Fuming Acid and Cryptanalysis: Handy Tools for Overcoming a Digital Locking and Access Control System

Strobel, Daehyun; Driessen, Benedikt; Kasper, Timo; Leander, Gregor; Oswald, David; Schellenberg, Falk; Paar, Christof

doi:10.1007/978-3-642-40041-4_9

Cited by 12 publications

(15 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Note that the mathematical attacks of [20] can be fixed with a firmware update that is currently being prepared by SimonsVoss. In contrast, preventing the SCA without replacing all hardware components (locks and transponders) is very difficult in our opinion.…”

Section: Resultsmentioning

confidence: 99%

“…The mathematical properties of the SimonsVoss digital lock and access control system 3060 "G2" are investigated in [20]. Sophisticated mathematical attacks, exploiting weaknesses of the proprietary obfuscation function (see Sect.…”

Section: Related Workmentioning

confidence: 99%

“…Note that only the first six bytes of the input to O can be chosen by the adversary, since the remaining bytes of P 0 are set to zero. Due to the carry propagation properties of O (which are described in detail in [20]), these input bytes do not lead to a "full" randomization of all intermediates in the first round of the obscurity function. A straightforward CPA of the first round targeting the addition operation x i (r+1) = x i (r) + c i (r) + y i hence only allows to recover the first seven key bytes y 0 .…”

Section: Theoretical Attack: Predicting Intermediate Values In Omentioning

confidence: 99%

See 2 more Smart Citations

When Reverse-Engineering Meets Side-Channel Analysis – Digital Lockpicking in Practice

Oswald

Strobel

Schellenberg

et al. 2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. In the past years, various electronic access control systems have been found to be insecure. In consequence, attacks have emerged that permit unauthorized access to secured objects. One of the few remaining, allegedly secure digital locking systems-the system 3060 manufactured and marketed by SimonsVoss-is employed in numerous objects worldwide. Following the trend to analyze the susceptibility of real-world products towards implementation attacks, we illustrate our approach to understand the unknown embedded system and its components. Detailed investigations are performed in a step-by-step process, including the analysis of the communication between transponder and lock, reverse-engineering of the hardware, bypassing the read-out protection of a microcontroller, and reverse-engineering the extracted program code. Piecing all parts together, the security mechanisms of the system can be completely circumvented by means of implementation attacks. We present an EM side-channel attack for extracting the secret system key from a door lock. This ultimately gives access to all doors of an entire installation. Our technique targets a proprietary function (used in combination with a DES for key derivation), probably originally implemented as an obscurity-based countermeasure to prevent attacks.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Theoretical Attack: Predicting Intermediate Values In Omentioning

confidence: 99%

See 1 more Smart Citation

When Reverse-Engineering Meets Side-Channel Analysis – Digital Lockpicking in Practice

Oswald

Strobel

Schellenberg

et al. 2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…The cryptographic security of Generation 2 has recently been analyzed by Strobel et al [3]. The researchers reverseengineered the cryptographic primitives and found out that the random number generator in their locks allowed the derivation of transponder secrets, which can be used to create a valid transponder without having physical access to it.…”

Section: Introductionmentioning

confidence: 99%

“…In contrast to mechanical locking systems, they provide several convenient features such as more flexible access rights management, the possibility to revoke physical keys and the claim that electronic keys cannot be cloned as easily as their mechanical counterparts. While for some electronic locks, mechanical flaws have been found [1], only a few publications analyzed the cryptographic security of electronic locking systems [2,3]. In this paper, we analyzed the electronic security of an electronic locking system which is still widely deployed in the field.…”

mentioning

confidence: 99%

Security analysis of a widely deployed locking system

Weiner

Massar

Tews

et al. 2013

Proceedings of the 2013 ACM SIGSAC Conference on Computer &Amp; Communications Security - CCS '13

View full text Add to dashboard Cite

Electronic locking systems are rather new products in the physical access control market. In contrast to mechanical locking systems, they provide several convenient features such as more flexible access rights management, the possibility to revoke physical keys and the claim that electronic keys cannot be cloned as easily as their mechanical counterparts. While for some electronic locks, mechanical flaws have been found [1], only a few publications analyzed the cryptographic security of electronic locking systems [2,3]. In this paper, we analyzed the electronic security of an electronic locking system which is still widely deployed in the field.We reverse-engineered the radio protocol and cryptographic primitives used in the system. While we consider the system concepts to be well-designed, we discovered some implementation flaws that allow the extraction of a systemwide master secret with a brute force attack or by performing a Differential Power Analysis attack [4] to any electronic key. In addition, we discovered a weakness in the Random Number Generator that allows opening a door without breaking cryptography under certain circumstances. We suggest administrative and technical countermeasures against all proposed attacks.Finally, we give an examination of electronic lock security standards and recommend changes to one widely used standard that can help to improve the security of newly developed products.

show abstract