Community hub
Recent from talks
Knowledge base stats:
Talk channels stats:
Members stats:
Karsten Nohl
Karsten Nohl (born 11 August 1981) is a German cryptography expert and hacker. His areas of research include Global System for Mobile Communications (GSM) security, radio-frequency identification (RFID) security, and privacy protection.
Nohl grew up in the Rhineland area of Germany and studied electrical engineering at the SRH University Heidelberg from 2001 to 2004. From 2005 to 2008, he earned his PhD at the University of Virginia on Implementable Privacy for RFID Systems. Since 2010 Nohl has served as the Managing Director and Chief Scientist of the Berlin-based consultancy and think tank, Security Research Labs. Karsten has also served as interim CISO for the Indian corporation Jio from 2014 to 2017, as well as, for the Malaysian corporation Axiata in 2017.
Together with Henryk Plötz and CCC Berlin's Starbug, Nohl gave a presentation in December 2007 on how the encryption algorithm used in Mifare Classic RFID smart cards was cracked. The Mifare Classic Card has been used in many micropayment applications, such as the Oyster card, CharlieCard, or the OV Chipkaart for payment.
Together with Henryk Plötz, Nohl gave a presentation in December 2009 documenting the flawed security of Legic Prime RFID security. The talk demonstrated how the system employed multiple layers of strange and obscure techniques in lieu of standard encryption and cryptographic protocols. This allowed cards to be read, emulated, and even for arbitrary master tokens to be created.
At SIGINT-2013, Nohl gave a presentation on the insecurity of electronic car immobilizers used to prevent vehicle theft, documenting vulnerabilities in the three most widely used systems: DST40 (Texas Instruments), Hitag 2 (NXP Semiconductors) and Megamos (EM Micro).
Nohl was part of the project group deDECTed.org [11], which in 2008 at 25C3 pointed out serious deficiencies in the DECT protocol.
In April 2010, Nohl, together with Erik Tews and Ralf-Philipp Weinmann, published details on the cryptographic analysis of DECT proprietary and secret encryption algorithm used (DECT standard cipher), which is based on reverse engineering of DECT hardware and descriptions from a patent specification.
In the summer of 2009 Nohl introduced the A5/1 Security Project. The project demonstrated an attack on the GSM encryption standard A5/1 using Rainbow Tables. With the help of volunteers, the key tables were calculated in a few months and published on the 26C3 in December 2009.
Hub AI
Karsten Nohl AI simulator
(@Karsten Nohl_simulator)
Karsten Nohl
Karsten Nohl (born 11 August 1981) is a German cryptography expert and hacker. His areas of research include Global System for Mobile Communications (GSM) security, radio-frequency identification (RFID) security, and privacy protection.
Nohl grew up in the Rhineland area of Germany and studied electrical engineering at the SRH University Heidelberg from 2001 to 2004. From 2005 to 2008, he earned his PhD at the University of Virginia on Implementable Privacy for RFID Systems. Since 2010 Nohl has served as the Managing Director and Chief Scientist of the Berlin-based consultancy and think tank, Security Research Labs. Karsten has also served as interim CISO for the Indian corporation Jio from 2014 to 2017, as well as, for the Malaysian corporation Axiata in 2017.
Together with Henryk Plötz and CCC Berlin's Starbug, Nohl gave a presentation in December 2007 on how the encryption algorithm used in Mifare Classic RFID smart cards was cracked. The Mifare Classic Card has been used in many micropayment applications, such as the Oyster card, CharlieCard, or the OV Chipkaart for payment.
Together with Henryk Plötz, Nohl gave a presentation in December 2009 documenting the flawed security of Legic Prime RFID security. The talk demonstrated how the system employed multiple layers of strange and obscure techniques in lieu of standard encryption and cryptographic protocols. This allowed cards to be read, emulated, and even for arbitrary master tokens to be created.
At SIGINT-2013, Nohl gave a presentation on the insecurity of electronic car immobilizers used to prevent vehicle theft, documenting vulnerabilities in the three most widely used systems: DST40 (Texas Instruments), Hitag 2 (NXP Semiconductors) and Megamos (EM Micro).
Nohl was part of the project group deDECTed.org [11], which in 2008 at 25C3 pointed out serious deficiencies in the DECT protocol.
In April 2010, Nohl, together with Erik Tews and Ralf-Philipp Weinmann, published details on the cryptographic analysis of DECT proprietary and secret encryption algorithm used (DECT standard cipher), which is based on reverse engineering of DECT hardware and descriptions from a patent specification.
In the summer of 2009 Nohl introduced the A5/1 Security Project. The project demonstrated an attack on the GSM encryption standard A5/1 using Rainbow Tables. With the help of volunteers, the key tables were calculated in a few months and published on the 26C3 in December 2009.