2013-06-24T09:00:00Z,2013-06-24:/posts/2013/06/A_Tale_of_102_RFID_Cards/ A tale of 102 RFID cards 2013-06-24T09:00:00Z 2013-06-24T09:00:00Z <p>About 6 months ago i bought 102 EM4100 protocol RFID cards (From <a href="">here</a>) and a compatible RFID reader <a href=""></a>.</p> <p>EM4100 protocol cards are factory programed with an 8bit Customer or Version ID, 32bit unique code and some parity information. Once the card powers up from being within proximity of a reader it starts blasting out this code encoded in Manchester and looks something like this.</p> <p><img src="/posts/2013/06/capture.png" alt="Data capture" /></p> <p>The theoretical minimum transmission speed possible is about 28ms, however many readers require you to transmit this code twice for it to be accepted.</p> <p>This gives a total keyspace of 4,294,967,296 (2^32) or 1,099,511,627,776 (2^40) if you are using unique Customer or Version ID’s. At the theoretical minimum transmission speed of 28ms this gives a worst case brute force time of 3.81086182 years or 975.580625 years if using unique Customer or Version ID’s.</p> <!-- more --> <p>Lets assume you don’t know the Customer or Version ID and you are attacking a door with 10,000 valid cards, at 0.028 seconds per card it would take 35.63 days. Knowledge of the Customer or Version ID takes this time down to 3.341 hours.</p> <p>A more realistic example of 200 cards would take 6.959 days or 4.87895 years without knowledge of the Customer or Version ID.</p> <p>One major security feature is the relatively slow transmission speed, you will have a hard time finding a commercial reader that can read cards back to back at 28 milliseconds each. Generally you get a reading time between 0.1 and 1 seconds.</p> <p>However this security is relining on the numbers being uniquely random. If a company use the same Customer or Version ID and an attacker has knowledge of this number they have reduced the system entropy by 1,095,216,660,480 potential combinations, a 99.61% reduction.</p> <p>So with the entire security of the system relying on the strength of the random number generator used to program these cards, lets have a look at two separate packs of 51 cards i bought on eBay from china.</p> <p>99 of the cards had the same Customer or Version ID of 0×06 with the remaining 3 cards having 0×07.</p> <p>Here is a graph showing the 99 cards in the order they where shipped in with their Customer or Version ID omitted.</p> <p><img src="/posts/2013/06/graph.png" alt="Data capture" /></p> <table> <tbody> <tr> <td><strong>Min:</strong></td> <td>25773269859</td> </tr> <tr> <td><strong>Max:</strong></td> <td>25785845002</td> </tr> <tr> <td><strong>Range:</strong></td> <td>12575143</td> </tr> </tbody> </table> <p>Right off the bat you can tell that there is a problem here, the vast majority of cards are with a very close proximity of others. The problem is even worse when the cards have been clustered.</p> <table> <thead> <tr> <th>Cluster</th> <th>%</th> <th>Mean</th> <th>STD Deviation</th> </tr> </thead> <tbody> <tr> <td>1</td> <td>42.42%</td> <td>25775067346.5</td> <td>14166.12</td> </tr> <tr> <td>2</td> <td>39.39%</td> <td>25774974455</td> <td>11566.25</td> </tr> <tr> <td>3</td> <td>10.10%</td> <td>25785758931.5</td> <td>6361.64</td> </tr> <tr> <td>4</td> <td>4.04%</td> <td>25785473311.5</td> <td>9401.02</td> </tr> <tr> <td>5</td> <td>1.01%</td> <td>25785845002</td> <td>N/A One card only</td> </tr> <tr> <td>6</td> <td>1.01%</td> <td>25785343243</td> <td>N/A One card only</td> </tr> <tr> <td>7</td> <td>1.01%</td> <td>25773269859</td> <td>N/A One card only</td> </tr> <tr> <td>8</td> <td>1.01%</td> <td>25775166994</td> <td>N/A One card only</td> </tr> </tbody> </table> <p>Even with a more realistic reading time of 0.2 seconds per card you have a 40.4% chance of guessing a valid RFID card within 5666.448 seconds or 95 minutes based on 1 card within cluster 1 alone. Including cluster 2 you have a 78.08% chance of guessing a valid RFID card in under 10292.948 seconds or 172 minutes.