HID RW300/RW400 hardware implementation vulnerabilities and mitigation strategies

Author(s) Information

Taylor Nelson, California Polytechnic State University - San Luis ObispoFollow

Department - Author 1

Computer Science Department

Degree Name - Author 1

BS in Computer Science

Date

6-2013

Primary Advisor

Bryan Mealy

Abstract/Summary

The HID RW300/RW400 readers are in use and deployed in buildings around the world. Designed for industrial/commercial facilities security requirements you can find them outside biotech companies (AMGEN), educational institutions (Cal Poly San Luis Obispo), and doctors offices. In a 2010 paper entitled “Heart of Darkness - exploring the uncharted backwaters of HID iCLASSTM security” by Milosch Meriac numerous vulnerabilities were outlined. Despite this research HID continues to sell these readers to consumers.

To properly protect the safety of individuals and assets these HID devices are no longer adequate. I have verified that these attacks are feasible by a moderately skilled adversary (myself) with limited resources, less than 60$ and a laptop. These attacks would enable an individual to quickly subvert the security afforded by these devices and immediately gain access to protected areas. In this paper I will present my findings as well as mitigations that institutions currently utilizing these devices may adopt to better improve their facilities security.

URL: https://digitalcommons.calpoly.edu/cscsp/27