Presentation is loading. Please wait.

Presentation is loading. Please wait.

Defence Research and Development Canada Recherche et développement pour la défense Canada Canada RFID Security and Privacy  Issues and Countermeasures.

Similar presentations


Presentation on theme: "Defence Research and Development Canada Recherche et développement pour la défense Canada Canada RFID Security and Privacy  Issues and Countermeasures."— Presentation transcript:

1 Defence Research and Development Canada Recherche et développement pour la défense Canada Canada RFID Security and Privacy  Issues and Countermeasures Dr. Qinghan Xiao Defence R&D Canada – Ottawa November 13, 2009

2 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Deference R&D Canada Defense R&D Canada is an agency of the Canadian Department of National Defense responding to the scientific and technological needs of the Canadian Forces The agency is made up of seven research centres located across Canada

3 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Network Information Operations Section Attack Detection and Analysis –Situational awareness of the information technology infrastructure –Network traffic analysis Secure Mobile Networking –Secure Ad-hoc Peer-to-Peer Networking –Secure Wireless LANs Information Protection and Assurance –Secure access control capability –Biometrics –RFID

4 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Outline Overview of Security Risks with RFID –Three areas of concern RFID Vulnerabilities –Unauthorized reading/writing, trigger device, etc. Type of Attacks –Reverse engineering, eavesdropping, etc. Privacy Issues –Tracking and tracing, profile a person’s habits, etc. Countermeasures –Authentication, encryption, etc.

5 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Contactless Technologies RFID ClassDescriptionApplications Memory Types Range Proprietary (125kHz)Basic RFID Passive Access, InventoryROM, EPROM~ 1 meter EPC Global/ISO18000 (900MHz – 2.45GHz) Basic RFID Passive Tolling, Inventory ROM, EPROM~ 10 meters ISO/IEC (13.56MHz) Smart Label Passive Access, Inventory, Electronic Ticketing ROM, RAM, EEPROM, FRAM ~ 1 meter ISO/IEC14443 A/B (13.56MHz) Microcontroller Passive Access, PaymentROM, RAM, EEPROM, FRAM ~ 10 cm Active RFID (303Mhz – 2400MHz) Microcontroller Active Inventory, TollingROM, RAM, EEPROM ~ 100 meters +

6 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Security Risks with RFID Information Attacks (malicious virus introduction) Network-Based Risks are related to traditional network security risks need to be addressed by the IA community Tag cloning risks become important as the government and companies increasingly take the advantage of automatic identification technologies Attack risks introduced by adopting RFID technology Networked Reader Attacks RFID-Induced Network Risks Monitoring the Air Interface Data Integrity on the Tag (encryption of data on tags) Blocking Access to Tags Permanently Disabling Tags (kill tags) System Interface (Hospital) RF Saturation and Jamming Targeting (Trigger device) Tracking RFID Security Risks

7 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa High Level Security Vulnerabilities 1.Unauthorized Reading of Tag Data 2.Unauthorized Writing of Tag Data 3.Insertion of Rogue/Counterfeit Tags 4.Tag Destruction/Disabling 5.Degradation of Tag Data Collection 6.Electromagnetic Interference from RFID Tags 7.Tags Leak Electronic Information 8.RFID Reader as a Platform for Attack 9.RFID Tag used as a Trigger Device 10.Destructive Electromagnetic Emission

8 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa RFID Security ‘The Dark Side’ Reference [1]

9 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa The Dark Side RFDUMP — is a tool that allows you to not only read RFID tags within range, but more worryingly, you can actually change and alter the data stored in the RFID tag Spectrum Interference — not only degrades the read range between a reader and an object, but also corrupts data packets being sent back and forth RFID Washer — finds RFID tags and “electronically washes” it RFID Blocking System — is originally developed to protect user privacy. For example, RSA Blocker Tag is a specially designed RFID tag build into shopping bags that launches a denial-of-service attack to prevent RFID readers from reading any tags that might be attached to items in the bag Tag Hacking Systems — use different methods to defeat RFID based systems Example 1: RFDUMP has been demonstrated to change the book price, and even upload a hotel room key card data to the price chip on a box of cream cheese from the Future Store in Germany Example 2: The Johns Hopkins lab has successfully performed a “brute-force” attack on TI’s RFID cipher in only 30 minutes

