1 / 39

Crypto implementations for RFID tags

Topics. About us @IAIKMotivation for standardized security on a tagSecurity requirements for RFID tagsLimitations due to technologyHash vs. symmetric encryptionResults so far (developed at IAIK)Future research topicsConclusions. About IAIK and PROACT. Graz University of Technology (Austria)

almira
Télécharger la présentation

Crypto implementations for RFID tags

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. Crypto implementations for RFID tags Learning from the smart card industry

    2. Topics About us @IAIK Motivation for standardized security on a tag Security requirements for RFID tags Limitations due to technology Hash vs. symmetric encryption Results so far (developed at IAIK) Future research topics Conclusions

    3. About IAIK and PROACT Graz University of Technology (Austria) Faculty of Computer Science Institute for Applied Information Processing (IAIK) IT-Security from design of crypto algorithms via secure implementation and networks to eGovernment applications VLSI Group: 12 researchers dealing with crypto implementations in HW and related topics like ISE, SCA, HW/SW co-design, SOC design Major activities at the moment: Crypto implementations for resource restricted environments (smart cards, RFIDs, emb. systems), ISE for crypto, side-channel analysis, SOC design, quantum cryptography Strong interaction with other groups at IAIK (crypto, networks, e-government) Current Projects: SCARD, SENSE, eCrypt, QCC, ISDPA, PROACT

    4. Benefits from security on tags Tag authentication: Proof of origin: anti-cloning / anti-forgery of tags / products Reader authentication: Privacy amplification for customer Integrity of data on tag (re-writeable tags) Authorized kill / selective kill Extended supply chain to the customer Mutual authentication Anti eavesdropping of reader-tag communication by encrypted communication

    5. Standardized crypto for RFID Global applications call for standardized crypto algorithms -> RFID is a global technology Standardized algorithms are intensively approved by crypto community probability of flaws is lower than for proprietary algorithms Standardized protocols: Most systems are broken because of flaws in the protocol -> use established protocols instead of re-inventing the wheel

    6. Some arguments against and for standardized algorithms Known attacks can be applied easily by everyone if algorithms are public This does not take into account that developers of systems might also be attackers (later) Especially side-channel analysis is/will be a problem for standard crypto on RFID. Knowledge for SCA on standard algorithms is public RFID tags are in the hand of attackers. SC attacks are also an issue on proprietary algorithms, as soon as some details about the algorithm / implementation are public Custom built algorithms/protocols use less resources but they are potentially also less secure (be aware that you do not know future application of your tags, e.g. see broken ExxonMobile SpeedPass) Proper implementation of standardized algorithms allow integration into passive devices

    7. Security requirements for secure tags @ IAIK No lightweight or XOR-crypto. Security makes sense if state-of-the-art measures are applied Use standardized algorithms to allow exploitation on global market The high number of tags/objects, where each tag protects a small value, calls for high security level High number of tags needs clever key management No reduction of reading distance nor significant rises of costs/tag is acceptable Compatibility with installed infrastructure is necessary

    8. Limitations due to technology Limited power consumption (vs. energy consumption of battery powered devices) ~ 10A average Area consumption limited (less problem with evolving SC technologies) < 1mm Execution time (given by reader-tag protocol) Protocols: Communication is initiated by reader Very limited memory access (few kBytes and slow) No physical protection possible

    9. The fairy tale of inexpensive hash primitives Publications about hash lock schemes argue that hash is cheaper to implement than encryption This is true for SW on 32-bit C platforms, but not for optimized HW-implementations Reason: SHA-1 input block = 512 bit (64 byte) input (before msg-schedule and 2560 (320byte) after) AES = 128 bit(data block) + 128 bit key + min. 1 S-Box Comparison:

    10. Necessary enhancements for secure tags System: Extended personalization / key upload to tag Key generation / management / distribution Tag authentication Authentication command(s) Crypto primitive (e.g. AES enc) on tag Secure key storage on tag Crypto capability or online-access of reader (to access verification server)

