Mutual authentication is optional

Presented at DEF CON 32 (2024), Aug. 10, 2024, 10 a.m. (20 minutes).

Physical access control systems are often exploited in a number of ways. It could be weaknesses found within the credential itself, the antiquated communication protocol, the hardware itself, or the firmware it is running. But more often than not, it is a combination of factors that allow a variety of attacks from multiple dimensions. Some are extremely trivial and require little to no skill to perform, whereas some attacks require a bit more setup and knowledge of how the underlying technology works. We will go into detail on how these systems work, why verifying mutual authentication is important for physical access control systems and the exploits that can be accomplished, as well as ways to mitigate these exploits to make your facility more secure. This talk will include interactive demos involving official HID readers and hardware, proxmark3, and the flipper zero. - [link](https://www.hidglobal.com/doclib/files/resource_files/an0109_a.2_credential_id_markings_application_note.pdf) - [link](https://gist.github.com/bettse/36f25f9a2fcca74d773587cc8e780766) - [link](https://ipvm.com/reports/hid-downgrade) - [link](https://ipvm.com/reports/iclass-se-not-cracked) - [link](https://github.com/RfidResearchGroup/proxmark3/blob/master/doc/hid_downgrade.md)

Presenters:

• Xavier Zhang
  Xavier Zhang is a physical security consultant and security researcher working with RFID enabled technologies and physical access control systems. He is the author of numerous pieces of documentation in Iceman’s proxmark3 repo such as the HID credential downgrade guide and an avid bug hunter in the proxmark3 community. ‍ Aside of physical security consulting, Xavier loves everything to do with DRM and reverse engineering how various forms of DRM are implemented in RFID tags. Currently Xavier is working on decoding the DRM used in a license violating closed source app based on the proxmark3 source, and all of the RFID tags it uses to help keep open source, open source.

Similar Presentations:

• DEF CON 32 (2024) / Redefining V2G - How to use your vehicle as a game controller
• DEF CON 32 (2024) / Modem Operandi, or: How I Owned Hundreds of Millions of Broadband Basebands
• DEF CON 32 (2024) / Laundering Money