Comment by seplox
2 years ago
> Dormakaba started selling Saflok locks in 1988, which means that vulnerable locks have been in use for over 36 years.
Ok, my eyebrows are up. Authentication has grown so much as a field since then that I'm having trouble with the idea that this flaw has always been present. In fact, Saflok predates MIFARE Classic by at least five years. Perhaps all will become clear if a full technical disclosure is ever made available, but it seems like the authors are making an overstatement here.
Our understanding is that the magnetic stripe version of Saflok (which indeed predates MIFARE Classic) is vulnerable to the same issues, just in a different card format.