RFID Security and Privacy: A Research Survey

1
RFID Security and Privacy A Research Survey

• Written by Ari Juels
• Presented by Carlos A. Lopez

2
Outline

1. Introduction
2. Basic RFID Tags
3. Symetric-Key Tags
4. RFID News

3
Definition

• RFID Is a technology for automated
  identification of objetcs and people
• RFID devices are called RFID Tags
• Small Microchip (Itachi Mu-chip 0.002x0.002in)
• Transmit data over the air
• Responds to interrogation
• Possible successor of barcodes
• EPCGlobal Inc Oversees the development of
  standards

4
RFID Overview
ID2342341456734
Credit Card 8163 3534 9234 9876
Radio signal (contactless) Range from 3-5 inches
to 3 yards
Tags (transponders) Attached to objects, call
out identifying data on a special radio frequency
Reader (transceiver) Reads data off the
tags without direct contact
Database Matches tag IDs to physical objects
5
Reading Tags

• The read process starts when an RFID reader sends
  out a query message
• Invites all tags within range to respond
• More than one RFID tag may respond at the same
  time
• This causes a collision
• Reader cannot accurately read information from
  more than one tag at a time
• Reader must engage in a special singulation
  protocol to talk to each tag separately

6
Barcode Replacement

• Unique Identification
• Type of Object Vs. Unique among millions
• Act as a pointer to a database
• Automation
• Optically scanned
• Line-of-sight
• Contact with readers
• Careful physical position
• Requires human intervention

7
RFID Standards

• Some standards that have been made regarding RFID
  technology include
• ISO 14223/1 RFID of Animals, advanced
  transponders
• ISO 14443 HF (13.56 MHz) RFID-enabled passports
  under ICAO 9303.
• ISO 15693 HF (13.56 MHz) used for non-contact
  smart payment and credit cards
• ISO/IEC 18000 - 7 different Parts
• ISO 18185 "e-seals" for tracking cargo
  containers using the 433 MHz and 2.4 GHz
  frequencies.
• EPCglobal - Most likely to undergo International
  Standardization according to ISO rules as with
  all sound standards in the world.

8
Tag Types

• Passive
• All power comes from a readers signal
• Tags are inactive unless a reader activates them
• Cheaper and smaller, but shorter range
• Semi-passive
• On-board battery, but cannot initiate
  communication
• Can serve as sensors, collect information from
  environment for example, smart dust for
  military applications
• Active
• On-board battery power
• Can record sensor readings or perform
  calculations in the absence of a reader
• Longer read range

LF HF UHF Microwave
Freq. Range 125 - 134KHz 13.56 MHz 866 - 915MHz 2.45 - 5.8 GHz
Read Range 10 cm 1M 2-7 M 1M
Application Smart Cards, Ticketing, animal tagging, Access Control Small item management, supply chain, Anti-theft, library, transportation Transportation vehicle ID, Access/Security, large item management, supply chain Transportation vehicle ID (tolls), Access/Security, large item management, supply chain
9
Applications

• Supply-chain management
• logistics, inventory control, retail check-out
• Payment systems
• ExxonMobil SpeedPass
• I-Pass/EZ-Pas/Smart Tag toll systems
• Credit Cards
• Access Control
• Passports
• Library books
• Hospital and Health Centers
• Money - Yen and Euro banknoter anti-counterfeiting
  
• Animal Tracking - and Human???

10
The consumer privacy problem
Heres Mr. BOB in 2015
11
the tracking problem
Wig serial A817TS8

• Mr. Bob pays with a credit card - his RFID tags
  now linked to his identity determines level of
  customer service
• Mr. Bob attends a political rally - law
  enforcement scans his RFID tags
• Mr. Jones wins Award - physically tracked by
  paparazzi via RFID
• Read ranges of a tag
• Nominal Range Range intend to operate
• Rogue Scanning Range Powerful antenna amplifies
  the read range
• Tag-To-Reader Eavesdropping range A second
  reader can monitor the resulting tag emission
• Reader-to-Tag eavesdropping range - Sometimes
  the reder send information with a greater power
  than the tags.

