home.social

#relayattack — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #relayattack, aggregated by home.social.

  1. RE: infosec.exchange/@metacurity/1

    Don't leave your electronic car keys within proximity of your vehicle, even inside.

    Put them as far as possible, or inside something which might shield them from this type of signal relay attack.

    #CarTheft #RelayAttack #CyberSecurity

  2. RE: infosec.exchange/@metacurity/1

    Don't leave your electronic car keys within proximity of your vehicle, even inside.

    Put them as far as possible, or inside something which might shield them from this type of signal relay attack.

    #CarTheft #RelayAttack #CyberSecurity

  3. RE: infosec.exchange/@metacurity/1

    Don't leave your electronic car keys within proximity of your vehicle, even inside.

    Put them as far as possible, or inside something which might shield them from this type of signal relay attack.

    #CarTheft #RelayAttack #CyberSecurity

  4. RE: infosec.exchange/@metacurity/1

    Don't leave your electronic car keys within proximity of your vehicle, even inside.

    Put them as far as possible, or inside something which might shield them from this type of signal relay attack.

    #CarTheft #RelayAttack #CyberSecurity

  5. RE: infosec.exchange/@metacurity/1

    Don't leave your electronic car keys within proximity of your vehicle, even inside.

    Put them as far as possible, or inside something which might shield them from this type of signal relay attack.

    #CarTheft #RelayAttack #CyberSecurity

  6. Teslas can still be stolen with a cheap radio hack despite new keyless tech - Enlarge / Tesla sold 1.2 million Model Y crossovers last year. (credit:... - arstechnica.com/?p=2026474 #relayattack #syndication #cartheft #model3 #cars #tesl

  7. Teslas can still be stolen with a cheap radio hack despite new keyless tech - Enlarge / Tesla sold 1.2 million Model Y crossovers last year. (credit:... - arstechnica.com/?p=2026474 #relayattack #syndication #cartheft #model3 #cars #tesl

  8. Teslas can still be stolen with a cheap radio hack despite new keyless tech - Enlarge / Tesla sold 1.2 million Model Y crossovers last year. (credit:... - arstechnica.com/?p=2026474 #relayattack #syndication #cartheft #model3 #cars #tesl

  9. Teslas can still be stolen with a cheap radio hack despite new keyless tech - Enlarge / Tesla sold 1.2 million Model Y crossovers last year. (credit:... - arstechnica.com/?p=2026474 #relayattack #syndication #cartheft #model3 #cars #tesl

  10. Teslas can still be stolen with a cheap radio hack despite new keyless tech - Enlarge / Tesla sold 1.2 million Model Y crossovers last year. (credit:... - arstechnica.com/?p=2026474 #relayattack #syndication #cartheft #model3 #cars #tesl

  11. CW: research review

    S. Haskins and T. Stevado, "Unlocking doors from half a continent away: A relay attack against HID Seos"¹

    HID Global is a major vendor of physical access control systems. In 2012, it introduced Seos, its newest and most secure contactless RFID credential technology, successfully remediating known flaws in predecessors iCLASS and Prox. Seos has been widely deployed to secure sensitive assets and facilities. To date, no published research has demonstrated a security flaw in Seos. We present a relay attack developed with inexpensive COTS hardware, including the Proxmark 3 RDV4. Our attack is capable of operating over extremely long ranges as it uses the Internet as a communications backbone. We have tested multiple real-world attack scenarios and are able to unlock a door in our lab with a card approximately 1960 km away. Our attack is covert and does not require long-term access to the card. Further, our attack is generic and is potentially applicable to other protocols that, like Seos, use ISO/IEC 14443A to communicate. We discuss several mitigations capable of thwarting our attack that could be introduced in future credential systems or as an update to Seos-compatible readers' firmware; these rely on rejecting cards that take too long to reply.

    #IACR #ResearchPapers #HIDGlobal #RFID #RelayAttack #Cryptanalysis #PhysicalAccessControl #ISO14443
    __
    ¹ eprint.iacr.org/2023/450

  12. CW: research review

    S. Haskins and T. Stevado, "Unlocking doors from half a continent away: A relay attack against HID Seos"¹

    HID Global is a major vendor of physical access control systems. In 2012, it introduced Seos, its newest and most secure contactless RFID credential technology, successfully remediating known flaws in predecessors iCLASS and Prox. Seos has been widely deployed to secure sensitive assets and facilities. To date, no published research has demonstrated a security flaw in Seos. We present a relay attack developed with inexpensive COTS hardware, including the Proxmark 3 RDV4. Our attack is capable of operating over extremely long ranges as it uses the Internet as a communications backbone. We have tested multiple real-world attack scenarios and are able to unlock a door in our lab with a card approximately 1960 km away. Our attack is covert and does not require long-term access to the card. Further, our attack is generic and is potentially applicable to other protocols that, like Seos, use ISO/IEC 14443A to communicate. We discuss several mitigations capable of thwarting our attack that could be introduced in future credential systems or as an update to Seos-compatible readers' firmware; these rely on rejecting cards that take too long to reply.

