- 1 - RFID Security and Privacy: A Research Survey Ari Juels RSA Laboratories IEEE Journal on Selected Areas in Communication (J-SAC) in 2006 Taesung Kim.

Slides:

Advertisements

Similar presentations

SMUCSE 7349 RFID Security. SMUCSE 7349 Current Applications Logistics –Military supply logistics Gulf War I: Double orders to ensure arrival Gulf War.

Advertisements

RFID: OPPORTUNITIES and CHALLENGES Yize Chen. History In 1969, Mario Cardullo presented a RFID business plan to investors. The application areas include:

The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy A. Juels, R. L. Rivest, and M. Szydlo 8th ACM Conference on Computer and Communications.

A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.

Security for RFID Department of Information Management, ChaoYang University of Technology. Speaker : Che-Hao Chen ( 陳哲豪 ) Date:2006/01/18.

A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.

Slide 1 Vitaly Shmatikov CS 378 RFID Security and Privacy.

RFID Security and Privacy A Research Survey Shruti Pathak CS 585 Spring ‘09.

RFID Security CMPE 209, Spring 2009 Presented by:- Snehal Patel Hitesh Patel Submitted to:- Prof Richard Sinn.

RFID (Radio Frequency Identification) Jonathan Green, Kevin Thornberg, Erica Jennings May 16, 2007.

Security in RFID Presented By… NetSecurity-Spring07

RFID Chris Harris Carey Mears Rebecca Silvers Alex Carper.

Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.

Asmt. 10: ID chips in product Pro RFID chips in product Group 3. Team A Ivan Augustino Andres Crucitti.

Slide 1 Vitaly Shmatikov CS 378 RFID Security and Privacy.

#1 Privacy in pervasive computing What can technologists do? David Wagner U.C. Berkeley In collaboration with David Molnar, Andrea Soppera, Ari Juels.

RFID Security & Privacy Matt Hansen University of Illinois Fall 2007.

RADIO FREQUENCY IDENTIFICATION By Basia Korel. Automatic Identification Technology for identifying items Three step process 1) Identify people/objects.

RFID in Mobile Commerce and Security Concerns Chassica Braynen April 25, 2007.

Real World Applications of RFID Mr. Mike Rogers Bryan Senior High School Omaha, NE.

Foundations of Privacy 2010 Guy Katz.  Introduction to RFID  How does it work  Threats to user privacy  Possible solutions.

Physical-layer Identification of RFID Devices Authors: Boris Danev, Thomas S. Heyde-Benjamin, and Srdjan Capkun Presented by Zhitao Yang 1.

Radio Frequency Identification (RFID) Features and Functionality of RFID Including application specific ISO specifications Presented by: Chris Lavin Sarah.

Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science.

David Molnar, David Wagner - Authors Eric McCambridge - Presenter.

Chip tag A radio-frequency identification system uses tags readers send a signal to the tag and read its response RFID tags can be either passive active.

Radio Frequency ID (RFID): Brian E. Mennecke Deans Faculty Fellow in MIS & Associate Professor Iowa State University College of Busiess.

IWD2243 Wireless & Mobile Security

Using Technology to Streamline the Inventory Process Sean Pugatch, AssetWorks ext

SECURE SYMMETRIC AUTHENTICATION FOR RFID TAGS

- 1 - Secure and Serverless RFID Authentication and Search Protocols Chiu C. Tan, Bo Sheng, and Qun Li IEEE Transactions on Wireless Communication APRIL.

RFID and LMS: improving interoperability Mick Fortune, 2CQR.

What’s Happening with RFID? Faith Lamprey Aurora Technologies (401) NEMUG November, 2009.

FPGA based RFID Reader Group Members – Farhan Tariq Usman Sarwar Khalid Khan Supervisor- Mr. Naveed Ahmed Internal Advisor- Prof. Dr. Abdul Razzak Memon.

Developing RFID Application In Supply Chain

Overview  What is RFID?  How to use it?  Relevant links  Future Trends  Bibliography.

Radio Frequency Identification By Bhagyesh Lodha Vinit Mahedia Vishnu Saran Mitesh Bhawsar.

