But it does protect against the exact threat model you proposed.
> Defense in depth would be using cryto while requiring a physical connection.
> Consider, for example, the people that made ATM shims that captured the card data while recording the PIN being entered on the keypad.
How about you consider it?
Building a facade to intercept physical communications is very much on par with building increasingly large, awkward, and expensive antennas in terms of difficulty barriers (especially if you need enough polish to blend in). I'm a ham, I would know. I'm not sure why you are so insistent on drawing the line between these two particular techniques.
> A card that requires an electrical or inductive connection isn't going to leak everything over the radio.
Are you familiar with the distinction between near-field and far-field? Because both RFID and smartcards span that distinction while you just tried to draw a line down the middle.
> A smartcard is fine - my argument is against RFID.
Many (most?) smartcards communicate over RF. Your argument (and my rebuttal) was about
> Adding radio as a primary component in a security system
not the RFID technology in particular. So do you or don't you think RF communication in a security device is an inherent problem in and of itself?
> But it does protect against the exact threat model you proposed.
Encryption doesn't protect against traffic analysis. Knowing someone is present or that some device is in use is significant information.
Does the device you are proposing authenticate the reader before transmitting anything? If not, it's not particularly difficult (probaly by modifying a reader) to test if people have a security device on them. That only requires a ping, no crypto needed.
> I'm a ham
I used to be, for many years. (I wish I had more time for such things these days)
> large, awkward, and expensive antenna
That depends entirely on what you want to do. If you want to read the entire crypto transaction from the next building, then yes, an expensive antenna[1] will be required. If I just want to detect who is carrying a security device, you won't need a particularly accurate antenna - it just needs to have a decent gain.
My point with that example is that it's never a good idea to underestimate how much time and effort people will put into an attack. If criminals can add a man-in-the-middle chip piggybacked onto a chip-and-pin smartcard[2], they can made a decent cantenna.
> So do you or don't you think RF communication in a security device is an inherent problem in and of itself?
RF is an extra risk that should be avoided whenever possible for security devices, especially when effective alternatives are available.
In your linked video about the hospital, the smart card was slotted into a reader. This would work well and has no need for RF. It's certainly a far better solution than memorizing bad passwords.
> ...doesn't protect against everything.
But it does protect against the exact threat model you proposed.
> Defense in depth would be using cryto while requiring a physical connection.
> Consider, for example, the people that made ATM shims that captured the card data while recording the PIN being entered on the keypad.
How about you consider it?
Building a facade to intercept physical communications is very much on par with building increasingly large, awkward, and expensive antennas in terms of difficulty barriers (especially if you need enough polish to blend in). I'm a ham, I would know. I'm not sure why you are so insistent on drawing the line between these two particular techniques.
> A card that requires an electrical or inductive connection isn't going to leak everything over the radio.
Are you familiar with the distinction between near-field and far-field? Because both RFID and smartcards span that distinction while you just tried to draw a line down the middle.
> A smartcard is fine - my argument is against RFID.
Many (most?) smartcards communicate over RF. Your argument (and my rebuttal) was about
> Adding radio as a primary component in a security system
not the RFID technology in particular. So do you or don't you think RF communication in a security device is an inherent problem in and of itself?