Issue No.04 - July/August (2006 vol.4)
Melanie R. Rieback , Vrije Universiteit Amsterdam
Bruno Crispo , Vrije Universiteit Amsterdam
Andrew S. Tanenbaum , Vrije Universiteit Amsterdam
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2006.102
On 15 March 2006, our research team at Vrije Universiteit published a paper about RFID malware entitled "Is Your Cat Infected with a Computer Virus?" as well as a companion Web site (wwww.rfidvirus.org). Our paper introduced the concept of RFID malware and presented an accompanying proof-of-concept RFID virus. It ultimately resulted in a huge amount of media attention; within 24 hours of presenting it at the Fourth Annual IEEE International Conference on Pervasive Computing and Communications (IEEE PerCom), we received more than 200 email messages. Amid this chaos, our research paper received the Best Paper Award for High Impact at the IEEE PerCom conference. In the months that followed, reports of RFID malware prompted reactions from the RFID industry, the antivirus industry, and the US and Dutch governments. In this installment of Crypto Corner, we give our general impression of the paper's aftermath, addressing some important unanswered questions and distinguishing the truths from the myths about the work we did.
malware, RFID, cryptography
Melanie R. Rieback, Bruno Crispo, Andrew S. Tanenbaum, "RFID Malware: Truth vs. Myth", IEEE Security & Privacy, vol.4, no. 4, pp. 70-72, July/August 2006, doi:10.1109/MSP.2006.102