Devil in a box: Installing backdoors in electronic door locks

Seongyeol Oh; Joon Sung Yang; Andrea Bianchi; Hyoungshick Kim

doi:10.1109/PST.2015.7232965

Devil in a box: Installing backdoors in electronic door locks

Seongyeol Oh, Joon Sung Yang, Andrea Bianchi, Hyoungshick Kim

Department of Computer Science and Engineering

Sungkyunkwan University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Electronic door locks must be carefully designed to allow valid users to open (or close) a door and prevent unauthorized people from opening (or closing) the door. However, lock manufacturers have often ignored the fact that door locks can be modified by attackers in the real world. In this paper, we demonstrate that the most popular electronic door locks can easily be compromised by inserting a malicious hardware backdoor to perform unauthorized operations on the door locks. Attackers can replay a valid DC voltage pulse to open (or close) the door in an unauthorized manner or capture the user's personal identification number (PIN) used for the door lock.

Original language	English
Title of host publication	2015 13th Annual Conference on Privacy, Security and Trust, PST 2015
Editors	Huseyin Hisil, Ali Ghorbani, Joaquin Garcia-Alfaro, Ahmet Koltuksuz, Vincenc Torra, Jie Zhang, Murat Sensoy, Ibrahim Zincir, Ali Miri
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	139-144
Number of pages	6
ISBN (Electronic)	9781467378284
DOIs	https://doi.org/10.1109/PST.2015.7232965
State	Published - 31 Aug 2015
Event	13th Annual Conference on Privacy, Security and Trust, PST 2015 - Izmir, Turkey Duration: 21 Jul 2015 → 23 Jul 2015

Publication series

Name	2015 13th Annual Conference on Privacy, Security and Trust, PST 2015

Conference

Conference	13th Annual Conference on Privacy, Security and Trust, PST 2015
Country/Territory	Turkey
City	Izmir
Period	21/07/15 → 23/07/15

Access to Document

10.1109/PST.2015.7232965

Cite this

Oh, S., Yang, J. S., Bianchi, A., & Kim, H. (2015). Devil in a box: Installing backdoors in electronic door locks. In H. Hisil, A. Ghorbani, J. Garcia-Alfaro, A. Koltuksuz, V. Torra, J. Zhang, M. Sensoy, I. Zincir, & A. Miri (Eds.), 2015 13th Annual Conference on Privacy, Security and Trust, PST 2015 (pp. 139-144). Article 7232965 (2015 13th Annual Conference on Privacy, Security and Trust, PST 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/PST.2015.7232965

Oh, Seongyeol ; Yang, Joon Sung ; Bianchi, Andrea et al. / Devil in a box : Installing backdoors in electronic door locks. 2015 13th Annual Conference on Privacy, Security and Trust, PST 2015. editor / Huseyin Hisil ; Ali Ghorbani ; Joaquin Garcia-Alfaro ; Ahmet Koltuksuz ; Vincenc Torra ; Jie Zhang ; Murat Sensoy ; Ibrahim Zincir ; Ali Miri. Institute of Electrical and Electronics Engineers Inc., 2015. pp. 139-144 (2015 13th Annual Conference on Privacy, Security and Trust, PST 2015).

@inproceedings{876efa50658f4349b753eaecd25543cf,

title = "Devil in a box: Installing backdoors in electronic door locks",

abstract = "Electronic door locks must be carefully designed to allow valid users to open (or close) a door and prevent unauthorized people from opening (or closing) the door. However, lock manufacturers have often ignored the fact that door locks can be modified by attackers in the real world. In this paper, we demonstrate that the most popular electronic door locks can easily be compromised by inserting a malicious hardware backdoor to perform unauthorized operations on the door locks. Attackers can replay a valid DC voltage pulse to open (or close) the door in an unauthorized manner or capture the user's personal identification number (PIN) used for the door lock.",

author = "Seongyeol Oh and Yang, \{Joon Sung\} and Andrea Bianchi and Hyoungshick Kim",

note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; 13th Annual Conference on Privacy, Security and Trust, PST 2015 ; Conference date: 21-07-2015 Through 23-07-2015",

year = "2015",

month = aug,

day = "31",

doi = "10.1109/PST.2015.7232965",

language = "English",

series = "2015 13th Annual Conference on Privacy, Security and Trust, PST 2015",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "139--144",

editor = "Huseyin Hisil and Ali Ghorbani and Joaquin Garcia-Alfaro and Ahmet Koltuksuz and Vincenc Torra and Jie Zhang and Murat Sensoy and Ibrahim Zincir and Ali Miri",

booktitle = "2015 13th Annual Conference on Privacy, Security and Trust, PST 2015",

