Jaap-Henk Hoepman Security of Systems (SoS) group Institute for Computing and Information Sciences Radboud University Nijmegen, the Netherlands

Slides:



Advertisements
Similar presentations
SMUCSE 7349 RFID Security. SMUCSE 7349 Current Applications Logistics –Military supply logistics Gulf War I: Double orders to ensure arrival Gulf War.
Advertisements

Jaap-Henk Hoepman TNO ICT, Groningen, the Netherlands  Digital Security (DS) Radboud University Nijmegen, the Netherlands 
RFID Group Progress Leader: Muhammad Salman Younas Team: Jawad Khalil Sheikh Saad Al-Shaalan Muhammad Al-Khamees.
McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Chapter 16 Integrating Wireless Technology in business.
NFC Devices: Security and Privacy
e-Solutions for Access Control, CCTV, Attendance Monitoring, Personal Identification, Building Management and Fire Detection SECURITY & SAFETY IS ONE.
Timo Kasper Crete, Greece May 10, 2007 An Embedded System for Practical Security Analysis of Contactless Smartcards Timo Kasper, Dario Carluccio and Christof.
Yossef Oren, Dvir Schirman, and Avishai Wool: Tel Aviv University ESORICS 2013.
Security for RFID Department of Information Management, ChaoYang University of Technology. Speaker : Che-Hao Chen ( 陳哲豪 ) Date:2006/01/18.
1 Remote Power Analysis of RFID Tags Joint work with Adi Shamir yossi.oren[at]weizmann.ac.il 28/Aug/06.
RFID Radio Frequency IDentification By Özcan Tunalılar 27 th March 2008.
Lesson Title: Threats to and by an RFID system Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
EMBEDDED RFID IN PRODUCT IDENTIFICATION Tommi Kallonen Jari Porras Lappeenranta University of Technology.
J.J. Faxon Andy Vu Dustin Beck Jessica Bentz Mandi Ellis
RFID Chris Harris Carey Mears Rebecca Silvers Alex Carper.
Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.
#1 Privacy in pervasive computing What can technologists do? David Wagner U.C. Berkeley In collaboration with David Molnar, Andrea Soppera, Ari Juels.
Presentation for CS 5910 – Network Security UCCS, Fall Semester 2010 Presented by Robin Kimzey & George Mudrak 1.
RFID Security & Privacy Matt Hansen University of Illinois Fall 2007.
RFID Technologies Master seminar : Tangible User Interfaces Bruno Dumas – DIVA Group University of Fribourg
RFID in Mobile Commerce and Security Concerns Chassica Braynen April 25, 2007.
Abstract Radio-frequency identification (RFID) is an emerging technology, which promises to advance the modern industrial practices in object identification.
Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science.
David Molnar, David Wagner - Authors Eric McCambridge - Presenter.
 A device that has the ability to read or identify a product or an object  Mainly tracks and identifies objects  Used for security and identification,
1 Fall 2007RFID – Technical Issues RFID Technical Issues Operations & Decision Technologies Department Kelley School of Business Indiana University.
RFID – An Introduction Murari Raghavan UNC-Charlotte.
Developing RFID Application In Supply Chain
Be careful, a spy is following you!. 2 Outline – Overview Introduction - What is RFID ? Radio frequency spectrum How does RFID work ? Technical contraints.
Khanh Huynh Project Leader Dat Tu Systems Analyst Sandy Fung Team Representative Patrick de Leon Lead Programmer Ching Fei Chan Documentation Specialist.
1 Ch. 17: Security of RFID slide 1. 2 Roles of RFID applications slide 2 TagsReaderServer(Database) Secure channel Slides modified from presentation by.
Wireless# Guide to Wireless Communications
