Overview
Watch a DEF CON 32 conference talk exploring vulnerabilities in electronic smart locks commonly used in offices, factories, hospitals, labs, and gyms. Dive into physical security concerns surrounding electronic lockers and cabinets, particularly in shared office spaces and co-working environments where employees store devices and sensitive information. Learn about stealthy attack methods beyond brute force, focusing on vulnerabilities found in products from industry leaders Digilock and Schulte-Schlagbaum AG (SAG). Examine practical physical and side-channel attacks targeting PIN and RFID-based locks, while understanding the risks of PIN reuse across different devices. Discover what went wrong in these devices' development, potential fixes, and comparisons with other vendors in the electronic lock market. Through demonstrations and analysis, gain insights into often overlooked physical security components in organizational threat models and the importance of proper security measures for electronic storage solutions.
Syllabus
Intro
Goals
Motivation
Attack ideas
Digilock ecosystem
MCUs
Security
Example
Taught by
DEFCONConference