    11. Necessary enhancements for secure tags System: Extended personalization / key upload to tag Key generation / management / distribution Reader Authentication Authentication commands Crypto primitive (e.g. AES enc) on tag Crypto capability of reader Secure key storage on tag and reader Nounce generation (RNG) on tag (fake ID generation)

    12. TinyAES (worldwide smallest AES): AES module enc/dec; 1000 cycles 4,5 W (Philips 0.35m, 100kHz) Available as IP module, tested/verified Security Layer for ISO-18000 (using AES) Anti-Cloning Privacy enhancement Tested with reader/tag prototypes ECCU An ECC module for passive wireless devices Available as IP module Results so far @ IAIK

    13. Future research Key management / personalization Testability of crypto tags SCA secure AES module Nounce generation Application/middleware development Asymmetric crypto for RFID (ecc)

    14. Conclusions Standardized crypto (algorithm and protocol) is necessary for open applications to avoid security flaws Protection against implementation attacks (like SCA) will be necessary also for many applications with inexpensive RFID tags Implementation of standardized crypto (AES, ecc) is possible on passive tags without reduction of operation range More research is necessary to allow easy and secure integration into applications

    15. Bibliography Martin Feldhofer, Johannes Wolkerstorfer, Vincent Rijmen; "AES Implementation on a Grain of Sand", IEE Proceedings on Information Security, Volume 152, Issue 1, pp. 1320, October 2005. J. Wolkerstorfer, "Is Elliptic-Curve Cryptography Suitable to Secure RFID Tags?", Workshop on RFID and Light-weight Cryptography, Graz- August 2005 Martin Feldhofer, Johannes Wolkerstorfer:"Low-power Design Methodologies for an AES Implementation in RFID Systems", ECRYPT Workshop on Cryptographic Advances in Secure Hardware CRASH 2005, Leuven, Belgium, September 6-7, 2005. Martin Feldhofer, Manfred Aigner, Sandra Dominikus; "An Application of RFID Tags using Secure Symmetric Authentication", in Proceedings of 1st International Workshop on Privacy and Trust in Pervasive and Ubiquitous Computing - SecPerU 2005, in conjunction with IEEE ICPS'2005, pp. 4349, ISBN 960-531-179-8, Santorini Island, Greece, July 14, 2005. Sandra Dominikus, Elisabeth Oswald, Martin Feldhofer: "Symmetric Authentication for RFID Systems in Practice", ECRYPT Workshop on RFID and Lightweight Crypto, Graz, Austria, July 14-15, 2005. Manfred Aigner, Martin Feldhofer: "Secure Symmetric Authentication for RFID Tags", Telecommunication and Mobile Computing TCMC2005 Workshop, Graz, Austria, March 8-9, 2005. M. Feldhofer, S. Dominikus, J. Wolkerstorfer: "Strong Authentication for RFID Systems using the AES Algorithm", will be presented on the CHES conference held on August 11-13 2004 in Boston M. Feldhofer: "A Proposal for an Authentication Protocol in a Security Layer for RFID Smart Tags", MELECON conference held on May 1 - 5 2004 in DubrovnikPROACT Webpage

    16. About IAIK and PROACT Philips (Graz / Gratkorn is the RFID competence center of Philips) and Graz University of Technology Intensify teaching and research of RFID related topics At the moment six institutes of two faculties involved lead for first term at IAIK Core topics of first term RFID and security (security layers for RFID protocols, secure implementation) Compliance testing

    17. Appendix these following slides are not planned to be presented used if questions arise after the presentation (or if more time than 15min is available)

    18. RFID Tags vs. smart card (contact-less)

    19. Enhanced security applications Applications with enhanced security requirements Existing solutions have to be improved Luggage transportation Since airport is a highly sensitive area Protection of branded goods Rolex watch Clothing industry Verification at customer site and for commerce Car immobilizer systems Standardized security algorithms (todays are not secure) Enhanced customer acceptance Authentication of high value banknotes Anti-counterfeiting Prohibit forgery of banknotes More secure with lower costs Available for customers and at sales Another issue to be solved is the tracking of customers Data protection point of view One of the biggest problems for consumer acceptance Applications with enhanced security requirements Existing solutions have to be improved Luggage transportation Since airport is a highly sensitive area Protection of branded goods Rolex watch Clothing industry Verification at customer site and for commerce Car immobilizer systems Standardized security algorithms (todays are not secure) Enhanced customer acceptance Authentication of high value banknotes Anti-counterfeiting Prohibit forgery of banknotes More secure with lower costs Available for customers and at sales Another issue to be solved is the tracking of customers Data protection point of view One of the biggest problems for consumer acceptance