</p> <p>This pattern persisted through two stacks of cards (individually packaged i might add) so if you know the supplier used you could have a good chance of guessing a valid card. The big “security by X” logo stuck on the door can be a big hint here. The clusters appear pretty quickly so buying even 10 cards from a company could be enough to start an attack with good chances.</p> <p>Another scenario is if you obtain a lost invalid or partially valid (eg. low security areas only) card, you can use that to stage an attack by guessing numbers around it with potentially some success.</p> <p>However the addition of even a 2 digit pincode along with the RFID card makes these attacks infeasible on increased input time alone.</p> <p>Another mitigation strategy is to increase the processing time of cards into the range of seconds. This has the added benefit of not only decreasing the feasibility of such an attack but also not requiring users to change their behavior. This however does not protect from lost or stolen cards like an additional pincode.</p> <p>Raw Data available as an zipped ODS file: <a href="posts/2013/06/">RFID Results</a></p>,2013-03-05:/posts/2013/03/Duplicating_House_Keys_Using_a_3D_Printer/ Duplicating house keys using a 3d printer 2013-03-05T09:00:00Z 2013-03-05T09:00:00Z <p>I had the idea to duplicate some house keys on my Makerbot Thing-O-Matic 3D printer after seeing a post about in on thingiverse <a href="">here</a>.</p> <p>So after messing around with the script for a while i couldnt really get it to work so i decided to just make a script from scratch to improve my SCAD skills. (SCAD is like a programing language for creating parametric 3d CAD objects)</p> <p>After a few hours with a key and a pair of digital calipers i got an object that fit in the lock but has not been cut (think of a blank key).</p> <p><img src="../key.jpg" alt="Key Blank Openscad" /></p> <p><img src="../Blank-comparison-2.jpg" alt="Blank comparison - front" /></p> <p><img src="../Blank-comparison.jpg" alt="Blank comparison - Top" /></p> <p>From there i started working on the cuts. On this particular key the cut depth appeared to be a multiple of 0.58mm with spacing from every cut being equal to 4.12mm. Some of these measurements where gained by using <a href="">this cheat sheet</a>.</p> <p>This step was mostly trial and error, i made modifications halfway through to reduce printing time and many modifications to the multipliers, cut depths, ect…</p> <p><img src="../IMG_0255.jpg" alt="All keys" /></p> <p>Eventually came up with some results as shown above. After the measurements where perfected the keys started to work. The keys are brittle but do work and most locks don’t have much resistance turning the key when the key fits. The use of a torsion bar to turn the lock could be used on rusted or heavy locks.</p> <p>Every key has a bit-code, this is a set of numbers that identify the key’s ID number. Any similar style key with the same bit-code will work in the same lock. I was able to guess the bit-code but this photo will show what im doing. We are measuring the dips and not the ridges, the ridges exist to ensure the tumbler pins rest in place.</p> <p>Note: In my script the bit-code goes from base to tip, other scripts or even official documentation may be different.</p> <p><img src="../BitCode.jpg" alt="BitCode" /></p> <p>The keys only have 7 ridges based on documentation linked above. This gives a total key-space of 7^7 or 823,543 different combinations.</p> <p>With such a small combination of ridges its not hard to see why lock-picking isn’t difficult. Not only that but the keys are pretty easy to duplicate based off visual identification, the SNEAKEY system deminstrated this as shown <a href="">here</a>.</p> <p><img src="../OpeSCAD-Render.png" alt="OpeSCAD Render" /></p> <p><img src="../Cut-comparison.jpg" alt="Cut comparison" /></p> <p><img src="../CutLock.jpg" alt="Cut - Lock" /></p> <p>In total i did this entire project in just a few hours, its scary how simple many of these keys are in design. I would estimate that i could duplicate high security keys in a similar time if my printer has the accuracy. Sure some of these high security keys are very difficult to pick but if all it takes is visual inspection of a key to breach a lock then this presents a problem for people who wish to keep things behind locked doors.