RFID security in door locks

Radio frequency identification, RFID is a technology that is used in many fields including locks. The unlimited access to the reader and the transponder has resulted in severe security weaknesses and made it possible to apply different attacks. To classify door locks as secure they must at least fulfil two main criteria: the first is the use of a challenge-response authentication protocol and the second is to deploy sophisticated and secure algorithms.MiFare classic and KeeLoq are two widely applied technologies that are still in use in many security critical applications and are considered to be secure but which have been broken by cryptanalysis and with modest efforts and cost.How secure a certain solution is depends on how expensive it is to buy the equipment that can break the system and reveal the secret key and how secure a lock should be depends on the value of what it is protecting…

Contents

1 INTRODUCTION
1.1 BACKGROUND
1.2 OBJECTIVES
1.3 LIMITATIONS
1.4 METHODS
1.5 CONCEPTS AND ABBREVIATIONS
2 WHAT IS RFID
2.1 INTRODUCTION
2.2 RFID COMPONENTS
2.3 RANGE, FREQUENCY AND COUPLING
2.3.1 Short range systems
2.3.2 Middle range systems
2.3.3 Long range systems
2.4 RFID SYSTEMS
2.4.1 Low-end systems
2.4.2 Mid-range systems
2.4.3 High-end systems
3 GENERAL RFID SECURITY
3.1 CIA CRITERIA AND RFID LOCKS
3.2 STATIC AND SEMI-STATIC SIGNALS
3.3 AUTHENTICATION
3.3.1 Mutual Symmetrical Authentication
3.3.2 Authentication through derived keys
3.4 SECURITY EVALUATION OF RFID LOCKS
4 AVAILABLE PRODUCTS ON THE MARKET
4.1 FINDING THE PRODUCTS
4.2 PRODUCTS REVIEWED
4.2.1 MyKey 2300
4.2.2 MIFARE MF1 IC S50
4.2.3 SHL-100
4.2.4 BINoXX – DK 4100
4.2.5 DOM Protector
4.2.6 HCS412
5 EVALUATION OF AVAILABLE PRODUCTS
5.1 PRODUCTS EVALUATED
5.1.1 MyKey 2300
5.1.2 MIFARE MF1 IC S50
5.1.3 SHL-100
5.1.4 BINoXX – DK 4100
5.1.5 DOM Protector
5.1.6 HCS 412
6 BREAKING THE CHALLENGE RESPONSE SYSTEM
6.1 GENERAL ATTACKS ON CRYPTOGRAPHIC PROTECTION
6.2 CLASSICAL CRYPTOSYSTEMS
6.2.1 Block Ciphers
6.2.2 Stream Ciphers
6.2.3 LFSR
6.3 ATTACK ON KEELOQ
6.3.1 Summary
6.3.2 Description of KEELOQ
6.3.3 Knowledge needed before an attack
6.3.4 Attack scenarios
6.4 ATTACK ON MIFARE
6.4.1 Summary
6.4.2 Description of Crypto-1
6.4.3 Authentication protocol
6.4.4 Attack scenarios
CONCLUSIONS
7 NECESSARY FUTURE IMPROVEMENTS
8 REFERENCE LIST

Author: Samuel, David

Source: Linköping University

Download URL 2: Visit Now