1 Ch. 17: Security of RFID slide 1. 2 Roles of RFID applications slide 2 TagsReaderServer(Database) Secure channel Slides modified from presentation by.

Radio Frequency IDentification RFID Technology Presented by Elaine Contant University of Arkansas Libraries – Fayetteville December, 2008.

مدیریت تولید پیشرفته جلسه پنجم : Introduction: CIM, RFID

Network Security - IT653 Deepti Agrawal KReSIT, IIT Bombay

1 Presented by July-2013, IIM Indore. 2  RFID = Radio Frequency IDentification.  RFID is ADC (Automated Data Collection) technology that:-  uses radio-frequency.

EPCglobal Network Security: Research Challenges and Solutions Yingjiu Li Assistant Professor School of Information Systems Singapore Management University.

RFID Privacy: An Overview of Problems and Proposed Solutions Maxim Kharlamov (mkha130, #13) S. Garfinkel, A. Juels, R. Pappu, “RFID Privacy: An Overview.

RFID Technology What is it? (And why should you care?)

RFID Radio Frequency Identification By Lakshmi VS Pranav Pandit.

Radio-frequency identification (RFID) is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID.

RF-ID Overview What is RFID? Components. Block diagram & Working. Frequency Ranges. EPC Code. Advantages & Disadvantages. Applications.

RFID: Radio Frequency Identification Amanda Di Maso Shreya Patel Tresit Tarko.

The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy Ari Juels, Ronald Rivest, and Michael Szydlo ACM CCS, October 2003 Presented by Himanshu.

Shanti Bramhacharya and Nick McCarty. This paper deals with the vulnerability of RFIDs A Radio Frequency Identifier or RFID is a small device used to.

Low-Cost Untraceable Authentication Protocols for RFID Yong Ki Lee, Lejla Batina, Dave Singelée, Ingrid Verbauwhede BCRYPT workshop on RFID Security February.

1 Introduction to Malcode, DoS Attack, Traceback, RFID Security Cliff C. Zou 03/02/06.

Qinghan Xiao, Cam Boulet and Thomas Gibbons Second International Conference on Availability, Reliability and Security, 2007 Speaker : 黃韋綸 RFID Security.

THE INTERNET OF THINGS (IOT). THE INTERNET OF THINGS Objects can transmit and share information without any human intervention.

IDENTITY NUMBERS BY A.M.VILLAVAN M.TECH(COS). RFID Acronymn: Radio Frequency Identification Device RFID is a technology, whose origins are found in the.

RFID Technology Lecture for week 5 Dhruba Sen

RFID Mike Treon CPSC 310. What is RFID? Radio Frequency Identification Wireless link to transmit data and collect stored information. (EPC) Allows for.

LIBRARY AUTOMATION USING RFID LIBRARY AUTOMATION USING RFID Presented by; Joju Mohan -67 Ninitha Xavier -68 Priyanka C.P -69 Rahul K.Raj -70.

RADIO FREQUENCY IDENTIFICATION TECHNOLOGY. By Twesige Richard.

What is a Radio-Frequency Identification (RFID) tag?

Team 7 Technical Presentation

Revisting Unpredictability-Based RFID Privacy Models

RFID Security and Privacy: A Research Survey

Radio Frequency Identification

Selective Blocking of RFID Tags for Consumer Privacy

- Dylan Leintz - Dr. Davies

Mobile Computing Lecture Materials By Bintang Eka Putera.

RFID used for real-time tracking Physics 490 seminar 4/15/2019

Presentation transcript:

- 1 - RFID Security and Privacy: A Research Survey Ari Juels RSA Laboratories IEEE Journal on Selected Areas in Communication (J-SAC) in 2006 Taesung Kim

- 2 - Contents RFID Overview –Tags, Readers, and Applications –Tag Singulation Security & Privacy Threats Proposed Solutions

- 3 - RFID Overview 3 Tags (transponders) Attached to objects, “call out” identifying data on a special radio frequency 02.3DFEX4.78AF51 EasyToll card #816 Reader (transceiver) Reads data off the tags without direct contact Radio signal (contactless) Range: from 3-5 inches to 3 yards Database Matches tag IDs to physical objects

