Introduction to RFID Security and Privacy Ari Juels Chief Scientist RSA, The Security Division of EMC RFIDSec 2011 Tutorial All slides © 2011, RSA Laboratories.

Slides:



Advertisements
Similar presentations
SMUCSE 7349 RFID Security. SMUCSE 7349 Current Applications Logistics –Military supply logistics Gulf War I: Double orders to ensure arrival Gulf War.
Advertisements

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
RFID: OPPORTUNITIES and CHALLENGES Yize Chen. History In 1969, Mario Cardullo presented a RFID business plan to investors. The application areas include:
NFC Devices: Security and Privacy
 Physical Logical Access  Physical and Logical Access  Total SSO and Password Automation  Disk/Data Encryption  Centralized management system  Biometric.
Fuzzy Vaults: Toward Secure Client-Side Matching Ari Juels RSA Laboratories 10th CACR Information Security Workshop 8 May 2002 LABORATORIES.
RFID and SECURITY All slides © 2008 RSA Laboratories.
The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy A. Juels, R. L. Rivest, and M. Szydlo 8th ACM Conference on Computer and Communications.
Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.
11/15/2003 Fishkin/Roy - MIT RFID Privacy Workshop1 Enhancing RFID Privacy via Antenna Energy Analysis Ken Fishkin: Intel Research Seattle Sumit Roy: U.
RFID: Security and Privacy for Five-Cent Computers Ari Juels Principal Research Scientist RSA Laboratories USENIX Security ¢5¢
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
High-Power Proxies for Enhancing RFID Privacy and Utility PETs Workshop June 1, 2005 Paul Syverson Naval Research Laboratory Joint work with Ari Juels,
FIT3105 Smart card based authentication and identity management Lecture 4.
RFID Security and Privacy A Research Survey Shruti Pathak CS 585 Spring ‘09.
Security in RFID Presented By… NetSecurity-Spring07
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Asmt. 10: ID chips in product Pro RFID chips in product Group 3. Team A Ivan Augustino Andres Crucitti.
#1 Privacy in pervasive computing What can technologists do? David Wagner U.C. Berkeley In collaboration with David Molnar, Andrea Soppera, Ari Juels.
RFID Cardinality Estimation with Blocker Tags
RFID Security & Privacy Matt Hansen University of Illinois Fall 2007.
CS 591 C3S C ryptography & S teganography S ecure S ystem By: Osama Khaleel.
Question 1: We are already using paper bags, do we need to start charging? Yes, a store can continue to make available the sale of a recycled paper bag.
RFID tagging Stephanie Allen, Gina Calcaterra, Michael Gray, Rahul Nair, Sumit Pahwa, Edward Robertson MGT 6772.
Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science.
David Molnar, David Wagner - Authors Eric McCambridge - Presenter.
 A device that has the ability to read or identify a product or an object  Mainly tracks and identifies objects  Used for security and identification,
Chapter 10: Authentication Guide to Computer Network Security.
Overview  What is RFID?  How to use it?  Relevant links  Future Trends  Bibliography.
Radio Frequency Identification By Bhagyesh Lodha Vinit Mahedia Vishnu Saran Mitesh Bhawsar.
RFID Tags: Privacy and Security without Cryptography Ari Juels RFID-Privacy Workshop at MIT 15 November 2003.
1 POP Method An Approach to Enhance the Security and Privacy of RFID Systems Used in Product Lifecycle with an Anonymous Ownership Transferring Mechanism.
Cosmos Security Feature Overview Product Planning Group Samsung IT Solutions Business 12 July 2010.
CS 736 A methodology for Analyzing the Performance of Authentication Protocol by Laseinde Olaoluwa Peter Department of Computer Science West Virginia.
1 Ch. 17: Security of RFID slide 1. 2 Roles of RFID applications slide 2 TagsReaderServer(Database) Secure channel Slides modified from presentation by.
A Survey on Secure Cloud Data Storage ZENG, Xi CAI, Peng
- 1 - RFID Security and Privacy: A Research Survey Ari Juels RSA Laboratories IEEE Journal on Selected Areas in Communication (J-SAC) in 2006 Taesung Kim.
1 Presented by July-2013, IIM Indore. 2  RFID = Radio Frequency IDentification.  RFID is ADC (Automated Data Collection) technology that:-  uses radio-frequency.
SixthSense RFID based Enterprise Intelligence Lenin Ravindranath, Venkat Padmanabhan Interns: Piyush Agrawal (IITK), SriKrishna (BITS Pilani)
EPCglobal Network Security: Research Challenges and Solutions Yingjiu Li Assistant Professor School of Information Systems Singapore Management University.
RFID Privacy Using User-controllable Uniqueness Sozo INOUE, Hiroto YASUURA System LSI Research Center, Grad. Sch. Information Science & Electrical Engineering,
RFID Security: In the Shoulder and on the Loading Dock Ari Juels RSA Laboratories Joint work with D. Boneh, E.-J. Goh, J. Halamka, A. Stubblefield, B.
Security Analysis of a Cryptographically- Enabled RFID Device Steve Bono, Matthew Green, Adam Stubblefield, Ari Juels, Avi Rubin, Michael Szydlo Usenix.
The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy Ari Juels, Ronald Rivest, and Michael Szydlo ACM CCS, October 2003 Presented by Himanshu.
Lecture 7 Page 1 CS 236, Spring 2008 Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know.
Low-Cost Untraceable Authentication Protocols for RFID Yong Ki Lee, Lejla Batina, Dave Singelée, Ingrid Verbauwhede BCRYPT workshop on RFID Security February.
Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.
© copyright NTT Information Sharing Platform Laboratories Cryptographic Approach to “Privacy-Friendly” Tags Miyako Ohkubo, Koutarou Suzuki, and Shingo.
RFID. A Technology That Changes Everything John Davis.
CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.
The Supply Chain Doctors Warehousing Fundamentals The Supply Chain Doctors Kimball Bullington, Ph.D. Cliff Welborn, Ph.D.
Enabling Secure Secret Updating for Unidirectional Key Distribution in RFID-Enabled Supply Chains Shaoying Cai 1, Tieyan Li 2, Changshe Ma 1, Yingjiu Li.
Internet of Things. IoT Novel paradigm – Rapidly gaining ground in the wireless scenario Basic idea – Pervasive presence around us a variety of things.
Wireless Networks Standards and Protocols & x Standards and x refers to a family of specifications developed by the IEEE for.
Digital Rights Management for Mobiles Jani Suomalainen Research Seminar on Telecommunications Business II Telecommunications Software and Multimedia Laboratory.
RFID A technology I advocate, despite the disadvantages Will cover what it is, how it’s used, its advantages, and its bad side.
Two Trends and Four Features from a Warehouse Perspective Melvin Fletcher.
Security of the Internet of Things: perspectives and challenges
Outline The basic authentication problem
Information Security, Theory and Practice.
English for Advance Learners I
Preventative Measures
NETWORK SECURITY Cryptography By: Abdulmalik Kohaji.
BEYOND THE BARCODE Beyond the Barcode.
Offline Auditing for Privacy
Lecture 1: Foundation of Network Security
Privacy for Public Transportation
Module 2 OBJECTIVE 14: Compare various security mechanisms.
Selective Blocking of RFID Tags for Consumer Privacy
Presentation transcript:

Introduction to RFID Security and Privacy Ari Juels Chief Scientist RSA, The Security Division of EMC RFIDSec 2011 Tutorial All slides © 2011, RSA Laboratories

Part II: RFID Privacy

There are two types of RFID privacy 1.Tracking privacy: Protection against physical tracking via unique identifiers 2.Content privacy: Protection against unauthorized scanning of data stored on tag

Why physical considerations say we should forget about tracking privacy…

Ms. Smith and her privacy-preserving RFID tag “87D6CAA7F” = “Ms. Smith”

Ms. Smith and her privacy-preserving RFID tag What about PET (Privacy Enhancing Technologies) for pets?

Ms. Smith and her privacy-preserving RFID tag What about Ms. Smith’s face?

Ms. Smith and her privacy-preserving RFID tag What about Ms. Smith’s mobile phone?

Ms. Smith and her privacy-preserving RFID tag Are we still worried about this circle???

Well, suppose we are still worried… We can change identifiers, right? “87D6CAA7F” “5ED6CF4C8” “9816F271BB” “D7612A873C”

Changing identifiers won’t work Physical-Layer Identification of RFID Devices –Danev, Heydt-Benjamin, and Capkun –USENIX Security ’09 Extract hardware “fingerprint” based on power modulation Show that it is possible to identify RFID tags over the air with > 2% at ERR –This will improve, of course Logical Layer (data, crypto protocols) Physical Layer (power modulation) r s, f x (r,s)

What does this mean for the dozens of paper on anti-tracking privacy? I’d argue that we should give up on anonymity –Not just in RFID Emphasis on content privacy makes more sense Logical Layer (data, crypto protocols) Physical Layer (power modulation) r s, f x (r,s) Serial #878SBE871 “Oxycontin, 160 mg” Changing identifiers won’t work

Content Privacy via “Blocker” Tags

The “Blocker” Tag

“Blocker” Tag Blocker simulates all (billions of) possible tag serial numbers!! 1,2,3, …, 2023 pairs of sneakers and… 1800 books and a washing machine and…(reading fails)…

“Tree-walking” anti-collision protocol for RFID tags ?

