Physical security is often overlooked in many organizational threat models. An increasing amount of physical security devices with smart components are being introduced to the market with widespread adoption. This creates an enticing attack surface for physical red teams.
Lockers and cabinets equipped with electronic smart locks can be found in many places such as offices, factories, hospitals, labs, and gyms. With remote and hybrid work increasing in popularity, shared use office setups becoming the default. Co-working spaces in offices are now commonplace with lockers being installed for employee device storage. People generally trust that their belongings will be secure in these lockers and entrust the locks with sensitive information, like their personal PIN.
Is there a more stealthy way to get into lockers that don't involve using a crowbar?
In this talk we will analyze the vulnerabilities affecting locks manufactured by the "global leader in keyless lock solutions," Digilock and Schulte-Schlagbaum AG (SAG). Both companies have been in the physical security industry for many decades. What went wrong in the development of these devices and how can these vulnerabilities be fixed? We will also discuss several other vendors operating in this space and compare findings.
We will demonstrate practical physical and side-channel attacks targeting locks that accept a standard PIN and RFID. Learn why it is poor practice to reuse the same secret PIN for lockers and safes and devices such as mobile phones and laptops (especially if they are stored inside the lockers).
This talk has been rescheduled from Friday to Sunday as we received a "Cease and Desist" letter the day before the talk. Our assumption is that this was caused by a press inquiry of WIRED, that spooked the company. We believe that all our provided information and statements in our talk were accurate. After involement of EFF lawyers and Kurt Opsahl, the company "Digilock" recented their letter. We agreed on some minor changes, which included clarifications about some technical aspects. The statement of the company can be found on Slide 71. We would like to thank the EFF, Cory Doctorow, Tarah Wheeler, Hannah Zhao, Kurz Opsahl and Andrew Crocker for their support!