12
WMATA Smart Trip RFID
13
and the authentication problem
Wig serial A817TS8

• Privacy Misbehaving readers harvesting
  information from well-behaving tags
• Authentication Well-behaving readers harvesting
  information from misbehaving tags, particularly
  counterfeit ones

14
Basic RFID tags Vs. Symmetric Key tags

• Cannot
• Execute standards cryptographic operations
• Strong Pseudorandom number generation
• Hashing
• Low-cost tags
• EPC tags
• Used in most gates

15
Privacy

• Killing and Sleeping
• Re-naming approach
• Relabeling
• Minimalist cryptography
• Encryption
• The proxy approach
• Watchdog Tag
• RFID Guardian
• Distance Measurement
• Blocking
• Soft-blocking
• Trusted Computing

16
Returning to basic issue of privacyKill codes

• EPC tags have a kill function
• On receiving password, tag self-destructs
• Tag is permanently inoperative
• No post-purchase benefits
• Developed for EPC to protect consumers after
  point of sale
• Dead tags tell no tales
• Privacy is preserve
• Why not sleep them?
• Would be difficult to manage in practice Users
  might have to manage her PIN for her tags

17
Privacy (Cont 2)

• Re-naming approach
• Even if the tag has no intrinsic meaning it can
  still enable tracking (Solution Change over
  time)
• Relabeling
• Consumer are equipped to re-label tags with new
  identifier, but able to reactive old information
• Minimalist cryptography
• Change names each time is interrogated
• Encryption
• Re-Encryption
• Public Key cryptosystem
• Periodically re-encrypted by law enforcement
• Universal Re-encryption

18
Privacy (Cont 3)

• The proxy approach
• Watchdog Tag
• RFID Guardian

19
So what might solve our problems?

• Higher-powered intermediaries like mobile phones
• RFID Guardian and RFID REP (RFID Enhancer Proxy)

20
Privacy (Cont 4)

• Distance Measurement
• Distance as a measure of trust
• A tag might release general information Im
  attached to a bottle of water when scanned at a
  distance, but release more specific information,
  like unique identifier at a close range.

21
Privacy (Cont 5)

• Blocking
• Scheme depends on the incorporation of a
  modifiable bit called a privacy bit
• It uses a blocking tag which prevents unwanted
  scanning of tag on a private zone
• Soft-blocking -On the reader Do not scan tags
  whose privacy is on
• Trusted Computing

22
Authentication

• ECP tags Class-1 Gen-2 have no explicit
  anti-counterfeiting features
• Yoking Is a protocol that provides cryptographic
  proof that 2 tags have been scanned
  simultaneously to try to solve that the reader
  actually reads what is trying to scan.

23
Symmetric-Key Tags (capable of computing
symmetric key)

• Cloning
• With a simple challenge-response protocol a tag
  T, can authenticate itself to a reader that
  shares the key Ki
• The tag transmit Ti
• The reader generates a random bit string R
• The tag computes Hh(Ki,R) and transmits H
• The reader verifies H h(Ki,R)
• Digital Signature Transponders ( created by Texas
  Instrument and used by Speedpass)
• Based on the secrecy of the algorithm Security
  through obscurity was crack by student at Johns
  Hopkins
• Reverse-Engineering
• Key cracking
• Simulation
• Reverse - Engineering and side channels
• Relay Attacks
• Man-in-the-middle attacks can bypass any
  cryptographic protocol

24
Privacy

• Symmetric-Key Management Problem
• Leads to a paradox
• A tag identifies itself before authenticating the
  readers
• The tag emits it identifier Ti
• So the reader can learn the identity of the tag
• Privacy unachievable
• Tag emits where P is a input
  value
• Once receiving E, the reader searches all the
  spaces of tags keys, trying to decrypt E under
  every key K until its obtains P (The reader has
  all the tags key on it)

25
Privacy

• Literature
• Tree approach
• Proposed approach where a tag contains more than
  one symmetric key in a hierarchical structure
  define by a tree S.
• Every node has a unique key
• Each tag is assigned to a unique leaf
• It contains the key defined by the path from the
  root S to the leaf
• Can be useful for
• A tag holder can transfer ownership of an RFID
  tag to another party, while history remains
  private
• A centralized authority with full tag information
  can provision readers to scan particular tags
  over limited windows time
• Synchronization approach
• Symmetric-key primitive
• The European network for excellence in
  cryptographic is evaluating 21 candidates stream
  ciphers

26
So what might solve our problems?

• Cryptography!
• Urgent need for cheaper hardware for primitives
  and better side-channel defenses
• Some of talk really in outer limits, but basic
  caveats are important
• Pressure to build a smaller, cheaper tags without
  cryptography
• RFID tags are close and personal, giving privacy
  a special dimension
• RFID tags change ownership frequently
• Key management will be a major problem
• Think for a moment after this talk about
  distribution of kill passwords
• Are you ready for the Verichip?

27
RFDI News

• RFID Passports cracked - http//blog.wired.com/ste
  rling/2006/11/arphid_watch_fi.html
• Can Aluminum Shield RFID Chips? -
  http//www.rfid-shield.com/info_doesitwork.php
• RFID chips can carry viruses - http//arstechnica.
  com/news.ars/post/20060315-6386.html
• Nightclub allows entry by RFID -
  http//www.prisonplanet.com/articles/april2004/040
  704bajabeachclub.htm
• Demo Cloning a Verichip - http//cq.cx/verichip.p
  l