    20. Reasons for vulnerabilities Working principles of RFID Technology Contact-less No clear line-of-sight Broadcast of signal Perfect working conditions for attacker! Two important questions to answer: Is an RFID system more vulnerable against attacks as another technology? not in general wide appliance in a lot of different systems What are the major problems of RFID systems? Working principles Contactless: distance between item and reader is bigger faster access to data than optical information like barcode No clear line-of-sight objects beween the reader and the tag dont disturb communication human interface is nearly unnecessary automation is easy to implement Broadcast of signal propagation of signal in all directions no visible mapping between reader and tagTwo important questions to answer: Is an RFID system more vulnerable against attacks as another technology? not in general wide appliance in a lot of different systems What are the major problems of RFID systems? Working principles Contactless: distance between item and reader is bigger faster access to data than optical information like barcode No clear line-of-sight objects beween the reader and the tag dont disturb communication human interface is nearly unnecessary automation is easy to implement Broadcast of signal propagation of signal in all directions no visible mapping between reader and tag

    21. Security threats Violation of privacy Consumer tracking Data protection Tracking of personal data Unauthorized access to the tags memory Forgery of tags The most popular threat of RFID systems is the violation of privacy Big Brother problem Ominpresent in the media Cosumer tracking which is important from data protection point of view Industrial espionage of data and products Unallowed tracking of sales figures Unauthorized access to the tags memory Content of tag may be read out modified cleared Forgery of tags duplication (example with banknote) The most popular threat of RFID systems is the violation of privacy Big Brother problem Ominpresent in the media Cosumer tracking which is important from data protection point of view Industrial espionage of data and products Unallowed tracking of sales figures Unauthorized access to the tags memory Content of tag may be read out modified cleared Forgery of tags duplication (example with banknote)

    22. Existing countermeasures Shielding using metal foils Protection of privacy Destruction at point-of-sale Blocker tags Memory protection Write once, read many Access through pass phrase XOR-cryptography After the threats I want to present existing countermeasures Not really solutions, some kind of workaround Shielding Metal foils Cloak 29$ (10 MHz 20 GHz) Protection of privacy Kill RFID tags at point-of-sales (Problem: they are much too useful) Blocker tag (simulates billions of tag serial numbers) SHOW Privacy zones of unprotected serial numbers Problem: Reader can resolve collisions Memory protection Write once, read many (unable to write to tags memory after personalization phase) Access to memory through passphrase Minimalist cryptography I call it XOR cryptography (funny things)After the threats I want to present existing countermeasures Not really solutions, some kind of workaround Shielding Metal foils Cloak 29$ (10 MHz 20 GHz) Protection of privacy Kill RFID tags at point-of-sales (Problem: they are much too useful) Blocker tag (simulates billions of tag serial numbers) SHOW Privacy zones of unprotected serial numbers Problem: Reader can resolve collisions Memory protection Write once, read many (unable to write to tags memory after personalization phase) Access to memory through passphrase Minimalist cryptography I call it XOR cryptography (funny things)

    23. Cryptographic approach Identification Claim to be have a certain identity (username) Authentication Proof of identity Showing knowledge, possession, inherent feature How can we reach effective countermeasures Cryptography is needed Some basics Identification Claim to have a certain identity Name, Username, ID, Authentication Proof of identity Must show Knowledge of secret Possession of something (Smartcard, Token, ) Inherent feature (retina, fingerprint, )How can we reach effective countermeasures Cryptography is needed Some basics Identification Claim to have a certain identity Name, Username, ID, Authentication Proof of identity Must show Knowledge of secret Possession of something (Smartcard, Token, ) Inherent feature (retina, fingerprint, )

