TY - GEN
T1 - When reverse-engineering meets side-channel analysis - Digital lockpicking in practice
AU - Oswald, David
AU - Strobel, Daehyun
AU - Schellenberg, Falk
AU - Kasper, Timo
AU - Paar, Christof
PY - 2014/8/14
Y1 - 2014/8/14
N2 - In the past years, various electronic access control systems have been found to be insecure. In consequence, attacks have emerged that permit unauthorized access to secured objects. One of the few remaining, allegedly secure digital locking systems-the system 3060 manufactured and marketed by SimonsVoss-is employed in numerous objects worldwide. Following the trend to analyze the susceptibility of real-world products towards implementation attacks, we illustrate our approach to understand the unknown embedded system and its components. Detailed investigations are performed in a step-by-step process, including the analysis of the communication between transponder and lock, reverse-engineering of the hardware, bypassing the read-out protection of a microcontroller, and reverse-engineering the extracted program code. Piecing all parts together, the security mechanisms of the system can be completely circumvented by means of implementation attacks. We present an EM side-channel attack for extracting the secret system key from a door lock. This ultimately gives access to all doors of an entire installation. Our technique targets a proprietary function (used in combination with a DES for key derivation), probably originally implemented as an obscurity-based countermeasure to prevent attacks.
AB - In the past years, various electronic access control systems have been found to be insecure. In consequence, attacks have emerged that permit unauthorized access to secured objects. One of the few remaining, allegedly secure digital locking systems-the system 3060 manufactured and marketed by SimonsVoss-is employed in numerous objects worldwide. Following the trend to analyze the susceptibility of real-world products towards implementation attacks, we illustrate our approach to understand the unknown embedded system and its components. Detailed investigations are performed in a step-by-step process, including the analysis of the communication between transponder and lock, reverse-engineering of the hardware, bypassing the read-out protection of a microcontroller, and reverse-engineering the extracted program code. Piecing all parts together, the security mechanisms of the system can be completely circumvented by means of implementation attacks. We present an EM side-channel attack for extracting the secret system key from a door lock. This ultimately gives access to all doors of an entire installation. Our technique targets a proprietary function (used in combination with a DES for key derivation), probably originally implemented as an obscurity-based countermeasure to prevent attacks.
KW - Access control
KW - Digital lock
KW - EM side-channel attack
KW - Obscurity
KW - Symmetric key cryptosystem
KW - Wireless door openers
UR - http://www.scopus.com/inward/record.url?scp=84902578424&partnerID=8YFLogxK
U2 - 10.1007/978-3-662-43414-7_29
DO - 10.1007/978-3-662-43414-7_29
M3 - Conference contribution
AN - SCOPUS:84902578424
SN - 9783662434130
VL - 8282 LNCS
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 571
EP - 588
BT - Selected Areas in Cryptography - SAC 2013
A2 - Lange, Tanja
A2 - Lauter, Kristin
A2 - Lisoněk, Petr
PB - Springer
T2 - 20th International Conference on Selected Areas in Cryptography, SAC 2013
Y2 - 14 August 2013 through 16 August 2013
ER -