10 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Attack Points Denial of service Transmission attack Reverse engineering Power attack Deliver virus to compromise middleware and backend systems

11 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Type of Attacks on RFID Tags Internal Attacks Direct physical attacks Reverse engineering Physical modification Direct data observation Information Leakage Power analysis Electromagnetic analysis Device Malfunction Operational range and sensor range Fault Injection Voltage manipulation Optical fault injection Software Attacks Viruses Trojan horses Eavesdropping Wireless transmission Monitoring of reader Device Destruction Physical destruction EM destruction

12 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa RFID Threat Categories System security is compromised Make the tags not detectable by reader Denial of Service DoS Unauthorised killing of tag Jamming/shielding Gather Mimic Skimming Eavesdropping Data tampering Eavesdropping Spoofing Cloning Malicious code ? ? Tag Reader Reference [2]

13 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa RFID Physical Elements Logic Bonding PadsRF Front EndMemory Reference [3]

14 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Reverse Engineering Reverse engineering is the process of taking something apart to discover how it works Reverse engineering an integrated circuit can be rated as three different levels: –Level I: A knowledgeable individual with low cost and easily available tools to analyze end user products such as phone cards, debit cards and set top boxes –Level II: A highly knowledgeable individual (often with inside knowledge) with access to expensive lab equipment –Level III: A government backed lab with unlimited resources

15 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa An Example of Reverse Engineering — Circuit Images Reference [4]

16 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Reverse Engineer Circuit Reference [4]

17 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Logic Gates Reference [3]

18 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Countermeasures A FIPS standard refers to chip coatings as an anti-reverse engineering method to prevent attacks Various tamper proof techniques have been developed to defend against reverse engineering attacks –For instance, by adding a tamper-release layer to RFID tags, operations personnel can be alerted if a tag has been tampered with

19 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Information Leakage All electronic devices ‘leak’ information through side channels such as power consumption or Electromagnetic emissions Monitoring these side channels and performing differential analysis can reveal sensitive information Power analysis is a form of side-channel attack that is intended to retrieve information by analyzing changes in the power consumption of a device

20 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Power Analysis Power consumption signal Hamming weight W 1 = 7 W 2 = 5 W 3 = 4 W 4 = 4 … … It has been proven that the power emission patterns are different when the card received correct and incorrect password bits or cryptographic keys

21 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Fault Injection By introducing a fault, most likely a voltage pulse, it is possible to cause the device to malfunction in an undesirable way Faults can cause devices to dump memory contents or jump over security features Fault injection is a very powerful attack if correct fault parameters are discovered The method can be also used to exploit any number of vulnerabilities

22 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Countermeasures The common methods used to defeat power analysis attacks are filtering or adding an element of randomness –Filtering power signals or delaying the computation randomly can increase the difficulty for the attacker to identify the power consumption patterns Another method implemented in some smart card designs is adding an element that simply consumes a random amount of power –Unfortunately, this approach may cause a problem for RFID systems where minimizing power consumption is a priority

23 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Device Destruction Physical destruction or disabling of the device –Cut antennae from chip, disable in microwave –Passive RFID tags can be destroyed in a high electric field –RFID-Zapper is an easy-to-build electronic device that can permanently deactivate passive RFID tags

24 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Software Attacks Types of software attack include: –Virus: can steal data and damage RFID system –Trojan Horse: can allow someone to take control of the RFID system Software attack is not very applicable to a basic RFID tag. but focuses more on systems or higher functioning mobile devices

25 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa The World's First Virally-Infected RFID Tag  Vrije Universiteit Amsterdam Reference [5]

26 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Eavesdropping Forward range Backward range Reader Eavesdropper

27 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Passive Eavesdropping Listen to communication between a tag and reader Works when the tag is already being powered by a legitimate reader Performed by a third party in either the operating range, backward channel eavesdropping range or the forward channel eaves dropping range

28 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Active Eavesdropping (Scanning) Power the tag and analyze the response This can be performed at an extended read range

