RFID Security and Privacy A Research Survey

Download Report

Transcript RFID Security and Privacy A Research Survey

RFID Security and Privacy
A Research Survey
Shruti Pathak
CS 585
Spring ‘09
What is RFID?



Radio Frequency IDentification: RFID
Automated identification of objects and
people
It labels objects uniquely and explicitly
1/29/09
UAHuntsville
2
What is an RFID tag?




Small microchip designed for wireless data
transmission
Attached to an antenna: resembles a sticker
Contactless and unique identification of
products and people
Microchip can be as small as a grain of sand
(0.4mm2)
1/29/09
UAHuntsville
3
Types of RFID tags



‘Passive’ tags (inexpensive) which derive
their power from interrogating reader
‘Semi-Passive’ tags whose batteries power
their circuitry when they are interrogated
‘Active’ tags whose batteries power their
transmission
1/29/09
UAHuntsville
4
An EPC RFID tag used by Walmart
© http://en.wikipedia.org/?title=RFID
1/29/09
UAHuntsville
5
How does it work?
1/29/09
UAHuntsville
6
How does it work?




RFID reader sends high frequent energy with
optional encoded information to the
transponder
The energy gets converted into electrical
charge and gets saved
Transponder responses with unique encoded
information
Reader receives the information and
processes it
1/29/09
UAHuntsville
7
RFID tag (..contd)

Successor to the optical barcode, which can be
seen on any product
1/29/09
UAHuntsville
8
Advantages of RFID over barcodes

Unique Identification
Barcode identifies type of object while the RFID
identifies the object uniquely
Example: When product is purchased at Walmart and is scanned
for billing the information that is scanned can be said to be as
“Kleenex tissue pack-10 count”
In fact each identical pack will scan the same information
Whereas the RFID tag would scan the same pack
as “Kleenex tissue pack-10 count serial no. ABC1239086” and
each pack thus will generate unique information(identification).
1/29/09
UAHuntsville
9
Advantages of RFID over barcodes
(..contd)
Automation
Optically scanned hence line-of-sight
contact with reader required.
Example: Difficulty while self-checking out
the items!
RFID tags overcome these
shortcomings! They can scan 100 of items
per second.
Example: Items in warehouses.

1/29/09
UAHuntsville
10
RFID today and tomorrow
RFID today





Proximity Cards (contactless cards)
Automated toll-payment transponders
Ignition keys of automobiles (theft-deterrent)
Payment tokens (SpeedPassTM, American
Express ExpressPayTM, Mastercard
PayPassTM)
Many house pets have RFID tags implanted
in their bodies to facilitate their safe-return
home
1/29/09
UAHuntsville
12

1/29/09
© http://www.technovelgy.com/ct/Science-Fiction-News.asp?NewsNum=906
UAHuntsville
13
RFID tomorrow




Smart Appliances:
Washing Machines and refrigerators, even
shopping list to home delivery service
Shopping:
Check-out by rolling just the card under point of sale
and automatic credit to your account. Also would facilitate the
return of items without receipts
Interactive Objects:
Interaction through mobile phones. Scan movie
posters and an item for sale!
Medication Compliance:
To verify whether the medications are taken in a
timely manner
1/29/09
UAHuntsville
14
Formal definition of RFID
Any RFID is a device that is mainly
used for identification of an object or a
person
Security Problems
Two main Privacy concerns
 Clandestine (concealed) Tracking
Readers interrogate and tags respond without
the owner’s knowledge
Serious threat when the reader can retrieve your
personal information during this process!
 Inventorying (making itemized list of supplies)
Reader can harvest important information from
the tags related to what type of medication a person
is carrying thus what illness he/she may have.
Personal preferences with respect to clothing and
other accessories.
1/29/09
UAHuntsville
16
Privacy Problems (concerns of everyday
life)