    24. Authentication mechanisms (1) Passwords (weak authentication) Userid + password Interactive Replay attack Zero-knowledge protocols Demonstrate knowledge of secret without revealing information about it Iterative Different authentication mechanisms (from weak to strong authentication) Passwords are relatively weak combination of userid+password interactive vulnerable to replay attacks Zero-knowledge protocols Demonstrate knowledge of secret without revealing information about it Iterative (security improves with number of iterations) Peggy goes into a random branch of the cave, which Victor doesn't know standing outside the cave Victor comes into the cave, and calls out a random branch of the cave (left or right), where Peggy should come out If Peggy knows the secret password Open Sesame, she can come out the right way every time, opening and passing the secret door with the password if necessary. If Peggy doesn't know the password, she has a 50% chance of initially going into the wrong branch, and as she is not able to pass the secret door, Victor can call her bluff. Victor will repeat this round as many times as he desires until he is certain Peggy knows the secret words. No matter how many times the proof repeats, Victor does not learn the secret words. Different authentication mechanisms (from weak to strong authentication) Passwords are relatively weak combination of userid+password interactive vulnerable to replay attacks Zero-knowledge protocols Demonstrate knowledge of secret without revealing information about it Iterative (security improves with number of iterations) Peggy goes into a random branch of the cave, which Victor doesn't know standing outside the cave Victor comes into the cave, and calls out a random branch of the cave (left or right), where Peggy should come out If Peggy knows the secret password Open Sesame, she can come out the right way every time, opening and passing the secret door with the password if necessary. If Peggy doesn't know the password, she has a 50% chance of initially going into the wrong branch, and as she is not able to pass the secret door, Victor can call her bluff. Victor will repeat this round as many times as he desires until he is certain Peggy knows the secret words. No matter how many times the proof repeats, Victor does not learn the secret words.

    25. Authentication mechanisms (2) Challenge response (strong authentication) Knowledge of a secret Time-variant challenge Response depends on challenge and secret Challenge-response authentication Strong authentication Ideally suitable for RFID systems because of command structure of RFID (send request, get response) Works also by showing the knowledge of a secret First a time-variant challenge is sent from A to B (time-variant is important because of replay-attacks) Response depends on challenge and the secret which is shared by the to entities (in this case)Challenge-response authentication Strong authentication Ideally suitable for RFID systems because of command structure of RFID (send request, get response) Works also by showing the knowledge of a secret First a time-variant challenge is sent from A to B (time-variant is important because of replay-attacks) Response depends on challenge and the secret which is shared by the to entities (in this case)

    26. Challenge-response authentication (1) Unilateral Authentication of tag Forgery Authentication of reader Privacy Two pass Mutual Forgery and privacy Three pass Two possible ways for authentication Unilateral authentication where one entity proofs its identity to another party Mutual authentication where both entities proof their identity to each other Unilateral authentication Authentication of tag solves the problem of forgery (the tag is authentic) Authentication of reader to provide privacy protection (reader is allowed to talk to tag) Two-way protocol (picture) Mutual authentication Provides both privacy and prohibits forgery Three-way protocol (picture)Two possible ways for authentication Unilateral authentication where one entity proofs its identity to another party Mutual authentication where both entities proof their identity to each other Unilateral authentication Authentication of tag solves the problem of forgery (the tag is authentic) Authentication of reader to provide privacy protection (reader is allowed to talk to tag) Two-way protocol (picture) Mutual authentication Provides both privacy and prohibits forgery Three-way protocol (picture)

    27. Challenge-response authentication (2) Symmetric Same key at both entities KA=KB Key distribution problem Key management difficulties Fast and efficient Closed systems (offline) Asymmetric Public key and private key KA?KB Certificate management Slow and complex Open systems (online certificates) Tag-only authentication Last classification is whether symmetric or asymmetric techniques are used Differences are:Last classification is whether symmetric or asymmetric techniques are used Differences are:

    28. Requirements for security-enhanced tag (ART Project) Security level No pseudo securitiy ? strong cryptographic primitives Standardized symmetric algorithm (AES) Standardized crypto protocol Protocol Prevent forgery Supply of privacy Useable with existing infrastructure ? compatibility to existing standards ISO/IEC 18000 Requirements for a security-enhanced tag as we define security Security level We are interested in strong cryptographic algorithms We chose the standardized symmetric encryption algorithm (AES) From the protocol point-of-view Prevent forgery Supply of privacy Compatibility to existing standards ISO/IEC 18000 EPC (Electronic Product Code)Requirements for a security-enhanced tag as we define security Security level We are interested in strong cryptographic algorithms We chose the standardized symmetric encryption algorithm (AES) From the protocol point-of-view Prevent forgery Supply of privacy Compatibility to existing standards ISO/IEC 18000 EPC (Electronic Product Code)

    29. Encryption algorithm Advanced Encryption Standard (AES) Symmetric block cipher algorithm 128-bit data blocks 128-bit key length 10 rounds Encryption-only is needed for authentication purpose Encryption algorithm Federal Information Processing Standard (FIPS 197) since 2001 also known as Rijndael, Joan Daemen and Vincent Rijmen who teaches at the IAIK Symmetric block cipher algorithm which is suitable for hardware and software implementations Successor of DES It operates on blocks of data with 128 bits Has three different key lengths but we just use 128-bit keys where 10 rounds of a round function are applied Encryption-only is needed for authentication (encrypt and compare)Encryption algorithm Federal Information Processing Standard (FIPS 197) since 2001 also known as Rijndael, Joan Daemen and Vincent Rijmen who teaches at the IAIK Symmetric block cipher algorithm which is suitable for hardware and software implementations Successor of DES It operates on blocks of data with 128 bits Has three different key lengths but we just use 128-bit keys where 10 rounds of a round function are applied Encryption-only is needed for authentication (encrypt and compare)

    30. Hardware requirements (tag) Minimal power consumption < 20 mA average Low die-size < 1 mm2 Low cost ~5 Cent vs. ~50 Cent Maximum number of clock cycles for AES ~1000 cycles @ 100 kHz As we are a VLSI group (Very Large Scale Integration) our main focus lays on hardware implementations Especially in RFID systems the requirements for tags are very constraint Most important is the low power consumption As the tag has no internal power supply Coupling through air interface is lossy Current consumption is only about 20 micro Amps for the whole circuit This is only reachable with low clock frequencies Low die-size is also crucial To be competetive the die-size is limited (the size indirectly influences the power consumption) Low cost is a resulting factor Its to distinguish between mass product tags which cost nowadays 5-10 Cent and high end tags with about 50 Cent Reader price about 100 Dollar The goal is to have tags with 1 Cent and reader devices with several Dollar The resulting requirements for an AES implementation is about 1000 clock cycles at a clock frequency of 100 kHz and 10 micro Amps As we are a VLSI group (Very Large Scale Integration) our main focus lays on hardware implementations Especially in RFID systems the requirements for tags are very constraint Most important is the low power consumption As the tag has no internal power supply Coupling through air interface is lossy Current consumption is only about 20 micro Amps for the whole circuit This is only reachable with low clock frequencies Low die-size is also crucial To be competetive the die-size is limited (the size indirectly influences the power consumption) Low cost is a resulting factor Its to distinguish between mass product tags which cost nowadays 5-10 Cent and high end tags with about 50 Cent Reader price about 100 Dollar The goal is to have tags with 1 Cent and reader devices with several Dollar The resulting requirements for an AES implementation is about 1000 clock cycles at a clock frequency of 100 kHz and 10 micro Amps

    31. TINA- Tiny AES: The smallest AES implementation known TINA results: Stand alone AES module with P-interface AES-128 encryption and decryption On-the-fly Roundkey computation Consumption: < 4.5 W (Philips 0.35m, 100kHz) Area: < 0,25 mm

