Name
Abstract | ||
|---|---|---|
Electronic locking systems are rather new products in the physical access control market. In contrast to mechanical locking systems, they provide several convenient features such as more flexible access rights management, the possibility to revoke physical keys and the claim that electronic keys cannot be cloned as easily as their mechanical counterparts. While for some electronic locks, mechanical flaws have been found, only a few publications analyzed the cryptographic security of electronic locking systems. In this paper, we analyzed the electronic security of an electronic locking system which is still widely deployed in the field. We reverse-engineered the radio protocol and cryptographic primitives used in the system. While we consider the system concepts to be well-designed, we discovered some implementation flaws that allow the extraction of a system-wide master secret with a brute force attack or by performing a Differential Power Analysis attack to any electronic key. In addition, we discovered a weakness in the Random Number Generator that allows opening a door without breaking cryptography under certain circumstances. We suggest administrative and technical countermeasures against all proposed attacks. Finally, we give an examination of electronic lock security standards and recommend changes to one widely used standard that can help to improve the security of newly developed products. |
Year | DOI | Venue |
|---|---|---|
2013 | 10.1145/2508859.2516733 | ACM Conference on Computer and Communications Security |
Keywords | Field | DocType |
brute force attack,system concept,electronic lock,mechanical counterpart,electronic security,cryptographic security,differential power analysis attack,electronic lock security standard,mechanical flaw,security analysis,electronic key,prng,power analysis,side channel attack,cryptography | Brute-force attack,Power analysis,Security testing,Internet privacy,Physical security,Cryptography,Computer science,Computer security,Cryptographic primitive,Security analysis,Side channel attack | Conference |
Citations | PageRank | References |
3 | 0.44 | 7 |
Authors | ||
5 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Michael Weiner | 1 | 10 | 1.58 |
| Maurice Massar | 2 | 3 | 0.44 |
| Erik Tews | 3 | 281 | 20.11 |
| Dennis Giese | 4 | 3 | 0.44 |
| Wolfgang Wieser | 5 | 21 | 2.23 |