    #IACR #ResearchPapers #HIDGlobal #RFID #RelayAttack #Cryptanalysis #PhysicalAccessControl #ISO14443
    __
    ¹ eprint.iacr.org/2023/450

  13. CW: research review

    S. Haskins and T. Stevado, "Unlocking doors from half a continent away: A relay attack against HID Seos"¹

    HID Global is a major vendor of physical access control systems. In 2012, it introduced Seos, its newest and most secure contactless RFID credential technology, successfully remediating known flaws in predecessors iCLASS and Prox. Seos has been widely deployed to secure sensitive assets and facilities. To date, no published research has demonstrated a security flaw in Seos. We present a relay attack developed with inexpensive COTS hardware, including the Proxmark 3 RDV4. Our attack is capable of operating over extremely long ranges as it uses the Internet as a communications backbone. We have tested multiple real-world attack scenarios and are able to unlock a door in our lab with a card approximately 1960 km away. Our attack is covert and does not require long-term access to the card. Further, our attack is generic and is potentially applicable to other protocols that, like Seos, use ISO/IEC 14443A to communicate. We discuss several mitigations capable of thwarting our attack that could be introduced in future credential systems or as an update to Seos-compatible readers' firmware; these rely on rejecting cards that take too long to reply.

    #IACR #ResearchPapers #HIDGlobal #RFID #RelayAttack #Cryptanalysis #PhysicalAccessControl #ISO14443
    __
    ¹ eprint.iacr.org/2023/450

  14. CW: research review

    S. Haskins and T. Stevado, "Unlocking doors from half a continent away: A relay attack against HID Seos"¹

    HID Global is a major vendor of physical access control systems. In 2012, it introduced Seos, its newest and most secure contactless RFID credential technology, successfully remediating known flaws in predecessors iCLASS and Prox. Seos has been widely deployed to secure sensitive assets and facilities. To date, no published research has demonstrated a security flaw in Seos. We present a relay attack developed with inexpensive COTS hardware, including the Proxmark 3 RDV4. Our attack is capable of operating over extremely long ranges as it uses the Internet as a communications backbone. We have tested multiple real-world attack scenarios and are able to unlock a door in our lab with a card approximately 1960 km away. Our attack is covert and does not require long-term access to the card. Further, our attack is generic and is potentially applicable to other protocols that, like Seos, use ISO/IEC 14443A to communicate. We discuss several mitigations capable of thwarting our attack that could be introduced in future credential systems or as an update to Seos-compatible readers' firmware; these rely on rejecting cards that take too long to reply.

    #IACR #ResearchPapers #HIDGlobal #RFID #RelayAttack #Cryptanalysis #PhysicalAccessControl #ISO14443
    __
    ¹ eprint.iacr.org/2023/450

  15. CW: research review

    S. Haskins and T. Stevado, "Unlocking doors from half a continent away: A relay attack against HID Seos"¹

    HID Global is a major vendor of physical access control systems. In 2012, it introduced Seos, its newest and most secure contactless RFID credential technology, successfully remediating known flaws in predecessors iCLASS and Prox. Seos has been widely deployed to secure sensitive assets and facilities. To date, no published research has demonstrated a security flaw in Seos. We present a relay attack developed with inexpensive COTS hardware, including the Proxmark 3 RDV4. Our attack is capable of operating over extremely long ranges as it uses the Internet as a communications backbone. We have tested multiple real-world attack scenarios and are able to unlock a door in our lab with a card approximately 1960 km away. Our attack is covert and does not require long-term access to the card. Further, our attack is generic and is potentially applicable to other protocols that, like Seos, use ISO/IEC 14443A to communicate. We discuss several mitigations capable of thwarting our attack that could be introduced in future credential systems or as an update to Seos-compatible readers' firmware; these rely on rejecting cards that take too long to reply.

    #IACR #ResearchPapers #HIDGlobal #RFID #RelayAttack #Cryptanalysis #PhysicalAccessControl #ISO14443
    __
    ¹ eprint.iacr.org/2023/450