    32. Architecture of an RFID tag - Secure embedded system Architecture of an RFID tag: The reason why we are here at IPICS is that an RFID tag is nothing else than a Secure Embedded System Coil Analog front-end Connected to the coil Power supply Clockrecovery from carrier frequency Demodulation of data/ load modulation EPROM non volatile memory for personalization data read and writeable Controller Responsible for Protocol (Synch., Data coding, Error detection, Packets, Request-response) communicates with all modules (Analog, EPROM, Crypto m., Timer) AES module cryptographic algorithm for authentiation AES implementation for low power Architecture of an RFID tag: The reason why we are here at IPICS is that an RFID tag is nothing else than a Secure Embedded System Coil Analog front-end Connected to the coil Power supply Clockrecovery from carrier frequency Demodulation of data/ load modulation EPROM non volatile memory for personalization data read and writeable Controller Responsible for Protocol (Synch., Data coding, Error detection, Packets, Request-response) communicates with all modules (Analog, EPROM, Crypto m., Timer) AES module cryptographic algorithm for authentiation AES implementation for low power

    33. Analog frontend (Philips) Power supply of tag Frequency recovery for digital part of the tag Power-on reset Modulation/ demodulation of data Schematic of an analog frontend Responsible for . Schematic of an analog frontend Responsible for .

    34. EEPROM Stores non-volatile data UID Secret key Programmed during personalization phase Protection Unauthorized read Tampering EEPROM stores non-volatile data unique ID of tags (64 bits) secret key (128 bits for AES) Data are programmed during the personalization phase Should have some form of protection Tamper resistance not so important Read out should not be allowed, some mechanism requiredEEPROM stores non-volatile data unique ID of tags (64 bits) secret key (128 bits for AES) Data are programmed during the personalization phase Should have some form of protection Tamper resistance not so important Read out should not be allowed, some mechanism required

    35. Crypto tag prototype using FPGA Trying out protocols anti-collision algortihm reader functionality timing measurements Design and functionality of tag FPGA board Antenna Analog frontend FPGA Microcontroller Power supply InterfaceTrying out protocols anti-collision algortihm reader functionality timing measurements Design and functionality of tag FPGA board Antenna Analog frontend FPGA Microcontroller Power supply Interface

    36. PETRA: Protocol emulation Protocol Evaluation Tool for RFID Application Emulates arbitrary nr of tags in a cycle accurate manner Allows to simulate e.g. protocol extensions and get typical values Perfect tool for e.g. tests of different parameters for anti-collision in different applications

    37. Authentication of tag Protocol for authentication of tag Reader generates random number It makes a frame within a command structure and sends it to the tag The tag encrypts this random challenge and makes a frame itself To verify the response the reader can encrypt the randomly chosen value and compares the result with the received value Or it can decrypt the received value to get the sent random number (decryption not needed) Both share the same secret key K One problem of sharing the same key is that when one tag is compromised the whole system is compromised Solution is to have a master key at the reader Derive the subkeys for tags from the ID of the tag and the master secretProtocol for authentication of tag Reader generates random number It makes a frame within a command structure and sends it to the tag The tag encrypts this random challenge and makes a frame itself To verify the response the reader can encrypt the randomly chosen value and compares the result with the received value Or it can decrypt the received value to get the sent random number (decryption not needed) Both share the same secret key K One problem of sharing the same key is that when one tag is compromised the whole system is compromised Solution is to have a master key at the reader Derive the subkeys for tags from the ID of the tag and the master secret

    38. Interleaved protocol Authentication of approx. 50 tags per second possible Possible solution for authentication of lot of tags The time when a tag encrypts a challenge is used for communication with other tags We call it interleaved protocol It works as following: The reader sends the first challenge to Tag Number 1 .. This is an example how the authentication of up to 50 tags per second is possible This is a reasonable number when thinking about supply-chain managementPossible solution for authentication of lot of tags The time when a tag encrypts a challenge is used for communication with other tags We call it interleaved protocol It works as following: The reader sends the first challenge to Tag Number 1 .. This is an example how the authentication of up to 50 tags per second is possible This is a reasonable number when thinking about supply-chain management

    39. Application: Secure Supply Chain for Pharmaceuticals

More Related