At this year’s Chaos Communication Congress (24C3), I presented some work I’ve been doing with Saar Drimer: implementing a smart card relay attack and demonstrating that it can be prevented by distance bounding protocols. My talk (abstract) was filmed and the video can be found below. For more information, we produced a webpage and the details can be found in our paper.

[ slides (PDF 9.6M) | video (BitTorrent — MPEG4, 106M) ]

Update 2008-01-15:
Liam Tung from ZDNet Australia has written an article on my talk: Bank card attack: Only Martians are safe.

The CCC is a great conference to attend and a good source of ideas for papers. There were many excellent talks, but here are a few I can particularly recommend (I’m still working though the videos of talks I couldn’t attend in person):

Current events in Tor development

Roger Dingledine gives Tor-related news, including anti-censorship features and interaction with law enforcement

Design Noir

ladyada talks about controversial electronics projects, including the TV-B-Gone and her own cellphone jammer

DNS Rebinding And More Packet Tricks

Dan Kaminsky describes the DNS Rebinding attack and demonstrates tunneling arbitrary TCP streams over a browser

Mifare

Karsten Nohl and Henryk Plötz describe how they reverse-engineered the Mifare encryption algorithm, Crypto1, and the weaknesses they discovered

Steam-Powered Telegraphy

Jens Ohlig et al. demonstrate their Internet connected (but not quite steam-powered) Telex machine

What can we do to counter the spies?

Annie Machon describes her work with MI5, the abuses which caused her to leave, and her life on the run

Why Silicon-Based Security is still that hard: Deconstructing Xbox 360 Security

Michael Steil and Felix Domke demonstrate the clever techniques they developed to install Linux on the Xbox 360