Remix.run Logo
mikepurvis 4 hours ago

Is... that possible? I thought the whole point is that those were a challenge-response specifically to avoid ever them disclosing over the air the material necessary to impersonate one.

jchulce 4 hours ago | parent | next [-]

Keyfobs absolutely should use a secure challenge-response protocol in order to prevent cloning. Unfortunately, it's extremely common for RFID devices to simply use the tag ID which is trivially cloneable. Many of the systems that make some attempt at security still fail by using a broken protocol or a flawed implementation.

Aachen an hour ago | parent | prev | next [-]

You're thinking of NFC, not RFID, and with NFC the owner might not have changed the default keys.

It's a common mix-up (people barely differentiate between the terms anymore, though I'm surprised nobody in 2 hours mentioned it yet), basically RFID is (historically) an ID; a username. Like an ID field in a database. NFC is near-field communication: bidirectional. It does challenge-response and typically runs on hardened chips. But yeah people will call NFC chips RFID and RFID chips NFC all the time. Both are waterproof devices doing radio transmissions on wireless power and you can't tell them apart without using some equipment to try and read the chip type (even if most phones can do that nowadays), so I can understand the terminology generalisation

Rebelgecko an hour ago | parent | prev | next [-]

Many RFID cards are literally just an ID number, and will happily allow you to copy that number to your own RFID card (look up "blue cloner guns", although they have their own downsides). Basically just security through obscurity. Cards that do fancy crypto stuff exist, but odds are your workplace badge, apartment fob, or hotel room key is the simple kind (because those are cheaper)

DaSHacka 38 minutes ago | parent | prev | next [-]

Even that process can be flawed, see: Crypto1 and all the shenanigans that followed.

Recent UL-C/AES disclosure too IIRC

GuB-42 3 hours ago | parent | prev | next [-]

Some cards don't have any form of security. For example Konami "e-amusement" cards are just an ID number, which is also written on the back of the card. It is a username so to speak, the password is the PIN you enter when you start the game.

Some cards use some kind of challenge-response but are weak and are easily crackable.

Some cards have an anti-copy protection based on rolling codes, be careful with these. The idea is that when you use it to, say, open a door, the card sends a code to the reader and if correct, that code is burned and the reader replies with the next code, which is stored in the card for the next time, making every other copy (possibly including the original) unusable. If the card emulator doesn't store the rolling code, you are completely locked out.

Some cards have a proper challenge-response mechanism that works and can't be easily copied.

natbennett 3 hours ago | parent | prev | next [-]

Oh yeah that’s how you’re supposed to do it. But it’s entirely possible to set up a system that uses RFID key fobs that uh, doesn’t.

In the case where it was most useful to make copies they did eventually replace the system with one where the keys weren’t copy able. Which was better!

Larrikin an hour ago | parent | prev | next [-]

In my old apartment I was able to copy my fob from my apartment office. In my new one I had to record the interaction with the door and was then able to open the door

givc 4 hours ago | parent | prev | next [-]

I don’t know a whole lot about RFID, but some of the most basic cards can be copied very easily. When scanned, the reader always reads the same bits.

I believe there are some more secure cards, like Mifare DESFire EV3 that do provide some security. You’d be shocked how insecure most RFID readers for security cards are.

p_l 4 hours ago | parent | prev | next [-]

RFID keys vary from utterly dumb ID-based, to hackable challenge-response, to actual NFC smartcard (very rare).

Some of that can be trivially cloned.

aarjaneiro 3 hours ago | parent | prev | next [-]

Most dont :)

fragmede 4 hours ago | parent | prev [-]

Depends on where you are. Newer systems are resistant to attack, but not everywhere has upgraded to newer systems.