Abstract
Electronic locking systems are rather new products in the physical access control market. In contrast to mechanical locking systems, they provide several convenient features such as more flexible access rights management, the possibility to revoke physical keys and the claim that electronic keys cannot be cloned as easily as their mechanical counterparts. While for some electronic locks, mechanical flaws have been found, only a few publications analyzed the cryptographic security of electronic locking systems. In this paper, we analyzed the electronic security of an electronic locking system which is still widely deployed in the field.
We reverse-engineered the radio protocol and cryptographic primitives used in the system. While we consider the system concepts to be well-designed, we discovered some implementation flaws that allow the extraction of a system-wide master secret with a brute force attack or by performing a Differential Power Analysis attack to any electronic key. In addition, we discovered a weakness in the Random Number Generator that allows opening a door without breaking cryptography under certain circumstances. We suggest administrative and technical countermeasures against all proposed attacks.
Finally, we give an examination of electronic lock security standards and recommend changes to one widely used standard that can help to improve the security of newly developed products.
We reverse-engineered the radio protocol and cryptographic primitives used in the system. While we consider the system concepts to be well-designed, we discovered some implementation flaws that allow the extraction of a system-wide master secret with a brute force attack or by performing a Differential Power Analysis attack to any electronic key. In addition, we discovered a weakness in the Random Number Generator that allows opening a door without breaking cryptography under certain circumstances. We suggest administrative and technical countermeasures against all proposed attacks.
Finally, we give an examination of electronic lock security standards and recommend changes to one widely used standard that can help to improve the security of newly developed products.
Original language | English |
---|---|
Title of host publication | 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4-8, 2013 |
Editors | Ahmad-Reza Sadeghi, Virgil D. Gligor, Moti Yung |
Publisher | Association for Computing Machinery |
Pages | 929-940 |
Number of pages | 12 |
ISBN (Print) | 978-1-4503-2477-9 |
DOIs | |
Publication status | Published - 2013 |
Externally published | Yes |
Event | 20th ACM Conference on Computer and Communications Security, CCS 2013 - Berlin, Germany Duration: 4 Nov 2013 → 8 Nov 2013 Conference number: 20 https://www.sigsac.org/ccs/CCS2013/index.html |
Conference
Conference | 20th ACM Conference on Computer and Communications Security, CCS 2013 |
---|---|
Abbreviated title | CCS |
Country/Territory | Germany |
City | Berlin |
Period | 4/11/13 → 8/11/13 |
Internet address |