Wednesday, May 10, 2006

Our Paper

We (Daniel Ramsbrock, Stepan Moskovchenko, and myself) have completed our paper on the swipe card system. This paper contains technical explanations of vulernabilities in the system as well as our recommendations for improving security.

Abstract
This paper provides a comprehensive security analysis of the Lenel magnetic swipe card system used at the University of Maryland at College Park. We first explore the cards and hardware components which comprise the system, and then present several plausible points and methods of attack on the system. We chose several of these attacks and demonstrated them using a $240 commercial card reader/writer and a customized unit powered by a microcontroller, which cost about $20 in parts. We developed the capability to read cards, write arbitrary data to cards, simulate card swipes through a reader using a flux reversal pattern generator, and "sniff" data from up to 16 live swipes using a single microcontroller which can be easily hidden in the reader's housing. We tested and successfully demonstrated these capabilities on the live Lenel system under the supervision of the university's Department of Public Safety. Based on our findings, we recommend that the university use neither social security nor university ID numbers on the cards, that it use magnetic card access only in low-security areas, and that it use a more sophisticated and secure system such as proximity smart cards for access to high-security areas. While the analysis and recommendations presented in this paper are aimed at the University of Maryland, building security professionals everywhere can use the material presented here to enhance the security of their own swipe card systems.


You can download the full paper as a PDF here (GLUE@UMD Mirror).

Note: This paper has been redacted as of Sunday May 28, 2pm at the request of the University of Maryland Office of the Registrar and Department of Public Safety. We have voluntarily agreed to redact our paper while the University takes steps to improve security.