Toll-payment transponders
Small plaques positioned in windshield corners
Euro Banknotes
Embedding RFID tags in banknotes as an anti-counterfeiting
measure
Libraries
Facilitate check-out and inventorying of books
Passports
An international organization known as International Civil Aviation
Organization officially announced the guidelines for RFID enabled
passports and other travel documents
Human Implantation
VeriChip is a human implantable RFID tag. It can be used for
medical record indexing by scanning a patient’s tag
1/29/09
UAHuntsville
17
Read ‘ranges’ of tags
Nominal read range
ISO 14443 specifies a nominal read range of 10 cm
 Rogue scanning range
5 times the nominal read range, i.e.,50 cm
 Tag-to-reader eavesdropping range
Once the tag is powered by a reader then a second
reader can read information from the same tag from a much
more larger distance than rogue scanning range
 Reader-to-tag eavesdropping range
Readers transmit tag specific information to the tag
in some RFID protocols. They are subject to eavesdropping to
kilometers of distances
NOTE: RFID tags can foul systems with excessively long range. In
some extreme cases, one person might pay for another person’s
groceries!

1/29/09
UAHuntsville
18
Authentication


Issues concerning well behaving readers
extracting information from misbehaving tags
Scanning and replication of RFID tags is
another problem
1/29/09
UAHuntsville
19
Nomenclature and Organization


Basic Tags
Those that cannot execute standard
cryptographic operations like encryption and
hashing
Symmetric-key tags
Can perform symmetric cryptographic
operations hence cost a little more
1/29/09
UAHuntsville
20
Basic RFID tags




Low cost
Lack cryptographic operations
Couple of thousand gates devoted mainly to
basic operations
Another hundreds for security functionality
1/29/09
UAHuntsville
21
Privacy

‘Killing’ and ‘Sleeping’:
When an EPC tag receives a ‘kill’
command from the reader, it becomes inoperative
permanently. These commands are PIN protected
Alternatively, tags are put to “sleep” which
means they are temporarily made inactive

Renaming Approach
Tag identifiers are suppressed to disable
tracking and hence protect privacy
1/29/09
UAHuntsville
22
Privacy (…contd)

The Proxying approach
Consumers might carry their own individual privacy
protection devices instead of depending on readers for the same

Distance measurement
With some additional low-cost circuitry we can
roughly measure the distance between the reader and the tag on
the basis of which we can judge the authentication

Blocking
Incorporation of modifiable bit called as ‘privacy bit’
into tags
0 bit : unrestricted public scanning
1 bit : ‘privacy zone’
1/29/09
UAHuntsville
23
Authentication



Using ‘kill pins’ to authenticate tags to the reader
‘Yoking’ is a RFID protocol which provides
cryptographic proof that two items were scanned
simultaneously within physical proximity.
Example: Medication + instruction booklet scanned
manually
Physical one-way functions called POWF are tiny
glass beads. On scanning those, unique pattern is
revealed. POWF enables: (i) destroying information
on physical tampering of RFID devices (ii)
manufacturing duplicate POWF is almost impossible
1/29/09
UAHuntsville
24
The problem of PIN distribution


Privacy and authentication features both
depend on tag-specific PINs
Extremely necessary to secure point of sale
terminals with the pin while we use the ‘kill’
command
1/29/09
UAHuntsville
25
Symmetric-Key Tags




Cloning
Prevents the tag cloning by a simple challenge-response
protocol
Privacy
Secure authentication of a RFID tag relies on the symmetric
key shared between tag and the reader
The Literature
The use of key-search mechanism is very costly and efforts
are being made to reduce this cost
Implementing symmetric-key primitives
Several different solutions for efficiently designing and
implementing these primitives are being proposed
1/29/09
UAHuntsville
26
More on Privacy in Symmetric key Tags




If tag identifies itself prior to the interrogation
from the reader, privacy is unachievable
If the reader authenticated to the tag first,
then the tag cannot easily identify itself to the
reader
Thus, it becomes difficult to find out the key
between the reader and the tag
Solution to this problem: Letting the reader
identify the tags using a ‘key search’
1/29/09
UAHuntsville
27
Conclusion




RFID tag gives rise to lot of security and
privacy issues especially between the tag
and the reader that have been discussed
Sensors are small hardware devices similar
in flavor to RFID tags
Sensors are more expensive than RFID tags
User perception on RFID tags
1/29/09
UAHuntsville
28
References

A. Juels, "RFID security and privacy: a
research survey," IEEE Journal on Selected
Areas in Communications, vol. 24, pp. 381394, 2006
1/29/09
UAHuntsville
29