</p> <p>Perhaps now with the boom of consumer grade 3D Printers its more important than ever to move to digital keys.</p>,2012-11-05:/posts/2012/11/Fixing_a_Broken_Samsung_2233_LCD/ Fixing a broken Samsung 2233 LCD 2012-11-05T09:00:00Z 2012-11-05T09:00:00Z <p>I bought 3 Samsung 2233 120hz LCD’s on the cheap before they where being discontinued over a year ago. They are great screens and the 120hz refresh rate is just very nice on the eyes.</p> <p>However one of them broke! Devastated i immediately took the thing apart. It would turn on for only a second, the back-light would flash and turn off with the LCD still functioning, a broken backlight. Having encounterd the problem many many times i immediately thought it was a leaky capacitor. Easy enough thing to fix, replace a few broken capacitors with some from jaycar. However all the capacitors where 100% fine.</p> <p>I checked the primary rails of 13v, 5v, 3.3v and they where all fine when the screen was on. So its not the capacitors or the rails. So i checked the Backlight control lines that lead into the power supply for spikes or changes. Everything still operating as expected.</p> <p><img src="/posts/2012/11/Backlight.jpg" alt="Backlight" /></p> <p>I followed where the control lines lead on the PCB and was lead to a Control chip. After some probing i noticed one of its feed back lines was out of the expected range according to the datasheet of 1-2v. Its lines connected to a set of transistors that in turn connected to the LCD inverter output.</p> <p><img src="/posts/2012/11/backlight_outline.jpg" alt="Backlight outline" /></p> <p>This meant that either the MOSFET was blown or the transformer was broken. Some probing later and it appeared as if the MOSFET was working fine. I then de-soldered the transformer to measure its coil resistance.</p> <p><img src="/posts/2012/11/coil_resistance.jpg" alt="Coil resistance" /></p> <p>The identical secondary coils where out of sync by a massive 40%! 881 and 1233 ohms respectively. I have zero idea how a passive component could fail like this but it has.</p> <p>I ordered a replacement off ebay <a href=";hash=item2324794603">here</a> and the screen was then fine! The coil resistance was 890 ohms on both secondary coils The feedback loop was then stable at 1.5V. Exactly between the expected range of 1-2V</p>,2012-09-05:/posts/2012/09/Motorbike_Clock_Part_2/ Motorbike Clock Part 2 2012-09-05T09:00:00Z 2012-09-05T09:00:00Z <p>With my motorbike clock built and programmed i needed a way to mount it to my motorcycle. So i designed a container in blender and printed it on my 3D printer.</p> <p><img src="/posts/2012/09/Motorbike-Clock-Render.jpg" alt="Motorbike clock render" /></p> <p><img src="/posts/2012/09/IMG_0028.jpg" alt="3D printer" /></p> <p><img src="/posts/2012/09/IMG_0031.jpg" alt="Finished Part" /></p> <p>Turned out almost perfect! A few warping problems and a few measurement changes ill need to make but that’s the beauty of 3D Printing!</p>,2012-09-04:/posts/2012/09/Moon_Laser_Laser_Projector_Part_1/ Moon Laser - Laser projector Part 1 2012-09-04T09:00:00Z 2012-09-04T09:00:00Z <p>A few years back i got this idea to play games on large walls on the side of buildings using a projector. Simple stuff like Mario Kart and the projected image was not very large.</p> <p>The limitation of the projector light sources limited the size of the image but i thought why not use a laser. Lasers don’t have focus problems and hardly loose brightness over distance compared to standard projectors. They are however vector but that wont create problems for old-school style games like Tetris, only 30m high!</p> <p>Laser projectors work by having very fast moving mirrors to reflect the laser light very fast and are often known as “Galvos”. After some research i found it too difficult to make the laser galvo’s from scratch so i bought a small 30,000point per second galvo and its controllers off eBay.</p> <p>To interface this galvo with a computer i needed a DAC or Digital-to-analogue converter that outputted 0-10v on two points. I hacked together one on some breadboard from a SMD MCP4922 i had lying around.