In a nutshell “Tree-walking” protocol for identifying tags recursively asks question: –“What is your next bit?” Blocker tag always says both ‘0’ and ‘1’! –Makes it seem like all possible tags are present –Reader cannot figure out which tags are actually present –Number of possible tags is huge (at least a billion billion), so reader stalls

Two bottles of Merlot # Blocker tag system should protect privacy but still avoid blocking unpurchased items

Consumer privacy + commercial security Blocker tag can be selective: –Privacy zones: Only block certain ranges of RFID- tag serial numbers –Zone mobility: Allow shops to move items into privacy zone upon purchase Example: –Blocker blocks all identifiers with leading ‘1’ bit –Items in supermarket carry leading ‘0’ bit –On checkout, leading bit is flipped from ‘0’ to ‘1’ PIN required, as for “kill” operation

Blocking with privacy zones Transfer to privacy zone on purchase of item Privacy zone

Polite blocking We want reader to scan privacy zone when blocker is not present –Aim of blocker is to keep functionality active – when desired by owner But if reader attempts to scan when blocker is present, it will stall! Your humble servant requests that you not scan the privacy zone Polite blocking: Blocker informs reader of its presence

More about blocker tags Blocker tag can be cheap –Essentially just a “yes” tag and “no” tag with a little extra logic –Can be embedded in shopping bags, etc. With multiple privacy zones, sophisticated, e.g., graduated policies are possible

An Example: The R X A Pharmacy

RFID-tagged bottle + “Blocker” bag

“Soft” Blocking Idea: Implement polite blocking only – no hardware blocking –A little like P3P… External audit possible: Can detect if readers scanning privacy zone Advantages: –“Soft blocker” tag is an ordinary RFID tag –Flexible policy: “Opt-in” now possible e.g., “Medical deblocker” now possible Weaker privacy, but can combine with “hard” blocker

Smart blocking approach: Personal Simulator or Proxy for RFID Those phones with NFC could someday get more general-purpose radios… We might imagine a simulation lifecycle: –Mobile phone “acquires” tag when in proximity –Mobile phone simulates tags to readers, enforcing user privacy policy –Mobile phone “releases” tags when tags about to exit range

Content Privacy via Dispersion

Keeping the customer satisfied… “I want a rock-solid encryption algorithm… with 20-bit keys.” “I want my retail stores to be able to read RFID-tagged items… but I want tags to be unreadable after sale… and I don’t want to have to kill or rewrite or block them…

EPC tags and privacy Recall that EPC tags have no true cryptographic functionality One true, explicit EPC privacy feature: Kill –On receiving tag-specific PIN, tag self-destructs –Tag is “dead in the Biblical sense” (S. Sarma) But commercial RFID users say: –They do not want to manage kill PINs –They have no channel to communicate secret keys downstream in supply chain –Key transport is a big problem!!!

Our approach: Put the secret keys on the tags Encrypt tag data under secret key  Apply secret sharing to spread key  across tags in crate –E.g.,   ( s 1, s 2,, s 3 ) E  (m 1 ) s 1 E (m2)s2E (m2)s2 E (m3)s3E (m3)s3 

Encrypt tag data under secret key  Apply secret sharing to spread key  across tags in crate –E.g.,   ( s 1, s 2,, s 3 ) E  (m 1 ) s 1 E (m2)s2E (m2)s2 E (m3)s3E (m3)s3  Our approach: Put the secret keys on the tags Supersteroids 500mg; 100 count Serial #87263YHG Mfg: ABC Inc. Exp: 6 Mar 2010

Privacy through dispersion

E  (m 1 ) s 1 E (m2)s2E (m2)s2 E (m3)s3E (m3)s3 Individual shares / small sets reveal no information about medication! ( Super- Steroids) (Super- Steroids) (Super- Steroids)

Use case: Privacy protection on medications Step 1: Receive crate at pharmacy Step 2: Pharmacy reads tags, gets keys, decrypts data Step 3: Tags and data are dispersed Data

Some challenges 1.Storage is at a premium in EPC, but no secret-sharing literature on “tiny” shares “Short” shares are 128 bits, but we may want 16 bits or less! 2.Scanning errors We need robustness in our secret-sharing scheme

Some challenges 3.In-store key harvesting  Preventive idea: Add “chaff,” i.e., bogus or “noise” shares If secret-sharing scheme for crate can tolerate d errors, then add 2d/3 bogus shares per crate Can recover from d/3 errors in single crate Hard to reconstruct secrets for two crates mixed together, as we have 4d/3 > d errors “Overinformed” adversary

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.