1 / 18

563.9.2 RFID Security & Privacy

563.9.2 RFID Security & Privacy. Matt Hansen University of Illinois Fall 2007. Outline. RFID Overview Tags, Readers, and Applications Tag Singulation Security & Privacy Threats Proposed Solutions Public Concerns. 2. RFID Overview. 02.3DFEX4.78AF51. EasyToll card #816.

sheryl
Télécharger la présentation

563.9.2 RFID Security & Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 563.9.2RFID Security & Privacy Matt Hansen University of Illinois Fall 2007

  2. Outline RFID Overview • Tags, Readers, and Applications • Tag Singulation Security & Privacy Threats Proposed Solutions Public Concerns 2

  3. RFID Overview 02.3DFEX4.78AF51 EasyToll card #816 Radio signal (contactless) Range: from 3-5 inches to 3 yards Tags (transponders) Attached to objects, “call out” identifying data on a special radio frequency Reader (transceiver) Reads data off the tags without direct contact Database Matches tag IDs to physical objects Shmatikov 05

  4. Tag Types • Passive: • All power comes from a reader’s signal • Tags are inactive unless a reader activates them • Cheaper and smaller, but shorter range • Semi-passive • On-board battery, but cannot initiate communication • Can serve as sensors, collect information from environment: for example, “smart dust” for military applications • Active: • On-board battery power • Can record sensor readings or perform calculations in the absence of a reader • Longer read range Fong 05

  5. Security Challenge • Low cost RFID tags have very limited resources • Typically have only 500-5,000 gates • May have up to a few hundred bits of storage • Tags cannot perform complex computations • Most tags simply emit a static identifier when prompted • Tags do not have the resources to allow for public-key or symmetric-key encryption systems • EPC tags: $0.05, 250 – 1000 gates • AES requires 20,000 – 30,000 gates Fong 05

  6. Applications • Supply-chain management • logistics, inventory control, retail check-out • Payment systems • ExxonMobil SpeedPass • I-Pass/EZ-Pass toll systems • Credit Cards • Access Control • Passports • Library books • Animal Tracking Fong 05

  7. Reading Tags • The read process starts when an RFID reader sends out a query message • Invites all tags within range to respond • More than one RFID tag may respond at the same time • Tags cannot generally hear one another • This causes a collision • Reader cannot accurately read information from more than one tag at a time • Reader must engage in a special singulation protocol to talk to each tag separately Shmatikov 05

  8. Singulation Algorithms • Deterministic • Binary tree-walking scheme • Reader sorts through tags based on tag ID • Reader performs a depth-first search of the tag ID space • Probabilistic • Slotted Aloha scheme • Time is divided into discrete intervals • Tags respond in randomly generated times • Process does not depend on tag ID Sarma, Weis, Engels 02

  9. Tree Walking prefix=0 prefix=1 Reader broadcasts current prefix Each tag with this prefix responds with its next bit prefix=00 prefix=01 prefix=10 prefix=11 If responses don’t collide, reader adds 1 bit to current prefix, otherwise tries both possibilities 000 001 010 011 100 101 110 111 Every tag has a k-bit identifier This takes O(k  number of tags) Shmatikov 05

  10. Threats Eavesdropping Anti-collision scheme Reader Tag Eavesdropper Backward Channel Range (~5m) Forward Channel Range (~100m) Fong 05

  11. Threats • Tracking • Unauthorized use of a tag’s ID in order to gain information about the location of a person or object • In a retail environment, a user can be associated with an item at purchase time • Cloning/Replay • Tags that emit static identifiers are very vulnerable • A thief could replace/rewrite a tag on an expensive item • Denial-of-service • Conflicting RF signals can prevent legitimate tag communication • Physical attacks • Probing a tag to determine private data Fong 05

