Why is Everyone Talking about Encryption?

Sep 19, 2016

Most security people are not aware that one of the leading gateways for hackers to attack their cyber systems is through their own physical security systems, especially their wired cameras or contactless card access control systems. Let’s look at the latter.

When a 125 KHz proximity card gets powered-up by being in the “proximity” of a reader, it immediately begins to transmit its fixed binary code number. As a result, it’s possible to use a device that will stealthily power up the card from a distance to read and record its internal data. That easily, the attacker can use the card’s information to let unauthorized people in.

Adding to the problem is that Wiegand, the industry standard over-the-air protocol commonly used to communicate credential data from a card to an electronic access reader, is no longer inherently secure due to its original obscure and non-standard nature. This is how ID harvesting quickly became one of the most lucrative hacking activities of our time.

But, now, there is an even bigger problem. To get into Information Technology (IT) and critical infrastructure Operational Technology (OT) systems, hackers simply use card/reader protocol to enter a facility via the PACS (public access computer system), thereby accessing specific computers. Those computers then act as a gateway to the target’s internal Intranet, be it the IT or OT system. Thus, using the physical access control system, hackers steal sensitive data or program a computerized controller to, for instance, raise the temperature of a blast furnace to unsafe levels.

The Need for Encryption
One aspect of securing a card’s information, is to make the internal numbers unusable. To read encrypted cards, the system needs access to a secret key or password that provides decryption.

Modern encryption algorithms play a vital role in assuring data security:
•    Authentication: the origin of a message.
•    Integrity: contents of a message have not been changed.
•    Non-repudiation: the message sender cannot deny sending the message.

Here’s how it works. The number is encrypted using an encryption algorithm and an encryption key. This generates cipher text that can only be viewed in its original form if decrypted with the correct key. Today’s encryption algorithms are divided into two categories: symmetric and asymmetric.

Symmetric-key ciphers use the same key, or secret, for encrypting and decrypting a message or file. The most widely used symmetric-key cipher is AES (Advanced Encryption Standard) – the U.S. government uses it to protect classified information.

Asymmetric cryptography uses two different, but mathematically-linked keys, one public and one private. The public key can be shared with everyone, whereas the private key must be kept secret. RSA (named after Misters Rivest, Shamir and Adleman) is the most widely used asymmetric algorithm.

Adding Encryption into an Access Control System
Today, 13.56 MHz smart cards are used to provide increased security compared to the older 125 KHz proximity cards. One of the first terms you will discover in learning about smart cards is “Mifare,” a technology from NXP Semiconductors. Mifare enables 2-way communications between the card and the reader.

Mifare Classic was an original version of the Mifare standard used in contactless cards. It stores the card number on one of its sectors, then encrypts the communication between the card and reader to theoretically make it impossible (or at least very difficult) to clone a card. Unfortunately, a security flaw was discovered in the Mifare Classic standard which meant that, with the right knowledge and hardware, a card could be cloned or another card in the series created.

The newest of the Mifare standards, Mifare DESFire EV1, includes a cryptographic module on the card itself to add an additional layer of encryption to the card / reader transaction. This is amongst the highest standard of card security currently available, making it ideal for securing multi-application smart cards in access management, public transportation schemes or closed-loop e-payment applications. They are fully compliable with the requirements for fast and highly secure data transmission, flexible memory organization and provide interoperability with existing infrastructures.

Scott Lindley is President of Farpointe Data, a DORMA Group Company.