</p> <p><img src="/posts/2012/09/IMG_0017.jpg" alt="Prototype board" /></p> <p>This worked for a while but i got sick of having to reconnect the board when i wanted to use the host arduino for another project. (it would have probably been much easier to just buy another one but this way was more fun) So i did what any insane person would do and build a PCB for it. I needed to get another board made so i just joined the orders.</p> <p>Its a fairly simple layout in EAGLE CAD</p> <p><img src="/posts/2012/09/Moon-Laser-DAC.png" alt="board schematic" /></p> <p><img src="/posts/2012/09/MoonLaserDACBoard.png" alt="board Layout" /></p> <p>Then send off the circuit boards for manufacture! They came back looking pretty good!</p> <p><img src="/posts/2012/09/PCBs.jpg" alt="boards" /></p> <p>I put it all together and connected it up to an Arduino and it was like magic! All except for a pull down resistor on the chipselect pin i missed on the revision i sent off to get made (updated schematics shown above)(you can never get it right the first time….)</p> <p><img src="/posts/2012/09/New-controller.jpg" alt="Controller" /></p> <p>Unfortunately when i started the thing up to test the powersupply for the laser galvo broke :( its a weird 2 rail 24v -/+ supply and i am yet to find something to replace it with. I may have to build my own :P</p>,2012-09-02:/posts/2012/09/Motorbike_Clock_Part_1/ Motorbike Clock Part 1 2012-09-02T09:00:00Z 2012-09-02T09:00:00Z <p>I got sick of not knowing the time when i ride my motorbike. So i designed a clock to tell the time for me!</p> <p>Using a <a href="">7segment Display from SparkFun</a> a Real Time Clock (I used the ultra accurate DS3232) and a ATMEGA328p.</p> <p>For the sake of saving space i built it in two layers. This is the first time ive used a SMPS in a design. I used the 5v version of the LM2594 and it was surprisingly simple to use. It worked pretty well. I had originally planned to control the brightness of the display using a LDR but i never implemented this.</p> <p><img src="/posts/2012/09/MotorbikeClockv01sch.png" alt="sch" /></p> <p><img src="/posts/2012/09/MotorbikeClockv01brd.png" alt="brd" /></p> <p>After getting the boards made with another order they came out pretty nice.</p> <p><img src="/posts/2012/09/IMG_0022.jpg" alt="brd1" /></p> <p><img src="/posts/2012/09/IMG_0024.jpg" alt="brd2" /></p> <p>Covered the 12mm battery in kapton tape to keep it in its holder and insulate it.</p> <p><img src="/posts/2012/09/IMG_0025.jpg" alt="brd1" /></p> <p><img src="/posts/2012/09/IMG_0027.jpg" alt="brd2" /></p> <p>Programing it was a sinch! Using a mixture of C, pre existing arduino libs and processing to upload the time. The clock works in 12 hour time and the seconds are shown in binary on the decimal places on the display with 4 second accuracy (one bit equals 4 seconds).</p> <p>The Full code and PCB schematics are available here: <a href="/posts/2012/09/">Motorbike Clock V0.1</a></p>,2012-08-29:/posts/2012/08/Block_Cipher_Modes_of_Operation/ Block Cipher Modes of Operation 2012-08-29T09:00:00Z 2012-08-29T09:00:00Z <p>There is more to encryption than just a fancy cipher. A badly implemented encryption method can be just as bad as an insecure cipher. One of the factors when choosing how to encrypt a file is the mode of operation.</p> <p>Say you are working on a brand new top secret tank design. You have finished the blueprints and now you need to send it halfway across the country to be built. Due to the nature of this special tank you need to ensure that it is kept a secret so you decide to encrypt the plans with AES. You pre-shared a key the last time you where at the manufacturing facility so the key is secure but you use vanilla AES-128-ECB (Electronic codebook) encryption, where every block of the file is simply encrypted using the key.</p> <pre><code>$ openssl aes-128-ecb -in M1A1.BMP -out M1A1-ecb.BMP enter aes-128-cbc encryption password: **** Verifying – enter aes-128-cbc encryption password: **** </code></pre> <p>However during transport a 3rd party was able to intercept the files. They where not able to decrypt the file as they did not know the encryption key but they where able to copy the BMP header from another similar sized file.