I have a door lock that supports a very specific type of NFC card and on the product page it says its using EAL5+ security, was wondering is it possible to duplicate an empty card on to a fresh implant and add it to the lock as a new card? or even clonning a preconfigured NFC card aliexpress link
I also have a cheap nfc sticker which the lock didnt even react to…
EAL ratings are like IP ratings: under a certain value, it’s probably just the marketing department adding yet another impressive-looking acronym that really only means “designed to be better than the cheapest, cheaper than the best, and able withstand normal usage conditions”. And if there’s a plus sign after the acronym that’s not part of the standardized scale, then you can be extra-sure it’s bullshit
Also, it’s sold on Aliexpress. That should tell you something.
To add to what @anon3825968 is saying… EAL means the chip might be rated for that but that doesn’t mean the lock is using any of those features. For example the Apex will be common criteria and EAL rated but things that just the UID for “security” will definitely not be using any features related to those ratings. China listings are 99% search engine catch-alls and 1% accurate content. They lie a lot.
Is it possible to send one of those cards to Amal and have it made injectable?:o
Also what does it say about the overall security?
Being Chinese and all “AQARA” is one of the Chinese companies that gained my trust fully:o
That one is with @amal to answer.
Although he does have a “card conversion service”, I wouldn’t be sure about that one card.
Well… most likely all the cards/readers/chips around are “Chinese” anyway.
My security concerns flare out when you take a “finished” product designed for aliexpress or wish, and use it out of the box.
But even one of such products can be tinkered to become properly secure anyway.
1/ Genuinely good Chinese-branded Chinese-made products: not very many of those available outside of China, but there are more and more every day. The problem is telling them and those of group 3/ below apart when you don’t speak Chinese.
2/ China-made products sold under a western brand: everything is made in China anyway, and many excellent things are designed in China also. But you’ll usually find good Chinese products under a well-known western brand-name outside of China, that’ll vouch for quality and reassure western buyers. The archetypal example of this is Apple.
3/ Chinese-“designed” (or badly copied), Chinese-built (more like thrown together) products that are shoddy through and through, 1970’s-stylee, targeted squarely at western suckers. Still plenty of those around. Look no further than Aliexpress to get those.
I bought qute a few purely Chinese products on Aliexpress - mainly because I couldn’t find an equivalent elsewhere. While it’s true that I did find a gem here and there, most of the products I received were truly appalling - and at least in 2 cases, I was lucky they didn’t set my house on fire. Really!
That’s the problem with most good phones… they lack a good NFC module.
I’m thinking on how to make a proper “NFC case” for my Pine Phone. I can run even a proxmark from it, but quite unpractical.
Now back on track…
Oh, I totally missed the when I first read!
But judging by @BaRaD’s description, it does look like an applet job to me as well.
As long as it does not implement a tokenized timed encryption, shouldn’t be too hard to sniff out the protocol if you know what you’re doing. But that damn thing is too pricey for a novelty project imho.
(I obviously trust @fraggersparks for that. the emphasis is to reiterate my previous
comment that sniffing applets it is often more work than it’s worth it.)
One thing to consider is they won’t have rolled their own. It’s “public key” encryption so it’s either RSA or ECC. It says the chip binds to a single door lock. My guess is it’s Diffie Hellman with the lock, and the two store the generated key for future use.