Skimming, eavesdropping and relay attacks can pose problems for hospital, university and K-12 security systems. Here’s how to overcome them.
RFID devices are typically used as proximity or smart card identification in tracking and access control systems. These systems operate on the assumption that the token is in close proximity to the reader because of the physical limitations of the communication channel. However, current RFID devices are not suitable for secure proximity identification. They can be subject to skimming, eavesdropping and relay attacks. An attacker can fool the system by simply relaying the communication between the legitimate reader and token over a greater distance than intended.
As these facts become known, there has been a drive by campus security directors to overcome such shortcomings.
The Vulnerabilities Are Real
First, let’s review the threats. Skimming occurs when the attacker uses his reader to access information on the victim’s RFID token without consent. The attacker has the ability to read stored information or to modify information by writing to the token, so he can control when and where the attack is performed. In practice the attacker’s main challenge is to increase the operational range by powering and communicating with the token over a greater distance, as the owner might become suspicious of somebody in his personal space.
An eavesdropping attack occurs when an attacker can recover the data sent during a transaction between a legitimate reader and a token, which requires the attack to be set up in the vicinity of a likely target. The attacker needs to capture the transmitted signals using suitable RF equipment before recovering and storing the data of interest. The degree of success that the attacker will achieve depends on the resources available to him. An attacker with expensive, specialized RF measurement equipment will be able to eavesdrop from further away than an attacker with a cheap, home-made system. The attack is still a viable threat either way.
RFID systems are also potentially vulnerable to an attack where the attacker relays communication between the reader and a token. A successful relay attack lets an attacker temporarily possess a ‘clone’ of a token, thereby allowing him to gain the associated benefits. It is irrelevant whether the reader authenticates the token cryptographically or encrypts the data, since the relay attack cannot be prevented by application layer security.
What’s scary about all this is that the equipment needed to perpetrate the above attacks can be quite inexpensive and is widely available.
Multi-Factor Authentication Improves Security
Because of such threats, single factor verification no longer provides the access security that many campus access control systems now require. Today, they want to have multi-factor verification with what they have (a card) plus what they know (a PIN.) With a combination reader/keypad, access control manufacturers and their integrators can provide them with a simple, reliable solution for shoring up their system, the combination card reader/keypad.
To enter, the individual presents her proximity or smart card, gets a flash and beep and then enters her PIN on the keypad. The electronic access control system then prompts a second beep on the reader and the individual is authorized to enter.
Another novel way of protecting card-based systems is to provide a high-security handshake or code between the card, tag and reader to help prevent credential duplication to ensure that readers will only collect data from these specially coded credentials. In a sense, it’s the electronic security equivalent of a mechanical key management system in which this single campus is the only one that has the key they use. Such keys are only available through the campus’ integrator and that integrator never provides another campus with the same key.
In the electronic access control scenario, no other campus will have the reader/card combination that only it gets from its integrator. Only their readers will be able to read their cards or tags and their readers will read no other cards or tags.
Smart Cards Can Include Anti-Tamper Features
With smart cards, in addition to their functionality for multiple applications, these credentials also increase the security of information kept on the card and stored in the facility. Valid ID is a new anti-tamper feature available with contactless smartcard readers, cards and tags. During manufacturing, readers, cards and tags are programmed with the Valid ID algorithm, cryptographically ensuring the integrity of the sensitive access control data stored on the card or tag. With Valid ID, readers scan through the credential’s access control data searching for data discrepancies, which may occur during the counterfeiting, tampering or hacking of a contactless smartcard. Valid ID is an additional layer of protection to Mifare authentication, operating independently, in addition to, and above this standard level of security. In use, Valid ID allows a smartcard reader to effectively verify that the sensitive access control data programmed to a card or tag is not counterfeit.
With smart cards, the hospital, school or university can also be provided a card validation option. In this enhancement, the cards and readers are programmed with a fraudulent data detection system. The reader will scan through the credential’s data in search of discrepancies in the encrypted data, which normally occur during credential cloning. Such a card validation feature is yet an additional layer of protection.
If applications require multiple forms of verification, the smart card securely stores other credential types such as biometric templates, PIN codes and photos right on the smart card, utilizing the enhanced storage and encryption of smart technology. Smart cards also provide an extra level of security at the access point, protecting the information behind closed doors or on the secure network.
Issuing one smart credential also impacts administrative costs. Not only is the cost of a single credential lower than purchasing multiple forms of ID, but the reduced management and distribution time for one credential will have a significant impact on administrative costs.
Equally important, smart credentials afford security administrators more avenues to ensure safe and secure environments for students, staff, clinicians, faculty and administrators on and off campus. The cards work in concert with access control systems, video surveillance and mass notification capabilities. With today’s convergence of technologies, campuses can integrate existing systems with advanced credential reader technologies to enhance security of their environments as well as student life.
Work with Your Integrator
Your electronic security integrator is as concerned with the security of your contactless card access control systems as are you. When planning a new system, it’s imperative that you consider all aspects of your campus’ security and safety with your integrator. Ask your integrator what you can do avoid breeches of security.
Scott Lindley is the president of Farpointe Data, a DORMA Group company that provides RFID systems, including proximity, smart and long range access control solutions.