</p> <pre><code>$ dd if=M1A1.BMP of=M1A1-ecb.BMP bs=1 count=54 conv=notrunc </code></pre> <p>When they opened the file in a image program they where able to get a rough outline of the image.</p> <p><img src="../Mode-of-operations-comparison.jpg" alt="Cipher Modes" /></p> <!-- more --> <p>There is not enough information to independently construct the tank but they can see what is being worked on. This happens due to problems in how repetitive data is encrypted and is a problem with all major encryption standards. When you encrypt 2 identical blocks of data you can expect it to have the same output. Images can have large blocks of color that are identical. Because of this when rendered in an image program you can get an outline like above. Because of this there was a need for new ways to encrypt data so that it appears as completely unreadable data such as in the AES128 CBC example above. One of the most popular ways of doing this is by using Cipher-block chaining (CBC). This is the default mode for encrypted ZIP files and by far the most common of all modes.</p> <p><img src="../Cbc_encryption.png" alt="Cipher Modes" /></p> <p>Here there is an addition of a Initialization Vector (IV) and the input is different for every block. The key is a product of the previous data so similar plain-text blocks do not equal the same encrypted blocks. The Initialization Vector (IV) is added as to guarantee uniqueness for the first and successive blocks. The Initialization Vector (IV) is considered public information and is normally included in the beginning of the file. It is however important to never use the same Initialization Vector (IV)/password pair as doing so may give away information about the first block of data. Generally the Initialization Vector (IV) is randomly generated.</p> <p><img src="../Ctr_encryption.png" alt="Cipher Modes" /></p> <p>Another method of introducing this random propagation to the cypher-text is by transforming the block cypher into a stream cypher. Using it to create a key-stream by encrypting a increasing counter using a secret key and XOR’ing that with the plaintext. This has the added benefit of not requiring padding of data as a precise length of key-stream can be created. This is called Counter (CTR) mode. Some people feel that having such a systematic input is an unnecessary risk so the addition of a Initialization Vector (IV) added in some way to the counter recommended. However the Security of this mode is largely dependent on the security of the underlying block cipher.</p> <p>This mode has the benefit of being able to encrypt and decrypt any block using parallel computations making it very suitable for disk level encryption. Random access and even pre-processing making this one of the fastest common modes and also the simplest to implement.</p> <p>One of the problems, especially with CTR and CBC is that while you have confidentiality you do not have integrity or authenticity. For this reason modes that provided confidentiality, integrity and authenticity where developed and are referred to as Authenticated Encryption Modes.</p> <p>One such mode is Counter with CBC-MAC (CCM). It has the requirement of 128-bit blocks such as AES. It uses a Counter (CTR) Mode for confidentiality and CBC-MAC for integrity and authenticity. While these steps are normally considered independent there are implementations that are not secure so this standard defines a good interleaving of data before combination with the key-stream. This way any change to the data will result in a large and unpredictable change in the MAC, showing proof if the data has been tampered. This however comes at the cost of data expansion. The MAC takes up space at the cost of improved security.</p> <p>I wont go into the detail of how this mode works as it is very complex but I will mention that its major disadvantage is that it is very slow and has no support for parallel computation. For this reason Galois/Counter Mode (GCM) is preferred for high speed communication. Its major speed improvement is the use of a much faster hash function, but uses the CTR (counter) mode for confidentiality like CCM.