Intro to Access Control: Prox & Smart Cards

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

among all of the types of credentials used in access control today magstripe proximity cards or Foxx cards smart cards and Bluetooth and mobile credentials - are compared more often than any other procs and smart and yes most of the time they look identical from the outside one came well before the other and while they have similarities it's their differences that tend to cause confusion to understand why they are compared so often let's set the stage prior to proxxon smart another kind of card dominated the landscape magnetic stripe or mag stripe if you watch the video intro to access control what does 26-bit mean we learned that the card contains a number and it's stored in binary form meaning ones and zeros on a magstripe card it's still ones and zeros but they're stored magnetically the reader also has a magnet and when the card is pulled through each bit is sort of activated and transmitted one at a time so the only way that a magstripe card can be read is when it makes actual physical contact with the reader as its pulled through this means that over time the card may wear out or the reader may wear out or both so how do you send a number without touching the card and reader together in 1975 a man named charles walton invented radio frequency identification or RFID a technology that allows small information to be sent over radio waves in the same way a radio station or cell tower uses a large antenna to send music or voice over an entire city RFID is a very tiny radio with a very tiny antenna that can transmit a small number over a very short distance mr. Wallen founded a company called proximity devices incorporated in Sunnyvale California and through collaboration with the Schlage lock company began manufacturing access cards that could transmit an ID number over-the-air for the first time the access card would not have to make contact with the reader in order to send the number this held the promise of cards and readers that could last much longer prox cards communicate at a specific radio frequency sort of like when you tune into a radio station 125 kilohertz what that number technically means doesn't matter very much for our purposes but it does imply that at that speed about all that can be sent in one second or so is a short stream of one in zero bits just an ID number if there's ever a need to send more information at once or incorporates security measures to protect the data 125 kilohertz is not going to be fast enough with this limitation on procs a new technology was created to solve the problems of data speed and data security cards and readers that use this technology are known as smart the first big difference is that smart cards communicate at a much faster frequency compared to procs at 125,000 cycles per second smart card data moves at 13 million 560 thousand cycles per second more than ten times faster additionally there is more room or storage space on the card and the data can be changed prox cards only have to transmit a single number so only a very small amount of space is required and the card can't be reprogrammed with a new it's set in stone one number the same number forever smart cards have a space for an ID number as well as many more spaces so that the card doesn't have to be used only for access control a concept known as interoperability and the information can be changed meaning that it doesn't have to be the same data programmed at the factory in this way the card is almost like a very small computer you can put information on it take information off and change the information as you wish you might be thinking with all of the speed a smart card could send the number even faster in theory you'd be right but in practice that speed is put to use in the form of unprecedented security over the number as its sent through the air as you may remember when a procs card is held up to the reader close enough to be inside the electromagnetic field the reader is creating the card gets a little bit of power and uses it to transmit the number in binary form to security professionals this is known as in the clear meaning that the actual ones and zeros being sent are the actual ones and zeros in the ID number so an attacker nearby could use a device to create an electromagnetic field strong enough to cause the card to be powered and transmit the ID number for a procs card this is a real risk especially since the number can be obtained without the cardholders knowledge smartcards protect against this kind of attack in two ways authentication and encryption those terms sound complicated and how they're performed can differ from one type of smart card to another but if you've ever sent a secret message to a friend you may have done both of them yourself authentication is when parties prove their identity to one another before sharing any information if two people Alice and Bob want to send messages securely first they should prove that they are who they say they are they'll both have a codebook containing pairs of challenges and responses for example to the challenge shiny apples respond scented candle when Alice wants Bob to prove who he is she might say authenticate the phrase shiny apples Bob would look the phrase up in his book find the response and send it to Alice if Bob sends a scented candle then his identity is confirmed and Trust is established Bob may also choose to authenticate Alice the same way with a different challenge if he's smart a smart card and reader perform a similar routine just in a mathematical way when a card is held up to a reader the reader powers up the card and asks for the ID number but the card says hold on before I do that I need to know that you're an authentic reader so respond to this challenge if the reader successfully responds to the cards challenge the card will then prepare to send the ID number they perform this routine each and every time they're in range of one another it doesn't matter if they've done it before or even if they're sharing the same information as last time the card establishes trust with the reader before sending any sensitive information some smart cards and readers may authenticate in both directions where the card off indicates the reader and the reader authenticates the card this is known as mutual authentication the next security feature is encryption even though Alice and Bob have established that they can trust one another they still don't want to send information in the clear so they met previously and agreed on a way to scramble the message before sending it and these scramble the information after receiving it so only they can understand it this means applying a rule and a value to scramble the information a rule may be to scramble change each letter - the letter ahead of it in the alphabet according to the value and to descramble change each letter to the letter behind it in the alphabet according to the value and the value maybe - if Alice wants to say hello to Bob she would apply the rule and the value and create the message JG + and Q to send Bob Bob can then follow the rule and value to decrypt the message back to hello so if an attacker were to eavesdrop on the message and hear it they wouldn't understand it because they don't know how to decrypt it to help Alice and Bob remember their rule they might call it alpha and the entire encryption scheme alpha - as a shorthand so they can easily refer to it in the future smart cards and readers do this same routine they just do it in a complex mathematical way with the same goal of protection against someone attempting a snooping attack Computers call the encryption rule and algorithm which just means a way of solving a problem and the value is called the key or keys many smart cards use a kind of encryption called aes-128 where a es describes the algorithm and 128th describes the bit length of the key that's really big by the way it's far far beyond the scope of this video to explain AES 128 encryption but by now you should be able to comprehend its complexity given that it takes a communication speed 10 times as fast as procs to authenticate the card and reader perform enormous encryption calculations and send messages and eventually transmit the ID number encrypted they both send information over radio waves without requiring any physical contact they are both a way to get an ID number to an access control system to unlock a door people compared procs and smart so frequently however because of their night and day differences in security smart cards secure the information through very sophisticated means to ensure no sensitive information is ever sent in the clear smart card technology offers interoperability with extra storage spaces for other data and the ability to change or update that data as you like in smart cards communicate very fast allowing for an amazing amount of computational procedures to take place in about the same amount of time it takes for a procs card to just transmit a binary number for more learning resources visit our website at us Allegiant com

Info

Channel: SchlageSecurity

Views: 16,735

Rating: undefined out of 5

Keywords: Allegion, Schlage, Intro, Introduction, Access Control, Smart Cards, Prox Cards, Proximity Cards, Credentials, Magnetic Stripe, Mag Stripe, Card Readers, Charles Walton, RFID, Authentication, Mutual Authentication, Encryption, AES-128, Interoperability, Security, ID Number, Training, Education, Safety, Door Hardware

Id: whi8Ik-oTqM

Channel Id: undefined

Length: 11min 17sec (677 seconds)

Published: Tue Apr 28 2020