29 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Eavesdropping is Simple but Efficient Credit Cards –Reported cases of personal information sent in the clear e-Passports –Some issues surrounding the entropy of the key Travel/Ticketing –Mifare Classic Crypto-1 reverse engineered Access Control –When using simple IDs or minimal crypto

30 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Countermeasures Countermeasures against eavesdropping include establishing a secure channel and/or encrypting the communication between tag and reader Another approach is to only write the tag with enough information to identify the object –The identity is used to look up relevant information about the object in a back end database, thus requiring the attacker to have access to both the tag and the database to succeed in the attack

31 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Man-in-the-Middle Attack Message

32 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Message Alice Sends Message to Bob Reference [6] AliceBob Eve

33 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Eve Eavesdropped the Message AliceBob Message Eve Eavesdropping

34 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Eve Interrupts the Communication Path and Manipulate the Information AliceBob Message Eve Eavesdropping Disturb

35 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Countermeasures Several technologies can be implemented to reduce MITM threats –Encrypting communications –Sending information through a secure channel –Providing an authentication protocol

36 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Relay Attack Wireless communication No link between authenticating object (tag) and service receiver (tag holder)‏ –Attacker A initiates service –Attacker A relays queries to tag to attacker B –Attacker B sends queries to victim’s tag –Attacker B relays answers back to attacker A –Attacker A answers queries Reference [7] ? ! ! ? ? !

37 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Replay Attack Intercept communication between a reader and a tag to capture a valid RFID signal At a later time, the recorded signal is re- played into the system when the attacker receives a query from the reader Since the data appears valid, it will be accepted by the system

38 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Countermeasures The most popular solution is the use of a challenge and response mechanism to prevent replay attacks Time-based and counter-based schemes can also be used as countermeasures against replay attacks

39 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Cloning Cloning is defined as duplicating the data of one tag to another tag Data acquired from a tag, by whatever means, is written to an equivalent tag Normally only digital properties (e.g. EPC, transponder ID number, PIN code, secret keys etc.) are considered This tag is then used to simulate the identity of the original tag

40 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Countermeasures Cloning Resistance is the property of a tag that defines the amount of effort that has to be expended in order to clone the tag. It can consist of a combination of logical obstacles (e.g. breaking of an encrypted message) and physical obstacles (e.g. reading a certain part of the tag memory) Tags can be made hard to clone by using read protected memories or factory programmed unique transponder ID numbers

41 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa A Prox-card Cloner

42 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Tracking Attack Tracking the movement of the people Monitoring and profiling people’s belongings Used for identification –Attacker can recognize people based on the RFID tags they are carrying –Attacker could trace RFID enabled packages

43 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Tracking People via Their Objects Reference [8]

44 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Countermeasures An easy method to disable tracking is to deactivate the RFID tags, which is known as “killing” the tag Blocker Tag –Cover RFID tags with protective mesh or foil Clipper Tag –Allow consumers to tear off the antenna of an RFID tag

45 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Cracking Crypto-enabled RFID Reverse engineering: The encryption algorithm can be reverse engineered through flawed authentication attempts by sending RFID devices carefully chosen electronic queries and recording the responses of the devices Post-processing: Analyze the response information to get clues as to what is happening inside the microchip, and therefore makes it possible to reconstruct the encryption algorithm Key cracking: Once the algorithm is known, the keys can be figured out by brute force attack, i.e. simply trying all possible keys Simulation: After obtaining the key (and serial number), it is possible to create a clone tag

46 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Supply Chain vs. Passport RFID Supply Chain RFID –simple –cheap –no support for cryptography –single identifier (kill command-render tag inoperable) –range read ≥ 1 meter Passport RFID –tamper resistance –Cryptography –shorter intended read range

47 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa UK ePassport The cover of the ePassport looks only slightly different This chip will be put on the back of the personal information page It will hold the scan of the holder’s facial features embedded in the chip

48 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Is Passport Card Secure? The first video created by Chris Paget demonstrates how to use a low-cost mobile device to read and clone RFID tags embedded in United States passport cards and enhanced drivers' licenses The second video is a story by David Reid for BBC World showing how to clone Europe's new “secure” e-passport

