Photo of Roel Verdult

Contact Details

drs. ing. Roel Verdult
email: rverdult@cs.ru.nl
phone: +31 (0)24 3652599
Digital Security (DS), ICIS
Mercator 1 building, office 2.12
Toernooiveld 212
6525 EC Nijmegen

Personal

Roel Verdult is scientific researcher at the Radboud University Nijmegen. He played an important role in the research that uncovered
the serious security weaknesses in the widely deployed MIFARE Classic RFID tag. This is a contactless smartcard that is sold more
than a billion times and used in several public transport systems around the world (including the nation wide ov-chipkaart in the Netherlands
and Oyster card in Londen). The impact is even more serious for MIFARE Classic access control systems of highly secured facilities like
ministries, military bases, banks, nuclear power plants and prisons.

Roel is currently a member of the Digital Security group at the Radboud University Nijmegen. His research covers a variety of security
topics which include (but are not limited to) the electronic passports, contactless smartcards, Radio Frequency Identification (RFID),
Near Field Communication (NFC), secure storage, authentication protocols and other types of transmission security. His research work and
publications are honored with several national and international awards.

Digital Security group

The Digital Security (DS) group works on a broad range of topics in relation to computer security including applied cryptography,
security protocols, smartcards and Radio Frequency Identification (RFID), and researching the security and accuracy of software.
DS is also involved in research relating to digital security (such as privacy and e-voting), and the interaction between computer science,
cryptography and law. The DS group has an excellent reputation for its work and in particular, its well-chosen mix of practical and theoretical
research. In the 2012 national research assessment of computer science, the Digital Security group was rated “excellent” in all categories.
Radboud University Nijmegen was the first university in the Netherlands to run a Bachelor programme in Cyber Security in 2013.

In addition to its own independent work, the Digital Security group collaborates with other organisations including the Netherlands
Forensic Institute (Dutch Ministry of Security and Justice), the National Police Services Agency (Dutch National Police Force) and
the General Intelligence and Security Service of the Netherlands (Secret Service of the Netherlands).

The Digital Security group is a member of the European Network of Excellence for Cryptology II (ECRYPT II), a 4-5 year network of
excellence funded within the Information Societies Technology Programme of the European Commission's Seventh Framework Programme
under contract number ICT-2007-216676. ECRYPT II’s objective is to continue intensifying the collaboration of European researchers
in information security.

Publications Publications of Roel Verdult

Wirelessly Lockpicking a Smart Card Reader Wirelessly Lockpicking a Smart Card Reader Wirelessly Lockpicking a Smart Card Reader
Flavio D. Garcia, Gerhard de Koning Gans, Roel Verdult
to appear in International Journal of Information Security (IJIS)
Berlin / Heidelberg, pages 1-18. Springer-Verlag, 2014.

Prevent Session Hijacking by Binding the Session to the Cryptographic Network Credentials Prevent Session Hijacking by Binding the Session to the Cryptographic Network Credentials Prevent Session Hijacking by Binding the Session to the Cryptographic Network Credentials
Willem Burgers, Roel Verdult, Marko van Eekelen
18th Nordic Conference on Secure IT Systems (NordSec 2013)
Ilulissat, Greenland, volume 8208 of Lecture Notes in Computer Science, pages 33-50. Springer-Verlag, 2013.

Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer (SHA-512 hash only) Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer
Roel Verdult, Flavio D. Garcia, Bariş Ege
22nd USENIX Security Symposium (USENIX Security 2013)
Washington DC, USA. USENIX Association, 2013.

Designed to Fail: A USB-Connected Reader for Online Banking Designed to Fail: A USB-Connected Reader for Online Banking Designed to Fail: A USB-Connected Reader for Online Banking
Arjan Blom, Gerhard de Koning Gans, Erik Poll, Joeri de Ruiter, Roel Verdult
17th Nordic Conference on Secure IT Systems (NordSec 2012)
Karlskrona, Sweden, volume 7617 of Lecture Notes in Computer Science, pages 1-16. Springer-Verlag, 2012.

A Toolbox for RFID Protocol Analysis A Toolbox for RFID Protocol Analysis A Toolbox for RFID Protocol Analysis
Roel Verdult, Flavio D. Garcia, Gerhard de Koning Gans
4th International EURASIP Workshop on RFID Technology (EURASIP RFID 2012)
Torino, Italy, pages 27-34. IEEE Computer Society, 2012.

more publications ...

International Awards

International Hermesdorf Prize
Radboud University Nijmegen award for special attention in the media during 2013, January 2014

Best Paper Award
USENIX Workshop on Offensive Technologies 2011, Augustus 2011

Outstanding Paper Award
IEEE Symposium on Security and Privacy 2009, May 2009

Best Master Thesis
Aia Software Master Thesis Award, January 2009

National student of the year
Dutch award was presented by LSVB, ISO and ScienceGuide, November 2008

Information Security Award
Joop Bautz nomination, October 2008,

NWO I/O Award
Netherlands Organisation for Scientific Research (NWO) for breaking insecure computer chips, September 2008

Gratuity for the MIFARE Classic research
Radboud University Nijmegen, September 2008