The new standard for door access control might not be all it’s cracked up to be

For decades, and to the delight of penetration testers everywhere, card readers that control access to secure facilities usually relied on the Wiegand protocol wiring standard. Unfortunately, the unencrypted protocol’s numerous security flaws allow those with enough know-how to waltz right into a building.

Fortunately, there’s a replacement: Open Supervised Device Protocol (OSDP), an international standard introduced in 2020. OSDP supports AES-128 encryption, monitors wiring, and introduces numerous other features. But how secure it is may vary, according to new research.

At DEF CON 31 in Las Vegas in August, Bishop Fox researchers Dan Petro and David Vargas presented a bevy of flaws with OSDP and its implementations to the audience. For example, while the key feature of OSDP is encryption—intended to thwart ESP keys; wiretaps that attackers use to capture credentials from a Wiegand interface—it doesn’t actually require encryption. Some implementations might not enforce it, either.

That means devices advertised as supporting OSDP might not have encryption at all, and could be susceptible to ESP keys. Some may also be vulnerable to downgrade attacks where an attacker could attempt to trick a controller into believing an unencrypted reader has been connected.

“The encryption [in OSDP] was implemented with something called the secure channel extension,” Vargas told IT Brew. “What we do is, when the controller asks the reader about what its capabilities are…we basically intercept that reply, and we modify it to say, ‘Well, we don’t support encryption.’”

IT teams should make sure controllers are set to reject all unencrypted readers, the researchers warned.

Other potential vulnerabilities include OSDP’s “install mode,” which allows card readers to request the base encryption key from the controller. The Bishop Fox team found many controllers remain in install mode persistently by default, which would enable attackers to simply ask for the key themselves by tapping the line.

Another trick, using similar methods, would involve damaging the card reader and capturing the base encryption key using a wiretap device when the unit is reset or replaced by IT staff or a technician. According to the researchers, this type of attack is difficult to defend against, but they recommended always being wary of tamper alarms or unexpected card reader failures. Installers can also temporarily hook new readers up directly to the controller with a short wire during initial configuration rather than to production wiring that might be compromised.

“The fatal flaw with OSDP is there is no secure key exchange,” Vargas said. “It’s all based on symmetric cryptography, so the encryption and decryption key are the same, and there’s no secure way to get that key to the readers.”

Petro told IT Brew that while some of OSDP’s issues might come down to configuration errors or manufacturers’ implementation, the protocol could have been more secure by design.

“It certainly gets to a matter of like, if you imagine walking in someone’s yard, and you fall into a pit with spikes at the bottom of it,” Petro said. “And then the owner of the yard says, ‘Oh, didn’t you see the sign? There was a little sign that’s really tiny. It says, “Beware of death pit.”’”

There’s no reason to hold off on upgrading to OSDP card readers, the researchers said, because it’s a clear upgrade from Wiegand interfaces. Proper configuration mostly limits exploits to the initial base encryption key exchange flaw, which requires tampering with the reader (and exposes the attacker to detection).

“Certainly, a lot of these issues are going to be fixed either in the protocol or in the implementations or in default settings,” Petro told IT Brew.