Jörn-Marc Schmidt Social Networks Computer / Notebook Localization Smart Phone Identification Tracking ??? RFID Social Networks.
- 1 - RFID Security and Privacy: A Research Survey Ari Juels RSA Laboratories IEEE Journal on Selected Areas in Communication (J-SAC) in 2006 Taesung Kim.
EPCglobal Training Suite
McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved BUSINESS PLUG-IN B21 Mobile Technology.
RFID Payment Terminal Presented by: Rohit Kale. Introduction RFID: an automatic identification method, relying on storing and remotely retrieving data.
1 RFID Technology and Threat Modeling Presented by: Neeraj Chaudhry University of Arkansas.
RFID Technology: When innovation brings along data protection challenges Eleni Kosta ICRI – K.U.Leuven.
University of Pennsylvania Electrical and Systems Engineering Department ABSTRACT: The last decade has seen the expansion of computer usage from scientific.
RFID Privacy: An Overview of Problems and Proposed Solutions Maxim Kharlamov (mkha130, #13) S. Garfinkel, A. Juels, R. Pappu, “RFID Privacy: An Overview.
RFID Radio Frequency Identification By Lakshmi VS Pranav Pandit.
CS3900 Richard Emerson1 Radio Frequency ID Tags Smart labels that send/receive data via radio waves Usually works like a barcode – contains a product code.
Security Issues and Strategies Chapter 8 – Computers: Understanding Technology (Third edition)
1 Introduction to Malcode, DoS Attack, Traceback, RFID Security Cliff C. Zou 03/02/06.
Qinghan Xiao, Cam Boulet and Thomas Gibbons Second International Conference on Availability, Reliability and Security, 2007 Speaker : 黃韋綸 RFID Security.
Chapter 10 Electronic Commerce. E-commerce is the buying and selling of products and services electronically over the Internet.
RFID SECURITY.
Computer Science Department of University of Virginia  Voltage on a tag Radio Frequency Identification Systems New Ideas and Algorithms Introduction to.
Data Security in RFID Security is when everything is settled. When nothing can happen to you, Security is the denial of life. - Germaine Greer Presented.
IDENTITY NUMBERS BY A.M.VILLAVAN M.TECH(COS). RFID Acronymn: Radio Frequency Identification Device RFID is a technology, whose origins are found in the.
Prof. Alfred J Bird, Ph.D., NBCT Office – Science 3rd floor – S Office Hours – Monday and Thursday.
RFID Mike Treon CPSC 310. What is RFID? Radio Frequency Identification Wireless link to transmit data and collect stored information. (EPC) Allows for.
Wireless security. Submitted To: Er. S.K. Soni [Dy. Head,CSE] Submitted By: Gurjeet Barar CSE Branch IV Year(VII sem) A-2 Batch JODHPUR INSTITUTE OF ENGINEERING.
RADIO FREQUENCY IDENTIFICATION TECHNOLOGY. By Twesige Richard.
Regulation models addressing data protection issues in the EU concerning RFID technology Ioannis Iglezakis Assistant Professor in Computers & Law Faculty.
Jaap-Henk Hoepman Security of Systems (SoS) Radboud University Nijmegen The Netherlands Jaap-Henk Hoepman TNO Information.
English for Advance Learners I
Integrating Wireless Technology in business
PARKING AUTOMATION SYSTEM
RADIO FREQUENCY IDENTIFICATION
SOLUTION LAND TITLES.
Who Uses Encryption? Module 7 Section 3.
SOLUTION DOCUMENTS.
Abstract Radio-frequency identification (RFID) is an emerging technology, which promises to advance the modern industrial practices in object identification.
SOLUTION ID CARDS AND DRIVER’S LICENSES
Security and Privacy in Pervasive/Ubiquitous Computing Systems
Mobile Computing Lecture Materials By Bintang Eka Putera.
IOT Technologies: Radio Frequency Identification (RFID)
Presentation transcript:

Jaap-Henk Hoepman Security of Systems (SoS) group Institute for Computing and Information Sciences Radboud University Nijmegen, the Netherlands Calling All Things RFID technology, its impact and our challenges

J.H. Hoepman Calling All Things: RFID 2 ContentsContents  How it works (Hardware)  What it can do (Applications)  How it affects us (Societal issues)  How to control it (Countermeasures)

J.H. Hoepman Calling All Things: RFID 3 I How it works

J.H. Hoepman Calling All Things: RFID 4 A typical RFID system  Transponder/tag  active / passive  1 bit – 64 kB (EEPROM/SRAM)  controller / CPU  read-only / read- write  Reader  LF / UHF  Communication range  Coupling  Backoffice  Databases  Datamining

J.H. Hoepman Calling All Things: RFID 5 RFID tags

J.H. Hoepman Calling All Things: RFID 6 RFID readers

J.H. Hoepman Calling All Things: RFID 7 Primary classifiers  Active / passive  LF / HF / UHF / micro  Read-only / read-write  State-machine / CPU  n-bit / 1-bit

J.H. Hoepman Calling All Things: RFID 8 Reading distance (1)  Design range  Close-coupling (0 – 1 cm)  Proximity coupling (7 – 15 cm)  Vicinity/Remote-coupling (0 – 1 m)  Long range (> 1m)  Eavesdropping range  Maximum reading range

J.H. Hoepman Calling All Things: RFID 9 Reading distance (2) LFHFUHFSHF 125 kHz MHz MHz 2.4 / 5.7 GHz Ca 1 m1,5 – 2 m4 – 8 m20 m Good penetration through objects Limited by power consumption of controller/CPU on tag Longer for active tags

J.H. Hoepman Calling All Things: RFID 10 CommunicationCommunication  Principle (load modulation)  Collision avoidance  Prefixes of ID Tag-to- reader eavesdropping hard

J.H. Hoepman Calling All Things: RFID 11 II What it can do

J.H. Hoepman Calling All Things: RFID 12 We now face the imminent expansion of cyberspace into physical space in the form of ■ networked cameras, ■ biometric identification devices, ■ RFID tags on consumer goods, ■ and a wide variety of sensors.

J.H. Hoepman Calling All Things: RFID 13 ApplicationsApplications  Health care  Emergency services  Blindness (“The object in front is a …”)  Obsessive Compulsive Disorder (OCD )  Access control  “Who is inside?” Emergency information  Logistics / Supply chain  WalMart  Shopping  METRO store  PRADA “Mind that tree, Richard!

J.H. Hoepman Calling All Things: RFID 14 ApplicationsApplications  Travel/traffic  Passport   Hypertag (advertisement)  Tag on object; user (gsm) reads  Exploratorium, San Fransisco  Reader at object; user wears tag

J.H. Hoepman Calling All Things: RFID 15 Example: “What-is-this”  With RFID  Not only immovables (GPS) Including billboards  RFID (UphID) → URL  Conditional access “Sowing seeds” vs “1 UphID for all” 1 RFID = n UphID

J.H. Hoepman Calling All Things: RFID 16 Smart Dust…

J.H. Hoepman Calling All Things: RFID 17 III How it affects us

J.H. Hoepman Calling All Things: RFID 18 In a mediated environment –where everything is connected to everything - it is no longer clear what is being mediated, and what mediates.

J.H. Hoepman Calling All Things: RFID 19 Current RFID systems unsafe  No authentication  No friend/foe distinction  No access control  Rogue reader can link to tag  Rogue tag can mess up reader  No encryption  Eavesdropping possible (esp. reader)  Predictable responses  Traffic analysis, linkability  No GUI…  … and “distance” not enforced by tag

J.H. Hoepman Calling All Things: RFID 20 RFID Risks: Consumers  User profiling  Possible robbery target  Possible street-marketing target  Personalised loyalty/discounts  Refuse/grant access to shop/building Even for tags without serial no#  Loss of location privacy By tracking same user profile  Fake transactions / Identity theft

J.H. Hoepman Calling All Things: RFID 21 RFID Risks: Companies  Corporate espionage  Scanning competitors inventory (or customer base) Eavesdropping tags Querying tags  Unauthorised access Fake RFIDs  Derived/competing services  Using competitors installed base  Denial of service attacks  Supply chain failure Jamming signals Fake RFIDs

J.H. Hoepman Calling All Things: RFID 22 Aggregate data  Maybe too big to analyse/datamine….  …. but easily searched for 1 person time & space

J.H. Hoepman Calling All Things: RFID 23 IV How to control it

J.H. Hoepman Calling All Things: RFID 24 First ideas  “Kill” command  Blocker tag  Metal shielding  Many tags

J.H. Hoepman Calling All Things: RFID 25 Random identifier identifier h g to reader

J.H. Hoepman Calling All Things: RFID 26 Tracing banknotes (1)  Primary issues  Prevent tracing  Prevent “purse scanning”  Prevent counterfeiting  Trace money laundering

J.H. Hoepman Calling All Things: RFID 27 Tracing banknotes (2)

J.H. Hoepman Calling All Things: RFID 28 Biometric passport (1)  Primary issues  Prevent tracing  Prevent skimming Especially biometric data  Prevent counterfeiting

J.H. Hoepman Calling All Things: RFID 29 Biometric passport (2)

J.H. Hoepman Calling All Things: RFID 30

J.H. Hoepman Calling All Things: RFID 31 ResourcesResources  Klaus Finkenzeller “RFID-Handbook”, 2nd (3 rd ) ed, Wiley & Sons, ISBN:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.