- 4 - Tag Types Passive: –All power comes from a reader’s signal –Tags are inactive unless a reader activates them –Cheaper and smaller, but shorter range Semi-passive –On-board battery, but cannot initiate communication –Can serve as sensors, collect information from environment: for example, “smart dust” for military applications Active: –On-board battery power –Can record sensor readings or perform calculations in the absence of a reader –Longer read range LFHFUHF Freq. Range KHz13.56 MHz MHz Read Range10 cm1M2-7 M ApplicationSmart Cards, Ticketing, animal tagging, Access Control Small item management, supply chain, Anti-theft, library, transportation Transportation vehicle ID, Access/Security, large item management, supply chain

- 5 - Applications Supply-chain management –logistics, inventory control, retail check-out Payment systems –ExxonMobil SpeedPass –I-Pass/EZ-Pass toll systems –Credit Cards Access Control –Passports Library books Animal Tracking

- 6 - Security Challenge Low cost RFID tags have very limited resources –Typically have only 500-5,000 gates –May have up to a few hundred bits of storage –Tags cannot perform complex computations Most tags simply emit a static identifier when prompted Tags do not have the resources to allow for public-key or symmetric-key encryption systems EPC tags: $0.05, 250 – 1000 gates AES requires 20,000 – 30,000 gates

- 7 - Consumer Privacy Problem

- 8 - Threats Tracking –Unauthorized use of a tag’s ID in order to gain information about the location of a person or object –In a retail environment, a user can be associated with an item at purchase time Cloning/Replay –Tags that emit static identifiers are very vulnerable –A thief could replace/rewrite a tag on an expensive item Denial-of-service –Conflicting RF signals can prevent legitimate tag communication Physical attacks –Probing a tag to determine private data

- 9 - RFID Security Research Blocking approachPractical approach Cryptographic protocol approach “kill” “sleep/wake” Faraday Cage Active Jamming Re-labelling Clipped Tag Minimalist Proxy model Blocker Tag Hash-Lock Randomized Hash-Lock OSK model MW model HM model LK model Human authentication approach HB and HB+ protocol HB++ (first attempt) and HB++ protocol HB++ protocol by S. Piramuthu HB# - Watchdog Tag - RFID Guardian - RFID Enhancer

“kill” 기법과 “sleep/wake” 기법 “kill” and “sleep/wake” approach –“kill” Stop tag’s operation Throw up the convenience of RFID system –“sleep/wake” Stop tag’s operation Reused through wake command

Re-Labelling 기법 Inoue and Yarsuura’s approach –Splitting product-type identifiers and unique identifiers across two RFID tags Karjoth & Moskowiz’s approach

Minimalist 기법 …… 가명 5 가명 4 가명 3 가명 2 가명 1 가명 n request response 가명 8 response 가명 2 가명 2 ID = 가명 8 …… 가명 5 가명 4 가명 3 가명 2 가명 1 가명 n request response 가명 n response 가명 5 ? ? ? ? ? 가명 5

Blocker Tag 기법

Hash-Lock 기법 Hash-Lock approach –Step 1 : Lock ReaderTagDatabase ID Select random key K and operate Hash Function metaID = H K (ID) metaID State of the tag changes to Lock Tag metaID, K Stores metaID and key K set to identify tags (metaID 1, K 1 ) (metaID 2, K 2 ) … (metaID n, K n )

Hash-Lock 기법 Hash-Lock approach –Step 2 : Unlock ReaderTagDatabase query metaID Tag state : Lock (metaID) Tag metaID (metaID 1, K 1 ) (metaID 2, K 2 ) … (metaID n, K n ) Finds key, ID set by metaID Key, ID Key ID Tag state : Unlock (ID) Give pure information of this tag

RFID Guardian Scan logging : 인접 리더의 쿼리에 대한 감시 Tag logging : 태그의 ownership 제공 및 새로운 태그의 출현 감지 Tag-reader mediation –Selective jamming Context-awareness – 시간 / 장소에 따라 알맞은 context 로 갱신

Thank you!