</p> <p>Some modes are purpose built or chosen to serve certain functions. Counter (CTR) for example is very useful for fast, random-access and parallel computation and because of this it is very useful for hard drive storage. Hard drives are already split up into blocks known as sectors so you could easily use the sector number as the counter and achieve hard drive encryption with very little modification of a file-system driver.</p> <p>However this would raise various other problems unique to hard disk drives such as differences between logical and physical sectors so the XEX-based tweaked-codebook mode with cipher-text stealing (XTS) was created with the purpose of securely encrypting block based storage devices. It does not provide full integrity and authenticity protection but does provide some limited protection from malicious manipulation of encrypted data. This limitation is due to a design decision to avoid data expansion caused by adding integrity and authenticity.</p> <p>So while there are various modes of operation with block based cyphers the exact mode that should be used depends highly on the work being done. There are many many other modes not mentioned here but have similar purposes to the modes already mentioned above. In computer security the weakest link is often enough to break the rest of the system. Plain encryption alone is not enough to secure your data.</p>,2012-06-19:/posts/2012/06/Essential_Thing-O-Matic_Modifications/ Essential Thing-O-Matic modifications 2012-06-19T09:00:00Z 2012-06-19T09:00:00Z <p>Last year i bought a Thing-O-Matic 3D-Printer so I could print off custom plastic parts and other things but I had a few problems with its default configuration. So ive come up with a list of modifications that improved my print-quality and or speed.</p> <p><strong>Replace the standard Y axis motor</strong> with something with a little more grunt. I had various problems with the motor slipping and a larger motor fixed this.</p> <p><img src="/posts/2012/06/MotorMod1.jpg" alt="Y axis motor mod" /></p> <p>Here I replaced the NEMA 17 motor with a larger NEMA 17 motor with the exact same steps per rotation. Then you can increase the amps of the motor without worrying about it heating up. I got mine from here: <a href=";cPath=2&amp;products_id=174">62 Oz-in Nema 17 Stepper Motor</a></p> <p><strong>Increase the feedrate to 40mm/s</strong>. If you are using the better Y axis like i am you can get away with a much faster feed rate.</p> <p><strong>Decrease the perimeter feedrate ratio to 0.6.</strong> So that the outside of objects are still clean. Interior supports will still print at full speed but the outside most shell will print at 0.6 feed rate. This is a good balance between speed and quality.</p> <p><img src="/posts/2012/06/SpeedSettings.jpg" alt="Feed Rate" /></p> <p><strong>Do some preventative maintenance by printing and installing a Y axis bracket</strong> to reduce tension on the bolt. I used this one: <a href="">Y-Axis Idler Support Bracket</a></p> <p><strong>Use the Heated Build Platform.</strong> The Automatic Build Platform can work but its pretty rotten by default. You can do a bunch of modifications to make it work but unless you use its features you are better off just using the Heated build platform instead</p> <p><strong>Don’t use a raft</strong> as they are messy and almost never give good results. Print raft-less onto a heated platform</p> <p><strong>Change the Heated Build Platform Temperature to 120C</strong> for ABS by modifying the Gcode settings. The below line shows the command that sets the temp.</p> <p><img src="/posts/2012/06/HBP_tempSetting.jpg" alt="HBP temp" /></p> <p>You can either change this line for every print you make manually or change it permanently by editing the header file located in “ReplicatorG\machines\thingomatic\start+HBP+Stepstruder.gcode”. Depending on what machine you setup with ReplicatorG. If you print using PLA its recommended lowering the temp to 55C.</p> <p><strong>Lubricate the Belts and shafts.</strong> This will reduce the friction on the axis, not by massive amounts but it does help.</p>