  12. Security Goals • Tags should not compromise privacy of holders • Information should not be leaked to unauthorized readers • Should not be possible to build long-term tracking associations • Holders should be able to detect and disable tags they carry • Private tag contents should be protected by access control and encryption • Spoofing tags or readers should be difficult Sarma, Weis, Engels 02

  13. Potential Solutions • Disable tags permanently • Kill bit/sleeping • Blocker/privacy tag • Prevent tags from being read • Shielding • Jamming • Prevent unauthorized parties from listening to tag communication • Cryptography • Distance/Power Level measurements • Enact laws governing RFID use • Policy and Legislation

  14. Kill bit, Shielding, and Jamming • Kill tag after purchase • Special command permanently de-activates tag after the product is purchased • Disables many futuristic applications • Alternative: set tag to “sleep” • Shielding - Faraday cage • Container made of foil or metal mesh, impenetrable by radio signals of certain frequencies • Shoplifters are already known to use foil-lined bags • Maybe works for a wallet, but huge hassle in general • Active jamming • Disables all RFID, including legitimate applications Shmatikov 05

  15. Blocker Tag • A form of jamming: broadcast both “0” and “1” in response to any request from an RFID reader • Guarantees collision no matter what tags are present • To talk to a tag, reader must traverse every tree path • With 128-bit IDs, reader must try 2128 values • Privacy tag – a special case of the blocker tag • Blocks reading of protected tags, but does not disrupt normal RFID communication • Blocks only certain ID ranges and prevents illegitimate blocking • E.g., blocker tag blocks all IDs with first bit=1 • Items on supermarket shelves have first bit=0 • Can’t block tags on unpurchased items (anti-shoplifting) • After purchase, flip first bit on the tag from 0 to 1 Juels, Rivest, Szydlo 03; Shmatikov 05

  16. More Possible Security Measures • Distance/Power Level measurements • Majority of hostile reads occur when attacker is physically distant • Signal strength measurements and noise analysis can be used to estimate distance to the reader • Cryptography • Required hardware not feasible on low-cost tags • Other methods use one-way hash functions and pseudo-random number generation • Physical Protection • A combination of means (security cameras, sensors, etc.) to prevent tampering of RFID devices • Policy and Legislation • Legal requirements on RFID use • Does not prevent attackers from unauthorized use Fishkin, Roy, Jiang 04

  17. Public Privacy Concerns • Tracking • Libraries, retail, auto • Even if unique serial numbers are disabled at purchase time, tracking is still possible by associating “constellations” of tags • “Intelligent” theft • Human Tagging • Baja Beach Club, Spain • RFID Watchdog Groups • CASPIAN - (Consumers Against Supermarket Privacy Invasion and Numbering) • Spychips.com • Electronic Privacy Information Center • Consumer Backlash • Gillette Razors • Benetton Clothing Shmatikov 05

  18. References & Recommended Readings Papers: K. P. Fishkin, S. Roy, and B. Jiang, Some Methods for Privacy in RFID Communication, In 1st European Workshop on Security in Ad-Hoc and Sensor Networks (ESAS 2004), 2004. A. Juels, RFID Security and Privacy: A Research Survey, Condensed version to appear in 2006 in the IEEE Journal on Selected Areas in Communication, 2006. A. Juels, R. L. Rivest, and M. Szydlo, The Blocker Tag: Selective Blocking of RFIDTags for Consumer Privacy, 8th ACM Conference on Computer and Communications Security, pp. 103-111, ACM Press, 2003. S. Sarma, S. Weis, and D. Engels, RFID Systems and Security and Privacy Implications, Workshop on Cryptographic Hardware and Embedded Systems, 2002. S. A. Weis, S. E. Sarma, R. L. Rivest, and D. W. Engels, Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems, Security in Pervasive Computing, 2003. Presentations: Vitaly Shmatikov, RFID Security and Privacy, University of Texas Lecture, 2005. Kenny Fong, RFID Security, Southern Illinois University Lecture, 2005. 18

More Related