49 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Trigger Attack Trigger attack can be carried out by sensing the presence of RFID device It is not about the identity theft, but the possibility of using RFID as trigger of weapons/explosives Reference [9]

50 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Protest at Texas Wal-Mart Photo by Bill Bryant

51 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Privacy Diamond Reference [10]

52 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Tracking and Tracing Reference [8]

53 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Major Threats to Privacy through RFID Unauthorized readout of one’s belongings by others Tracking people via their objects over time Retrieving social networks Individual profiling

54 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa A Technical Perspective Tag interpretation Immediate response RFID technology Reference [11]

55 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Tag interpretation Data accumulation Delayed response Database technology A Technical Perspective (cont.)

56 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Data mining / data sharing A Technical Perspective (cont.) Tag interpretation Data accumulation Shared databases Response may be out of context

57 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa A Data Protection Perspective Tag interpretation Doesn’t necessarily involve personal data… … though it may trigger the creation of personal data… … and there might be other privacy implications as well.

58 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa A Data Protection Perspective (cont.) Tag interpretation Data accumulation Identifier Personal data

59 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa A Data Protection Perspective (cont.) Tag interpretation Data accumulation Data mining / data sharing Identifier Personal data

60 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa An “Application” Perspective Tag interpretation

61 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa An “Application” Perspective (cont.) Tag interpretation

62 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa An “Application” Perspective (cont.) Tag interpretation …card-carrying communist… …works at animal testing lab… …expensive watch… … ‘gold’ credit card… Profiling based on combination of tags… … combination of tags may identify the individual… … and some tags might say the darndest things.

63 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Countermeasures: Faraday Cage RFID Shield Reference [12] Tin Foil Cloth

64 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Threat-Countermeasure Mapping Reverse Engineering Power Analysis Eavesdropping Man-in-the-Middle Cloning Unauthorized Reading Unauthorized writing/modification Jamming Transmitters Spoofing Reply Virus Tracking Misuse Kill Command Blocking tag Bounds Checking & Parameter Binding Detaching Tag from Tagged Item Optical Tamper Sensor Chip Coating Randomization Encryption Authentication Recognizing Duplicates Install Field Detectors Use Read-only Tags Frequency Division/Hopping Shift Data to the Backend Challenge and Response Kill Function Alarm Function for Active Tags Mechanical Connection Can be detected, but no countermeasure method

65 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Authentication/Authorization Using Secrets Who are you? ID=# Prove it by encrypting r Generate random number r Compute x=E K (r) x Check x=E K (r) Reference [4]

66 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Encryption E is an encryption function: algorithm for scrambling bits in a way that depends on K K is a secret key shared between card and reader (backend database) x = E K (r)

67 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Encryption as A Solution If all of the keys are different, how are they managed? Reference [13]

68 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Encryption as A Solution (cont.) If all of the keys are the same, how is it protected? Reference [13]

69 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa NIST Guidelines on RFID Security NIST SP800-98: Guidelines for Securing Radio Frequency Identification Systems Goals and Objectives: –Assist organizations in understanding RFID security risks and what security controls can help mitigate those risks –Provide real world guidance on how to initiate, design, implement, and operate RFID systems that mitigate risks – Provide security controls that are currently available on today’s market –The document does not address the advanced authentication and cryptographic features that are incorporated in many smart card RFID systems Reference [14]

70 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa RFID Guardian A mobile battery-powered device that offers personal RFID security and privacy management The goals of the project are to: –Investigate the security and privacy threats faced by RFID systems –Design and implement real solutions against these threats –Investigate the associated technological and legal issues

71 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Building Security into RFID Consumer Device Reader RFID Hash Function Shared secret Last date stamp Response: Hash (RK + SS + DT) Date stamp as nonce : DT One-time-pad shield: RK + Hash (DT + SS) Validation: Hash (RK + SS) Reference [9]

72 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Building Security into RFID (cont.) Each RFID holds multiple digital keys (typically 3-5) RFID have multiple modes determining response type to a request Consumer control new OWNER key (used for Privacy Mode) Manufacturer keep Authenticity Key for verifying originality etc. Using group keys to narrow in on context – dynamically customised Each key can be verified transparently without leaking identifiers

