Smart door lock is broken by “Little Black Box” Second Expert: Can’t be considered a product loophole

Source: Science and Technology Daily

Breaking by “small black box” in seconds, how can the smart door lock so fragile

In recent years, smart door locks have entered more and more families. As of the end of June 2018, there were more than 1,500 smart door lock manufacturers in my country. Last year, the sales volume of smart door locks may reach 21 million units.

Not long ago, a news about smart door locks made many consumers with smart door locks frightened -using the “small black box” (Tesla coil) shakes back and forth for a few seconds in several smart door locks, The door lock will automatically open, about 15%of the smart door lock “recruitment”.

It looks very high -tech door lock, why is it so vulnerable? How can this “small black box” open a 15%door lock, why can’t the remaining 85%door lock be opened?

“Little Black Box” electric halo inferior lock

“Little Black Box” is also known as the Tesla coil. It is an artificial lightning manufacturer. The intelligent lock swept by the “small black box” is like being hit by lightning.

“‘Little Black Box” uses a transformer to increase the normal voltage to more than 1,000 volts, forming a strong magnetic pulse, and breaking the smart lock capacitor component. “Wang Jixin, the person in charge of the 360 ​​smart door lock product The control system is crash or restarted, and then unlocked automatically. It may also make the motor drive the wires sensor, just like simulating a door opening instruction, causing the door lock to be opened.

But Wang Jixin does not think that this way of unlocking is a security loophole in smart door locks.

“This is actually not a product vulnerability, it only involves the stability of the door lock design.” Wang Jixin said that electronic products are divided into civil, industrial, military, etc. according to their fields. Their differences are manifested in stability and anti -interference ability. If the electronic lock is designed according to the civil anti -interference standard, it is easy to be cracked without various security testing. However, if the door lock is designed in accordance with the standards of industrial or even military -level, and a large number of security tests are performed, such a door lock is difficult to open.

“Little Black Box” is not a real attack on smart door locks. “For example, a vault must be able to prevent thieves that must meet the requirements of earthquake resistance. The ‘smart door lock’ shocked by the ‘little black box’ can only be regarded as a building.” Wang Jixin said.

Multi -characteristic points match can be unlocked

In front of the smart door lock, the fingerprints, passwords or images of the owner’s family members must be recorded first. This information will be converted into a coding and stored in the chip. Every time the door is opened, the machine will match the information obtained with the code. Only when the matching is successful, the main control chip will send instructions to the circuit parts that control the switch lock, control the retract of the motor motor, and then drive the lock tongue to shrink back. Finally, the entire process of password collection, verification, and unlocking.

“No matter what kind of recognition method is adopted, fingerprint recognition, face recognition, access card recognition, etc., the working principle is the same. They all transform the collected information into images and feature points, and then store it with the chip with the chip Comparison of images and feature points in the middle. Compared with the working principle of the working principle after success, the working principle after the password lock is the same. “Wang Jixin said.

“The principle of the unlocking principle of smart door locks after matching is consistent with mechanical locks. The difference is that the mechanical lock core keys are small, and the mutual opening rate is high.” Wang Jixin said that the thief can use steel wire or universal key to deal with the mechanical lock core. To achieve technology unlocking, the C -Class lock core is the highest safety, and technical unlocking takes 270 minutes.

The smart door lock uses electronic passwords, which increases index levels. The computing work is completed by the built -in chip, and the technical technology on the physical level cannot open the smart lock. “The smart door lock itself also has a circuit design and identification induction module for identification. These structures have strict requirements for matching accuracy.” Wang Jixin said.

Enhance the key to the technical content into protection

The real “hacker” may be a cracker of the smart door lock password. In essence, each set of smart door locks containing chips can be regarded as a smartphone or computer.

Several possible cracking methods are related to electronic information technology. Wang Jixin said that if the fingerprint module is not encrypted with the motherboard communication, the hacker may simulate the signal passed by the fingerprint verification to achieve the unlocking; if you can contact the communication line of the fingerprint module, the hacker may also intercept user fingerprint information to unlock the unlocking Essence

“Imitation of the access control card, this method is relatively easy and the cost is low.” Wang Weixin said that using a mobile phone with NFC to download a readable card chip information APP, as long as you take your mobile phone, you can read and take it. All card information on the body. At present, even if the card encryption technology is used, this operation is not good. Therefore, it is recommended to turn off the card unlocking function of the smart door lock.

Like network security, there is no absolute security of smart door locks. The current prevention methods are mainly for the discovered vulnerabilities, but new attack methods will definitely appear in the future. Therefore, experts suggest that on the one hand, it is necessary to formulate industry access standards, requiring smart lock manufacturers to improve product mechanical safety, electronic design stability and anti -interference; Essence

