Vulnerability Discovered in Hotel Room Key Cards Worldwide
Security experts have revealed significant vulnerabilities in contactless cards, which are commonly used in hotel rooms and office buildings worldwide. These flaws, found in the cards' RFID technology, would allow unauthorized individuals to open doors easily.
Researchers from Quirkslab centered their analysis on the FM11RF08S card, a variant of the widely-used and older MIFARE Classic card, launched in 2020 by Shanghai Fudan Microelectronics, which is known for manufacturing 'MIFARE compatible' chips without a proper license. While the FM11RF08S was touted to contain mechanisms that counter all previous card-only attacks, the use of this card proliferates, raising substantial security concerns.
Alarmingly, it took the researchers a matter of minutes to devise an attack that can compromise the FM11RF08S sector keys, especially when the keys were reused across multiple cards. They discovered a hardware backdoor that could authenticate the card with an unknown key. Further analysis led to the revelation that this backdoor is common across all FM11RF08S cards.
By using this backdoor, researchers could execute various attacks, all of which could breach all card keys within a few minutes without prior knowledge of initial keys, relying only on the backdoor key. Furthermore, older models, particularly the FM11RF08 introduced in late 2007, were similarly compromised, with the secondary key also proving common across all cards within this generation and other associated types like FM11RF32 and FM1208-10.
A hardware backdoor in these cards raises the threat that an attacker with direct access to the card could clone it rapidly, posing supply chain attack risks. An optimized attack could even amplify the attack speed five to six times by reverse-engineering the nonce generation mechanism.
Philippe Teuwen from Quirkslab confirmed, "the FM11RF08S backdoor compromises all user-defined keys, facilitating swift unauthorized card access." Additionally, issued similar alerts regarding older, noted vulnerabilities including one in Dormakaba's Saflok RFID locks revealed to have exploitable deficiencies as recently as March.
Users of MIFARE Classic technology should evaluate their systems' risks since these cards appear prevalent in hotels throughout the U.S., Europe, and India, unbeknownst to many that their card infrastructure incorporates potentially compromised Fudan FM11RF08 or FM11RF08S cards. Thus, infrastructures utilizing these cards should undergo security assessments to mitigate these emergent risks.
Earlier, SSP wrote that Peloton integrated Kindle: a perfect blend of workout and reading.