}

Oh, S, Yang, JS, Bianchi, A & Kim, H 2015, Devil in a box: Installing backdoors in electronic door locks. in H Hisil, A Ghorbani, J Garcia-Alfaro, A Koltuksuz, V Torra, J Zhang, M Sensoy, I Zincir & A Miri (eds), 2015 13th Annual Conference on Privacy, Security and Trust, PST 2015., 7232965, 2015 13th Annual Conference on Privacy, Security and Trust, PST 2015, Institute of Electrical and Electronics Engineers Inc., pp. 139-144, 13th Annual Conference on Privacy, Security and Trust, PST 2015, Izmir, Turkey, 21/07/15. https://doi.org/10.1109/PST.2015.7232965

Devil in a box: Installing backdoors in electronic door locks. / Oh, Seongyeol; Yang, Joon Sung; Bianchi, Andrea et al.
2015 13th Annual Conference on Privacy, Security and Trust, PST 2015. ed. / Huseyin Hisil; Ali Ghorbani; Joaquin Garcia-Alfaro; Ahmet Koltuksuz; Vincenc Torra; Jie Zhang; Murat Sensoy; Ibrahim Zincir; Ali Miri. Institute of Electrical and Electronics Engineers Inc., 2015. p. 139-144 7232965 (2015 13th Annual Conference on Privacy, Security and Trust, PST 2015).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Devil in a box

T2 - 13th Annual Conference on Privacy, Security and Trust, PST 2015

AU - Oh, Seongyeol

AU - Yang, Joon Sung

AU - Bianchi, Andrea

AU - Kim, Hyoungshick

PY - 2015/8/31

Y1 - 2015/8/31

N2 - Electronic door locks must be carefully designed to allow valid users to open (or close) a door and prevent unauthorized people from opening (or closing) the door. However, lock manufacturers have often ignored the fact that door locks can be modified by attackers in the real world. In this paper, we demonstrate that the most popular electronic door locks can easily be compromised by inserting a malicious hardware backdoor to perform unauthorized operations on the door locks. Attackers can replay a valid DC voltage pulse to open (or close) the door in an unauthorized manner or capture the user's personal identification number (PIN) used for the door lock.

AB - Electronic door locks must be carefully designed to allow valid users to open (or close) a door and prevent unauthorized people from opening (or closing) the door. However, lock manufacturers have often ignored the fact that door locks can be modified by attackers in the real world. In this paper, we demonstrate that the most popular electronic door locks can easily be compromised by inserting a malicious hardware backdoor to perform unauthorized operations on the door locks. Attackers can replay a valid DC voltage pulse to open (or close) the door in an unauthorized manner or capture the user's personal identification number (PIN) used for the door lock.

UR - https://www.scopus.com/pages/publications/84958668586

U2 - 10.1109/PST.2015.7232965

DO - 10.1109/PST.2015.7232965

M3 - Conference contribution

AN - SCOPUS:84958668586

T3 - 2015 13th Annual Conference on Privacy, Security and Trust, PST 2015

SP - 139

EP - 144

BT - 2015 13th Annual Conference on Privacy, Security and Trust, PST 2015

A2 - Hisil, Huseyin

A2 - Ghorbani, Ali

A2 - Garcia-Alfaro, Joaquin

A2 - Koltuksuz, Ahmet

A2 - Torra, Vincenc

A2 - Zhang, Jie

A2 - Sensoy, Murat

A2 - Zincir, Ibrahim

A2 - Miri, Ali

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 21 July 2015 through 23 July 2015

ER -

Oh S, Yang JS, Bianchi A, Kim H. Devil in a box: Installing backdoors in electronic door locks. In Hisil H, Ghorbani A, Garcia-Alfaro J, Koltuksuz A, Torra V, Zhang J, Sensoy M, Zincir I, Miri A, editors, 2015 13th Annual Conference on Privacy, Security and Trust, PST 2015. Institute of Electrical and Electronics Engineers Inc. 2015. p. 139-144. 7232965. (2015 13th Annual Conference on Privacy, Security and Trust, PST 2015). doi: 10.1109/PST.2015.7232965

Devil in a box: Installing backdoors in electronic door locks

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this