1. Lesson Title: Tag Threats, Risks, and Mitigation Dale R. Thompson and Jia Di Computer Science and Computer Engineering Dept. University of Arkansas http://rfidsecurity.uark.edu 1 This material is based upon work supported by the National Science Foundation under Grant No. DUE-0736741. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation (NSF). Copyright © 2008, 2009 by Dale R. Thompson {d.r.thompson@ieee.org} and Jia Di {jdi@uark.edu}

2. Tag Layer http://rfidsecurity.uark.edu 2

3. Tag Threats STRIDE Category Threat Spoofing Identity - Tag counterfeiting/cloning - Tag emulation Tampering with data - Add, modify, rearrange or delete data Repudiation None Information disclosure - Probing tag - Side-channel attacks - Tracking - Tracing Denial of service - Shielding - Coupling Elevation of privilege None http://rfidsecurity.uark.edu 3

4. Tag Counterfeiting/Cloning (Spoofing Identity) http://rfidsecurity.uark.edu 4

5. Counterfeiting Mitigation Tag Authentication – Store secrets on the tag that can be verified – Secret keys, symmetric key and public key cryptography Physical unclonable functions (PUFs) Electronic fingerprint (E-Fingerprint) http://rfidsecurity.uark.edu 5

6. Tag Authentication Protocol (Challenge/Response) http://rfidsecurity.uark.edu 6

7. Physical Unclonable Function (PUF) A function that can be read but not copied – One is logic that has multiple race conditions PUF added to a tag General Steps – Enrollment Responses to several challenges are recorded. The responses are unique to this PUF – Verification Challenge PUF and determine if correct response http://rfidsecurity.uark.edu 7

8. E-Fingerprint Approach Identification becomes a function of what the device “is” instead of a secret it “knows.” http://rfidsecurity.uark.edu 8

9. Minimum power response at multiple frequencies (MPRMF) Five same-model tags from the same roll http://rfidsecurity.uark.edu 9

10. Tampering with Data Mitigation in Gen-2 Lock: make memory unreadable and unchangeable unless 32-bit password is provided Permalock: make memory unchangeable Tag identification (TID) memory: encodes chip manufacturer and model. Some have suggested putting a serial number in TID memory that cannot be changed to identify tag. http://rfidsecurity.uark.edu 10

11. Side-Channel Attacks (Information Disclosure threat) Secret information is leaked through an unexpected channel (side-channel) Safecracker listens to tumblers to open safe Attackers measure power and timing differences of tag to determine secret key – Circuits may use different amount of power when processing a data-1 or data-0 – A circuit’s timing delays may be different for data-1 or data-0. http://rfidsecurity.uark.edu 11

12. Side-Channel Attacks Power-based attacks (SPA, DPA, HO-DPA) Timing-based attacks Electromagnetic-based attacks Fault-injection attacks http://rfidsecurity.uark.edu 12

13. CMOS Circuit Power and Delay http://rfidsecurity.uark.edu13 Power consumption and timing delay are highly correlated to switching activities

14. Synchronous Circuit Power Fluctuation Simulation http://rfidsecurity.uark.edu 14 Boolean circuits are vulnerable to side-channel attacks

15. Power Side-Channel Mitigation Randomize power consumption – add noise to reader/tag  Use random initial point  Random power management  Random code injection De-correlate power consumption from internal data pattern being processed  New transistor-level gate designs (SABL, DyCML, SDDL, WDDL, etc.)  Current compensation  Execute both nominal and complementary data  Dual-rail asynchronous logic http://rfidsecurity.uark.edu 15

16. Balancing the Switching Activities between Two Rails Dual-spacer Dual-rail Delay-insensitive Logic (D 3 L) StateRail 1Rail 0 All-zero spacer00 DATA 001 DATA 110 All-one spacer11 http://rfidsecurity.uark.edu16 Rail 1 Rail 0 AZS DATA1AOSDATA0AZSDATA1

17. D3L vs NCL Simulations http://rfidsecurity.uark.edu 17

18. Contact Information Dale R. Thompson, Ph.D., P.E. Associate Professor Computer Science and Computer Engineering Dept. JBHT – CSCE 504 1 University of Arkansas Fayetteville, Arkansas 72701-1201 Phone: +1 (479) 575-5090 FAX: +1 (479) 575-5339 E-mail: d.r.thompson@ieee.org WWW: http://comp.uark.edu/~drt/ http://rfidsecurity.uark.edu 18

19. Copyright Notice, Acknowledgment, and Liability Release Copyright Notice – This material is Copyright © 2008, 2009 by Dale R. Thompson and Jia Di. It may be freely redistributed in its entirety provided that this copyright notice is not removed. It may not be sold for profit or incorporated in commercial documents without the written permission of the copyright holder. Acknowledgment – These materials were developed through a grant from the National Science Foundation at the University of Arkansas. Any opinions, findings, and recommendations or conclusions expressed in these materials are those of the author(s) and do not necessarily reflect those of the National Science Foundation or the University of Arkansas. Liability Release – The curriculum activities and lessons have been designed to be safe and engaging learning experiences and have been field-tested with university students. However, due to the numerous variables that exist, the author(s) does not assume any liability for the use of this product. These curriculum activities and lessons are provided as is without any express or implied warranty. The user is responsible and liable for following all stated and generally accepted safety guidelines and practices. http://rfidsecurity.uark.edu 19