Darell Tan at irq5.io writes a detailed article about securely implementing electronic door access control systems.
I was looking at trying to securely implement a door access control system. This usually involves some kind of card that you tap at a reader and the door unlocks.
Because it uses NFC, the NFC reader and electronics can be located safely on the inside, leaving no exposed DIY electronics on the outside for attackers to fiddle around with. A lot of DIY projects work, but they are just not secure.
MIFARE Classic cards are commonly used for this purpose because they are very inexpensive. They are factory-programmed with a unique identifier stored in sector 0, which is read-only. However, you can easily buy “UID 魔术卡” (UID “magic cards”) that allow their sector 0 to be modified and rewritten. This essentially enables you to create clones of any valid card.
We should not rely on the card’s UID for authentication, and here I would like to discuss about solving that.
FIDO Universal 2nd Factor (U2F) is an open standard that is used for, as its name suggests, performing two-factor authentication (2FA). It is a standard that governs hardware devices to be the second factor (i.e. “something you have”). These devices work similarly to a smart card, and are available in several convenient form factors: card, token or key fob.
Proof of Concept
I used a Adafruit PN532 NFC reader to communicate with the U2F tokens. It has a well-tuned antenna, unlike some others you might get from AliExpress.
Read much more in the post here.
from Adafruit Industries – Makers, hackers, artists, designers and engineers! https://ift.tt/3jLAtv5
via IFTTT
Комментариев нет:
Отправить комментарий