.
Cryptography, standards.
Authentication protocols, ISO 9798, PKI.
PRNG, Time-memory trade-off.
Weak designs: TI DST, Mifare Classic.
Security of EPC Gen 2, NFC.

Wednesday: Practices in Labs

Part I: Presentation of RFID devices
Readers Omnikey CardMan 5321, Pegoda, ACG-LF, Frosch, PN53 family,...
Global architecture, chipset, connection (USB, serial...), drivers,...
PC/SC: limits of manipulating RFID with contact-oriented standards.
ISO-7816 cards and diy with pseudo-APDUs.

Part II: Hands-on!
Manipulating APDUs (Mifare, Felica, 14443-B, 15693, Hitag,...)
Challenge/Reponse authentication
Read various tags: Passports, ski-pass,... Come with your own tags as well!
Libraries RFIDiot, LibNFC
Applications ePassport Viewer, ...

Part III: Demos and practices
Emulation mode of PN53x
Proxmark (sniffing communications)
ePassport applet for Javacard, and ePassport application for Nokia cellphones
And many other interesting topics!

Thursday: Privacy

Friday (AM): Study Cases

Relay attacks and proximity checks.
Privacy, information leakage.
EU Privacy Impact Assessment.
Illicit tracking and denial of service.
Competitive intelligence.
Description of the biometric passport.
Presentation of study cases.
Trade-off security vs cost.


Prof. Gildas Avoine
Université catholique de Louvain
Place Sainte Barbe, 2
B-1348 Louvain-la-Neuve, Belgium


The course will take place from Monday 21 January 2013 to Friday 25 January 2013 in Louvain-la-Neuve, Belgium. Louvain-la-Neuve is located 25 kilometers from Brussels and is easily accessible by train from the airport. The journey from Brussels downtown to Louvain-la-Neuve is about 40 minutes. In Louvain-la-Neuve, the train station is located in the very center of the campus.

The lectures will start at 2pm on Monday 21 January 2013, and stop at 12am (noon) on Friday 25 January 2013 to allow participants to travel these days. See the schedule for more information.


The fees for the training week are 1850 euros including lectures and practices, handouts, lunches in restaurants, and coffee breaks. An RFID reader will be offered to each participant. Registration should be done by email using the registration form. Payments by wire transfer and cash on site are both accepted.


Although it is more convenient to stay in Louvain-la-Neuve, people prefering to enjoy the nightlife may stay in Brussels. Many UCL members easily commute every day. In Louvain-la-Neuve, the Hotel Mercure, located Boulevard de Lauzelle 61, B-1348 Louvain-la-Neuve, offers special rate for attendees. The hotel registration form can be downloaded and sent to Mr. Marc Brassart by email (H2200-SB2@accor.com) or fax (+32 (0) This rate is assured until December 3rd, 2012. We recommend to book as early as possible because the hotel is usually fully booked months in advance.