The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy Ari Juels, Ronald Rivest, and Michael Szydlo ACM CCS, October 2003 Presented by Himanshu Pagey CDA /03/2007

Content of this presentation has been adapted/taken from RSA Labs presentation slides for this paper publications/blocker/blocker.pdf

RFID Grand Vision : Next Generation Bar Codes Line of sight Identifies a product. Radio Contact ( Fast automated scanning) Uniquely identifies a product ( Provides a pointer to an entry in database)

Constraints / Privacy Concerns Few Thousand Gates No Cryptographic function available. Static read / Write functions

Commercial Applications Supply Chain – Inventory tracking Anti – counterfeiting Parenting logistics (RFID bracelets for children in water park) Maintaining shelf stocks in retail environment – Gillette Mach 3 Razor blades Product Recalls

Reference:

Approach 1: “Faradays Cage” Reference:

Approach 2 “Kill Tags” Reference:

Usefulness of RFID tags Product Return Physical Access Control Theft Protection Intelligent microwaves For the success of these applications the RFID tags cannot be killed.

Smart Applications Smart Microwaves. Ovens that know how to cook pre-packaged food items. Smart Refrigerator that can recognize expired items and create shopping lists. Closets that can tally the contents. Airline tickets that indicate your location in the airport “Function Creep” – many more uses “unimagined” or “unimaginable”

Consumer Backlash Walmart “Smart” shelf project cancelled. Benetton RFID plans withdrawn Campaigns against RFID usage NoCards.org BoycottGillette.com BoycottBenetton.com CASPIAN (Consumers Against Supermarket Privacy Invasion and Numbering)

Blocker Tag Reference:

Blocker Tag Reference:

Tree Walking protocol

Basic Working Reader recursively asks the tags “What is your next bit?” The tag replies “0” and “1” both Reader thinks that all the possible tags are present. Reader stalls as number of possibilities are huge. Possibilities are at least 2 64 in most basic systems. This is “universal blocker” tag

Reference:

Selective Blocking Blocker Tag can block tags within certain zones. Such zones are “privacy zones” Tags can be moved between zones. For Example – The “blocker tag” block tags with leading “1” – Retail store items have tags with prefix 0 – At check out counter the leading bit is flipped from “0” to “1”

Blocking with Privacy Zones Reference:

Polite Blocking Singulation protocol can be revised to make it work efficiently with the blocker tags. Aim of the blocker is to keep functionality active when desired by the owner. If the reader tries to read the tag it will stall. The tag informs the reader about its presence. Before asking for next bit the protocol asks “Is the sub tree rooted at this node blocked”

Tags contain leading ‘0’ bit Leading bit is flipped to “1” and a blocker tag is provided to the customer

Strengths / Main Contribution Low Cost Implementation Ordinary consumer RFID-tag may not need to be modified at all. Blocker tags can be cheap. ( Around 10 cents per tag) Implementation is not resource intensive. Need to manage passwords for authorizing change to privacy zones

Weakness Reader can probably sense the existence of two tags transmitting at close proximity and can still traverse the privacy zone sub tree. Consumers must take the step of protecting their own privacy (“opt-out” policy). The consumers might prefer an “opt-in” Policy

Suggested Improvements Research an “Opt in” approach like soft blocking.

Questions ?