Hacker News new | comments | show | ask | jobs | submit login

Assuming you could read signals to/from a key-fob/HID-card, isn't there some encryption involved that would prevent merely repeating the signal to "clone" a key-fob?



You can't clone it as many do challenge response but you can relay it - check out NFCgate for example.

This would allow you to say, hold one device to the reader and one against someone's pocket to open a door.

Or to share an NFC transit pass between multiple people over the internet.


Search for "distance bound protocol" if you want to read about current crypto research to prevent relaying.


There are some interesting attempts at these protocols but most of them rely on multiple powered devices, not induction powered smartcards which inherently adds delay and not necessarily predictable delay.

No one has a proven system for doing this in today's smartcards to my knowledge. Though there is some research which promises this may be possible in the future.

Even those proximity car locks do a horrible job of distance bounding - many of them do it off RF level which means an attacker merely needs an amplifier to steal your car - and that offers an almost optimal situation for the application. So I think we'll probably see it there before smart cards. Maybe the timers necessary make this cost prohibitive though. I'm not in a position to say one way or the other.


Nope, an EM4100-compatible card (or a key fob) is just a 64-bit ROM with radio interface. You can read its value and replay it to a reader; the latter won't be able to tell the difference between the original card and your spoofed one.

Better (and more expensive) RFID tags may have an encrypted communication protocol.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: