1 / 27

RFID Security and Privacy: A Research Survey

Written by: Ari Juels Presented by Carlos A. Lopez. RFID Security and Privacy: A Research Survey. Outline. Introduction Basic RFID Tags Symetric-Key Tags RFID News. Definition. RFID: Is a technology for automated identification of objetcs and people RFID devices are called “RFID Tags”

sanam
Télécharger la présentation

RFID Security and Privacy: A Research Survey

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Written by: Ari Juels Presented by Carlos A. Lopez RFID Security and Privacy: A Research Survey

  2. Outline • Introduction • Basic RFID Tags • Symetric-Key Tags • RFID News

  3. Definition • RFID: Is a technology for automated identification of objetcs and people • RFID devices are called “RFID Tags” • Small Microchip (Itachi Mu-chip 0.002x0.002in) • Transmit data over the air • Responds to interrogation • Possible successor of barcodes • EPCGlobal Inc Oversees the development of standards

  4. RFID Overview ID:2342341456734 Credit Card #8163 3534 9234 9876 Radio signal (contactless) Range: from 3-5 inches to 3 yards Tags (transponders) Attached to objects, “call out” identifying data on a special radio frequency Reader (transceiver) Reads data off the tags without direct contact Database Matches tag IDs to physical objects

  5. Reading Tags • The read process starts when an RFID reader sends out a query message • Invites all tags within range to respond • More than one RFID tag may respond at the same time • This causes a collision • Reader cannot accurately read information from more than one tag at a time • Reader must engage in a special singulation protocol to talk to each tag separately

  6. Barcode Replacement • Unique Identification • Type of Object Vs. Unique among millions • Act as a pointer to a database • Automation • Optically scanned • Line-of-sight • Contact with readers • Careful physical position • Requires human intervention

  7. RFID Standards Some standards that have been made regarding RFID technology include: • ISO 14223/1 – RFID of Animals, advanced transponders • ISO 14443: HF (13.56 MHz) RFID-enabled passports under ICAO 9303. • ISO 15693: HF (13.56 MHz) used for non-contact smart payment and credit cards • ISO/IEC 18000 - 7 different Parts • ISO 18185: "e-seals" for tracking cargo containers using the 433 MHz and 2.4 GHz frequencies. • EPCglobal - Most likely to undergo International Standardization according to ISO rules as with all sound standards in the world.

  8. Tag Types • Passive: • All power comes from a reader’s signal • Tags are inactive unless a reader activates them • Cheaper and smaller, but shorter range • Semi-passive • On-board battery, but cannot initiate communication • Can serve as sensors, collect information from environment: for example, “smart dust” for military applications • Active: • On-board battery power • Can record sensor readings or perform calculations in the absence of a reader • Longer read range

  9. Human-implantable RFID Applications • Supply-chain management • logistics, inventory control, retail check-out • Payment systems • ExxonMobil SpeedPass • I-Pass/EZ-Pas/Smart Tag toll systems • Credit Cards • Access Control • Passports • Library books • Hospital and Health Centers • Money - Yen and Euro banknoter anti-counterfeiting • Animal Tracking - and Human???

  10. Wig model #4456 (cheap polyester) Das Kapitaland Communist-party handbook 1500 Euros in wallet Serial numbers: 597387,389473… 30 items of lingerie The consumer privacy problem Here’s Mr. BOB in 2015… Replacement hip medical part #459382

  11. …the tracking problem Wig serial #A817TS8 • Mr. Bob pays with a credit card - his RFID tags now linked to his identity determines level of customer service • Mr. Bob attends a political rally - law enforcement scans his RFID tags • Mr. Jones wins Award - physically tracked by paparazzi via RFID • Read ranges of a tag • Nominal Range – Range intend to operate • Rogue Scanning Range –Powerful antenna amplifies the read range • Tag-To-Reader Eavesdropping range – A second reader can monitor the resulting tag emission • Reader-to-Tag eavesdropping range - Sometimes the reder send information with a greater power than the tags.

