RFID Security and Privacy
RFID Radio Frequency IDentification Warning: "RFID tag" can mean a lot of things
Most basic use: replacement of barcode wireless readout no alignment required passive tag - reader provides power through EM field tag contains only ID, no processor very cheap database of tag IDs and their meaning DB T-shirt ## FEEBDAED ##
Peggy Yorkshire Terrier Owner: J. Smith Peggy Yorkshire Terrier Owner: J. Smith Phone: …
What is needed for this? Small identifying tag –can be placed in an animal / object –very cheap –most basic form: almost no logic Contactless readout –reading device provides electromagnetic field –tag gets power from EM field –tag causes time-dependent impedance changes
At the other end of the spectrum: wireless smartcards processor optional: battery active transmitter, not just passive impedance ROM memory -keys -software RAM memory flash / EEPROM -sensitive data supports read & write operations password protection crypto
RFID vs. Traditional smart cards Similar: data on an electronic device Different: power supply and data exchange without galvanic contacts Different: limited power on the card side
Active tagsPassive tags PowerBatterySupplied by the reader Availability of power ContinuousOnly in field of reader Range~100mup to 3-5m, usually less Price>10 euroless than 10 cents Memory1-2Mb0.5-2Kb Size> 2cm*2cm> 0.05mm*0.05mm (without antenna) Active vs passive
Some examples Shanghai public transportation card Passports Dutch library reader’s pass Animal identification Stock identification Car keys Toll payment
Key holderClockPlastic card Nails Small boxLabelPlastic pinRoll of smart labels toys toys connected to PC
Is this an active or a passive tag?
Implications for security… No money/power for –public key crypto -tamper resistance / detection -tamper-resistant clock Multiple readers and millions of tags –tag collision, reader collision anti-collision protocols –synchronisation –lots of different keys Non-contact and non-line-of-sight –hard to physically impede the communication
Implications for privacy Internet Of Things will make this even worse
Implanting RFID in humans? Advantageous for –cancer patients undergoing chemotherapy; –people with pacemakers or other medical implants; –cognitive impairment due to epilepsy, diabetes, or Alzheimer’s disease; –emergency (allergy)… Your favourite drink at the bar?!
2004: The attorney general of Mexico and 18 of his staff had chips implanted to allow them to gain access to certain high-security areas. 2006: President of Colombia agreed to require Colombian citizens to be implanted with RFID chips before they could gain entry into the US for seasonal work. 2008: UK jails considering RFID implants for prisoners : OV Chipkaart security issues in the Netherlands. Security of car locks, wireless payment, etc Impact on society
Things that can go wrong (1) Illicit tracking of RFID tags
Things that can go wrong (2) Skimming (obtain secrets by eavesdropping)
Things that can go wrong (3) Tag cloning
Things that can go wrong (4) Cross contamination
Things that can go wrong (5) Tag killing
Things that can go wrong (6) Tags captured and secret info extracted (invasive and side channel attacks)
Things that can go wrong (7) Jamming Can also be selective
The Pandora's box of RFID Ethical issues Privacy Tracking Skimming Tag cloning Cross-contamination Tag killing Invasive attacks Jamming
Questions ?
Some sources… areas/rfid-privacy-and-security.htm And the “usual suspects”: – –
Suggested topics: choose three sub-topics Applications: banknotes e-Passports anti-counterfeiting public transport car keys Protocols HB + EC-RAC EMAP distance bounding... other protocols Various kinds of attacks & countermeasures Mifare hack RFID viruses / malware Cloning... other attacks Privacy enhancement (universal) re-encryption blocker tag formal privacy verification Crypto on RFID tags PUFs elliptic curves random number generators... other crypto