Professional Documents
Culture Documents
Lopez
Outline
Introduction 2. Basic RFID Tags 3. Symetric-Key Tags 4. RFID News
1.
Definition
RFID: Is a technology for automated identification of objetcs and people RFID devices are called RFID Tags
0.002x0.002in) Transmit data over the air Responds to interrogation Possible successor of barcodes EPCGlobal Inc Oversees the development of standards
RFID Overview
ID:2342341456734
Tags (transponders)
Attached to objects, call out identifying data on a special radio frequency
Reader (transceiver)
Reads data off the tags without direct contact
Database
Matches tag IDs to physical objects
Reading Tags
The read process starts when an RFID reader sends out a query message
Invites all tags within range to respond More than one RFID tag may respond at the same time This causes a collision Reader cannot accurately read information from more than
Reader must engage in a special singulation protocol to talk to each tag separately
Barcode Replacement
Unique Identification Type of Object Vs. Unique among millions Act as a pointer to a database Automation Optically scanned
Line-of-sight Contact with readers Careful physical position Requires human intervention
RFID Standards
Some standards that have been made regarding RFID technology include: ISO 14223/1 RFID of Animals, advanced transponders ISO 14443: HF (13.56 MHz) RFID-enabled passports under ICAO 9303. ISO 15693: HF (13.56 MHz) used for non-contact smart payment and credit cards ISO/IEC 18000 - 7 different Parts ISO 18185: "e-seals" for tracking cargo containers using the 433 MHz and 2.4 GHz frequencies. EPCglobal - Most likely to undergo International Standardization according to ISO rules as with all sound standards in the world.
Tag Types
Passive:
All power comes from a readers signal Tags are inactive unless a reader activates them Cheaper and smaller, but shorter range
Semi-passive
On-board battery, but cannot initiate communication Can serve as sensors, collect information from environment: for example, smart
Active:
On-board battery power Can record sensor readings or perform calculations in the absence of a reader Longer read range
LF
HF
UHF
Microwave
Freq. Range
Read Range Application
125 - 134KHz
10 cm Smart Cards, Ticketing, animal tagging, Access Control
13.56 MHz
1M Small item management, supply chain, Anti-theft, library, transportation
866 - 915MHz
2-7 M Transportation vehicle ID, Access/Security, large item management, supply chain
Applications
Supply-chain management
logistics, inventory control, retail check-out
Payment systems
ExxonMobil SpeedPass I-Pass/EZ-Pas/Smart Tag toll systems Credit Cards
Access Control
Passports
Library books Human-implantable RFID Hospital and Health Centers Money - Yen and Euro banknoter anti-counterfeiting Animal Tracking - and Human???
model #4456
(cheap polyester)
Wig
serial #A817TS8
Nominal Range Range intend to operate Rogue Scanning Range Powerful antenna amplifies the read range Tag-To-Reader Eavesdropping range A second reader can monitor the resulting tag emission Reader-to-Tag eavesdropping range Sometimes the reder send information with a greater power than the tags.
CURRENT BALANCE
Wig
serial #A817TS8
Cannot:
Execute standards cryptographic operations
Strong Pseudorandom number generation Hashing
Low-cost tags
EPC tags Used in most gates
Privacy
Trusted Computing
Dead tags tell no tales Privacy is preserve Would be difficult to manage in practice Users might have to manage her PIN for her tags
Privacy (Cont 2)
Re-naming approach
Even if the tag has no intrinsic meaning it can still
Privacy (Cont 3)
Enhancer Proxy)
Please show reader certificate and privileges
Privacy (Cont 4)
Distance Measurement
Distance as a measure of trust A tag might release general information Im attached to a bottle of water when scanned at a distance, but release more specific information, like unique identifier at a close range.
Privacy (Cont 5)
Blocking
Scheme depends on the incorporation of a
modifiable bit called a privacy bit It uses a blocking tag which prevents unwanted scanning of tag on a private zone Soft-blocking -On the reader Do not scan tags whose privacy is on
Trusted Computing
Authentication
cryptographic proof that 2 tags have been scanned simultaneously to try to solve that the reader actually reads what is trying to scan.
Cloning
With a simple challenge-response protocol a tag T, can authenticate
The tag transmit Ti The reader generates a random bit string R The tag computes H=h(Ki,R) and transmits H The reader verifies H =h(Ki,R) Based on the secrecy of the algorithm Security through obscurity was crack by student at Johns Hopkins
Reverse-Engineering Key cracking Simulation
by Speedpass)
Privacy
Symmetric-Key Management Problem Leads to a paradox
readers The tag emits it identifier Ti So the reader can learn the identity of the tag Privacy unachievable
Tag emits Once receiving E, the reader searches all the
spaces of tags keys, trying to decrypt E under every key K until its obtains P (The reader has all the tags key on it)
Privacy
Literature
Tree approach Proposed approach where a tag contains more than one symmetric key in a hierarchical structure define by a tree S.
Every node has a unique key Each tag is assigned to a unique leaf It contains the key defined by the path from the root S to the leaf
Can be useful for: A tag holder can transfer ownership of an RFID tag to another party, while history remains private A centralized authority with full tag information can provision readers to scan particular tags over limited windows time
Synchronization approach Symmetric-key primitive The European network for excellence in cryptographic is
Cryptography!
Urgent need for cheaper hardware for primitives and better side-
channel defenses
Some of talk really in outer limits, but basic caveats are important:
Pressure to build a smaller, cheaper tags without cryptography RFID tags are close and personal, giving privacy a special
dimension RFID tags change ownership frequently Key management will be a major problem
Think for a moment after this talk about distribution of kill passwords
RFDI News
RFID Passports cracked http://blog.wired.com/sterling/2006/11/arphid_w atch_fi.html Can Aluminum Shield RFID Chips? http://www.rfid-shield.com/info_doesitwork.php RFID chips can carry viruses http://arstechnica.com/news.ars/post/20060315 -6386.html Nightclub allows entry by RFID http://www.prisonplanet.com/articles/april2004/0 40704bajabeachclub.htm Demo: Cloning a Verichip http://cq.cx/verichip.pl