73 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Advantages Full virtualisation of both verifier and RFID –RFID can operate without leaking information Consumer get control at purchase Strong anti-counterfeit even post-purchase Can maintain business confidentiality Solving “RFID as trigger” problem

74 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Evaluating Security Risks To assess the risk of security threats, the Open Web Application Security Project (OWASP) identifies other factors to security threat levels that include: –Damage Potential –Reproducibility –Exploitability –Affected users and –Discoverability (DREAD) Although the DREAD model is targeted towards software security threats, it can be applicable for RFID security. Reference [2]

75 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa The DREAD Model For instance, the definition of RFID DREAD model is: Damage Potential: How much damage will be caused if a threat occurs? Reproducibility: How easy is it to reproduce the threat exploit? Exploitability: What is needed to exploit this threat? Affected Users: How many users will be adversely affected? Discoverability: How easy is it to discover this threat?

76 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Risk Evaluation Algorithm The risk evaluation algorithm of DREAD model is defined as: Risk DREAD = (D + R + E + A + D) / 5 and is used to compute a risk value, which is an average of all five categories

77 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa A Few Concluding Points RFID is a technology, not a specific device Security and privacy are subtle and application dependent Security challenge often a function not of on-board security features Security and privacy are important issues in RFID applications – :  About 35 papers  Mostly on privacy – :  About 350 papers  Ad-hoc privacy, Tag-Reader communication, Lightweight authentication protocol, etc.

78 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa References [1] Mark Norton, “RFID Security Issues”, Wireless/RFID Conference, Feb. 27-March 1, [2] Jin Soon Tan, Tieyan Li, “RFID Security”, The Synthesis Journal 2008, Pages , published by Information Technology Standards Committee (ITSC), Singapore. Nov [3] G. MacGillivray and C. Sheehan, “RFID security”, Semiconductor Insights, RFID Security Issues Briefing to CANOSCOM, July 27, [4] David Evans, “What Every Computer Scientist Should Know About Security”, University of Virginia [5] M.R. Rieback, B. Crispo, and A.S. Tanenbaum, “Is Your Cat Infected with a Computer Virus?,” Proc. 4 th Ann. IEEE Int’l Conf. Pervasive Computing and Comm., IEEE CS Press, 2006, pp. 169–179.

79 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa References (cont.) [6] Ernst Haselsteiner and Klemens Breitfuss, “Security in Near Field Communication: Strengths and Weaknesses”, RFIDSec 06, July 13, [7] Peter van Rossum, “Mifare Classic Troubles”, Invited Talks at the RFIDSec09, June 30 - July 2, 2009, Leuven. [8] Sarah Spiekermann, “A Privacy Impact Assement for RFID - A Proposal”, RFIDSec09, June 30 - July 2, 2009, Leuven. [9] K. Mahaffey, “RFID Passport Shield Failure Demo – Flexilis”, [10] Stephan J. Engberg, “The Changing Security Paradigm from Central Command & Control to Distributed Dependability & Empowerment”, at EU From RFID to the Internet of Things, Mar 6, 2006.

80 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa References (cont.) [11] “ RFID and Privacy”, Lorentz Center, March [12] David Evans, “Feasible Privacy for Lightweight RFID Systems”, SPAR Seminar, Johns Hopkins University, 17 October 2007 [13] Simson Garfinkel, “RFID Security and Privacy”, October 5, 2005, [14] Ajit Jillavenkatesa, “NIST, RFID Standards and Interoperability”, GRIFS Forum Meeting, June 30, 2009.

81 Thank you very much for your attention. Mike Meranda, President of EPCglobal US: “You learn by doing, even though the technology is not perfect.”

82 Defence R&D Canada – Ottawa R & D pour la défense Canada – Ottawa Common RFID Attacks - Summary No clock, weak randomness – replay attacks Low computational capacity –cryptanalytic attacks Attacker controls tag –side-channel attacks Wireless –relay attacks Used for identification – tracing attacks


Download ppt "Defence Research and Development Canada Recherche et développement pour la défense Canada Canada RFID Security and Privacy  Issues and Countermeasures."

Similar presentations


Ads by Google