> There are millions of insecure iClass type cards securing doors and elevators that would be easily and securely replaced by tech like this.
Those cards could be replaced, even more easily, with NFC cards with better security properties. ISO 14443-3A is a perfectly adequate protocol and has the nifty added benefit of not needing batteries in the card.
Even secure ranging is doable at NFC frequencies — all it takes is a vendor who is willing to do the work as well as customers who will demand it. I think I even saw papers about this years ago: the reader and the card can securely negotiate a request that the door will send and the card will reply to, and then the door sends the request and the card validates the request (against precomputed data) and replies. It’s okay if there’s delay due to the limited computational power of the card as long as the card knows what the delay is and can report the delay to the reader. This will give ranging precise to a bit time or better, which is nowhere near the 10cm precision that UWB offers but is a whole lot better than anything anyone has actually deployed in an iClass-style device.
But customers aren’t even demanding cards that are immune to trivial UID cloning.
Those cards could be replaced, even more easily, with NFC cards with better security properties. ISO 14443-3A is a perfectly adequate protocol and has the nifty added benefit of not needing batteries in the card.
Even secure ranging is doable at NFC frequencies — all it takes is a vendor who is willing to do the work as well as customers who will demand it. I think I even saw papers about this years ago: the reader and the card can securely negotiate a request that the door will send and the card will reply to, and then the door sends the request and the card validates the request (against precomputed data) and replies. It’s okay if there’s delay due to the limited computational power of the card as long as the card knows what the delay is and can report the delay to the reader. This will give ranging precise to a bit time or better, which is nowhere near the 10cm precision that UWB offers but is a whole lot better than anything anyone has actually deployed in an iClass-style device.
But customers aren’t even demanding cards that are immune to trivial UID cloning.