  12. CURRENT BALANCE Travel history: visited stations and dates WMATA Smart Trip RFID

  13. …and the authentication problem Wig serial #A817TS8 • Privacy: Misbehaving readers harvesting information from well-behaving tags • Authentication: Well-behaving readers harvesting information from misbehaving tags, particularly counterfeit ones

  14. Basic RFID tags Vs. Symmetric Key tags • Cannot: • Execute standards cryptographic operations • Strong Pseudorandom number generation • Hashing • Low-cost tags • EPC tags • Used in most gates

  15. Privacy • Killing and Sleeping • Re-naming approach • Relabeling • Minimalist cryptography • Encryption • The proxy approach • Watchdog Tag • RFID Guardian • Distance Measurement • Blocking • Soft-blocking • Trusted Computing

  16. Returning to basic issue of privacy:Kill codes • EPC tags have a “kill” function • On receiving password, tag self-destructs • Tag is permanently inoperative • No post-purchase benefits • Developed for EPC to protect consumers after point of sale • “Dead tags tell no tales” • Privacy is preserve • Why not sleep them? • Would be difficult to manage in practice – Users might have to manage her PIN for her tags

  17. Privacy (Cont 2) • Re-naming approach • Even if the tag has no intrinsic meaning it can still enable tracking (Solution: Change over time) • Relabeling • Consumer are equipped to re-label tags with new identifier, but able to reactive old information • Minimalist cryptography • Change names each time is interrogated • Encryption • Re-Encryption • Public Key cryptosystem • Periodically re-encrypted by law enforcement • Universal Re-encryption

  18. Privacy (Cont 3) • The proxy approach • Watchdog Tag • RFID Guardian

  19. Please show reader certificate and privileges So what might solve our problems? • Higher-powered intermediaries like mobile phones • RFID “Guardian” and RFID REP (RFID Enhancer Proxy)

  20. Privacy (Cont 4) • Distance Measurement • Distance as a measure of trust • A tag might release general information “I’m attached to a bottle of water” when scanned at a distance, but release more specific information, like unique identifier at a close range.

  21. Privacy (Cont 5) • Blocking • Scheme depends on the incorporation of a modifiable bit called a privacy bit • It uses a blocking tag which prevents unwanted scanning of tag on a private zone • Soft-blocking -On the reader “Do not scan tags whose privacy is on” • Trusted Computing

  22. Authentication • ECP tags Class-1 Gen-2 have no explicit anti-counterfeiting features • Yoking: Is a protocol that provides cryptographic proof that 2 tags have been scanned simultaneously to try to solve that the reader actually reads what is trying to scan.

  23. Symmetric-Key Tags (capable of computing symmetric key) • Cloning • With a simple challenge-response protocol a tag T, can authenticate itself to a reader that shares the key Ki • The tag transmit Ti • The reader generates a random bit string R • The tag computes H=h(Ki,R) and transmits H • The reader verifies H =h(Ki,R) • Digital Signature Transponders ( created by Texas Instrument and used by Speedpass) • Based on the secrecy of the algorithm “Security through obscurity” was crack by student at Johns Hopkins • Reverse-Engineering • Key cracking • Simulation • Reverse - Engineering and side channels • Relay Attacks • Man-in-the-middle attacks can bypass any cryptographic protocol

  24. Privacy • Symmetric-Key Management Problem • Leads to a paradox • A tag identifies itself before authenticating the readers • The tag emits it identifier Ti • So the reader can learn the identity of the tag • Privacy unachievable • Tag emits where P is a input value • Once receiving E, the reader searches all the spaces of tags keys, trying to decrypt E under every key K until its obtains P (The reader has all the tag’s key on it)

  25. Privacy • Literature • Tree approach • Proposed approach where a tag contains more than one symmetric key in a hierarchical structure define by a tree S. • Every node has a unique key • Each tag is assigned to a unique leaf • It contains the key defined by the path from the root S to the leaf • Can be useful for: • A tag holder can transfer ownership of an RFID tag to another party, while history remains private • A centralized authority with full tag information can provision readers to scan particular tags over limited windows time • Synchronization approach • Symmetric-key primitive • The European network for excellence in cryptographic is evaluating 21 candidates stream ciphers

  26. So what might solve our problems? • Cryptography! • Urgent need for cheaper hardware for primitives and better side-channel defenses • Some of talk really in outer limits, but basic caveats are important: • Pressure to build a smaller, cheaper tags without cryptography • RFID tags are close and personal, giving privacy a special dimension • RFID tags change ownership frequently • Key management will be a major problem • Think for a moment after this talk about distribution of kill passwords… • Are you ready for the Verichip?

  27. RFDI News • RFID Passports cracked - http://blog.wired.com/sterling/2006/11/arphid_watch_fi.html • Can Aluminum Shield RFID Chips? - http://www.rfid-shield.com/info_doesitwork.php • RFID chips can carry viruses - http://arstechnica.com/news.ars/post/20060315-6386.html • Nightclub allows entry by RFID’ - http://www.prisonplanet.com/articles/april2004/040704bajabeachclub.htm • Demo: Cloning a Verichip - http://cq.cx/verichip.pl

More Related