Qinghan Xiao, Cam Boulet and Thomas Gibbons Second International Conference on Availability, Reliability and Security, 2007 Speaker : 黃韋綸 RFID Security.

Slides:

Advertisements

Similar presentations

1 An Ultra-lightweight Authentication Protocol in RFID Speaker: 魏家惠.

Advertisements

1 Security in Wireless Protocols Bluetooth, , ZigBee.

NFC Security What is NFC? NFC Possible Security Attacks. NFC Security Attacks Countermeasures. Conclusion. References.

NFC Devices: Security and Privacy

Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 1 TU Graz/Computer Science/IAIK/VLSI Institute for Applied Information.

Timo Kasper Crete, Greece May 10, 2007 An Embedded System for Practical Security Analysis of Contactless Smartcards Timo Kasper, Dario Carluccio and Christof.

Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Authors: Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin.

A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.

Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.

Lecture 1: Overview modified from slides of Lawrie Brown.

Security for RFID Department of Information Management, ChaoYang University of Technology. Speaker : Che-Hao Chen ( 陳哲豪 ) Date:2006/01/18.

A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.

Lesson Title: Threats to and by an RFID system Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

RFID Security CMPE 209, Spring 2009 Presented by:- Snehal Patel Hitesh Patel Submitted to:- Prof Richard Sinn.

Security in RFID Presented By… NetSecurity-Spring07

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

Wireless Sensor Network Security Anuj Nagar CS 590.

NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From ： Proceeding of the First International Conference on Security and Privacy for.

RFID in Mobile Commerce and Security Concerns Chassica Braynen April 25, 2007.

R R FID Authentication : M inimizing Tag Computation CHES2006 Rump Session, Yokohama. Japan Ph.D. Jin Kwak Kyushu University, JAPAN

Physical-layer Identification of RFID Devices Authors: Boris Danev, Thomas S. Heyde-Benjamin, and Srdjan Capkun Presented by Zhitao Yang 1.

Chip tag A radio-frequency identification system uses tags readers send a signal to the tag and read its response RFID tags can be either passive active.

IWD2243 Wireless & Mobile Security

Chapter 1 Performance of Passive UHF RFID Systems in Practice RFID Systems: Research Trends and Challenges Slides prepared by Dr. Miodrag Bolic.

SSH Secure Login Connections over the Internet

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Developing RFID Application In Supply Chain

Radio Frequency Identification By Bhagyesh Lodha Vinit Mahedia Vishnu Saran Mitesh Bhawsar.

Neighborhood Watch: Security and Privacy Analysis of Automatic Meter Reading Systems Ishtiaq Rouf, Hossen Mustafa Rob Miller Marco Grutese Presented By.

Wireless Network Security By Patrick Yount and CIS 4360 Fall 2009 CIS 4360 Fall 2009.

多媒體網路安全實驗室 An Efficient RFID Authentication Protocol for Low-cost Tags Date ： Reporter : Hong Ji Wei Authors : Yanfei Liu From : 2008 IEEE/IFIP.

Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,

An Analysis of Bluetooth Security

Security Patterns in Wireless Sensor Networks By Y. Serge Joseph October 8 th, 2009 Part I.

Guided by: Jenela Prajapati Presented by: (08bec039) Nikhlesh khatra.

بسم الله الرحمن الرحيم Islamic University of Gaza Electrical & Computer Engineering Department Prepared By : Eman Khaled El-mashharawi Miriam Mofeed El-Mukhallalati.

EPCglobal Network Security: Research Challenges and Solutions Yingjiu Li Assistant Professor School of Information Systems Singapore Management University.

Handling Security Threats to the RFID System of EPC Networks J. Garcia-Alfaro, M. Barbeau, E. Kranakis Presenter Gicheol Wang.

RFID Privacy: An Overview of Problems and Proposed Solutions Maxim Kharlamov (mkha130, #13) S. Garfinkel, A. Juels, R. Pappu, “RFID Privacy: An Overview.

Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions Shaoying Cai 1 Yingjiu Li 1 Tieyan Li 2 Robert H. Deng 1 1 Singapore.

Wi-Fi Technology. Agenda Introduction Introduction History History Wi-Fi Technologies Wi-Fi Technologies Wi-Fi Network Elements Wi-Fi Network Elements.

Shanti Bramhacharya and Nick McCarty. This paper deals with the vulnerability of RFIDs A Radio Frequency Identifier or RFID is a small device used to.

Low-Cost Untraceable Authentication Protocols for RFID Yong Ki Lee, Lejla Batina, Dave Singelée, Ingrid Verbauwhede BCRYPT workshop on RFID Security February.

Radio Frequency Identification

1 Chapter 1 – Background Computer Security T/ Tyseer Alsamany - Computer Security.

1 Introduction to Malcode, DoS Attack, Traceback, RFID Security Cliff C. Zou 03/02/06.

ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University.

Ad Hoc Network.

Azam Supervisor : Prof. Raj Jain

Hoda Jannati School of Computer Science

Computer Science Department of University of Virginia  Voltage on a tag Radio Frequency Identification Systems New Ideas and Algorithms Introduction to.

Radio Frequency Identification (RFID)

Where in the world is my PSP? RFID Triangulation Stuart Lenz North Star High School.

A Critical Analysis on the Security of IoTs

Data Security in RFID Security is when everything is settled. When nothing can happen to you, Security is the denial of life. - Germaine Greer Presented.

多媒體網路安全實驗室 Anonymous Authentication Systems Based on Private Information Retrieval Date： Reporter: Chien-Wen Huang 出處: Networked Digital Technologies,

1 Protecting Your Privacy with a Mobile Agent Device in RFID Environment Authors: Sang-Soo Yeo, Soo-Cheol Kim, Sung Kwon Kim, Gilcheol Park, Seok Soo Kim,

Embedded system security

Forms of Network Attacks Gabriel Owens COSC 352 February 24, 2011.

Cyber Security in Smart Grids BY ADITYA KANDULA DEVASIA THOMAS.

Information Technology - Information Networks

Security in Networking

Security and Privacy in Pervasive/Ubiquitous Computing Systems

An Overview of Security Issues in Sensor Network

Presentation transcript:

Qinghan Xiao, Cam Boulet and Thomas Gibbons Second International Conference on Availability, Reliability and Security, 2007 Speaker : 黃韋綸 RFID Security Issues in Military Supply Chains

Outline Introduction RFID System System components Tag categories Attacks and Countermeasures Conclusion 2

Introduction Radio frequency identification. The difference of civilian supply chain and military supply chain. Reveal possible attacks to RFID systems. 3

RFID System - System components 4

RFID System - Tag categories Passive, semi-passive and active. PassiveActive Power source electromagnetic induction Or microwave Battery Read rangeBelow 3 meters5~100 meters VolumeSmallBig Use length10 years2~7 years PriceCheapExpansive 5

Attacks and Countermeasures – Eavesdropping Simple but efficient means. Countermeasures: Establishing a secure channel. Encrypting the communication between the tag and reader. Write the tag with sufficient information to identify the shipment to another automated database. 6

Attacks and Countermeasures – Man-in-the-middle (MIM) attack Change the information en route. Countermeasures: Encrypt the communication. Send the information through a secure channel. Provide an authentication protocol. 7

Attacks and Countermeasures – Denial of service (DoS) The purpose is disable the RFID system cannot be used. Physical layer attacks, such as jamming and interference. Attacker cannot get very close to the target or use an extremely strong transmitter within an effective distance. 8

Attacks and Countermeasures – Spoofing Tag cloning. Countermeasures: Authentication protocol and data encryption. Increase the cost and technology complexity. 9

Attacks and Countermeasures – Replay Intercepts communication between a reader and a tag to capture a valid RFID signal. The recorded signal will re-entered into the system when the attacker receives a query from the reader. Since the data appears valid, it will be accepted by the system. Countermeasures: Use a challenge and response mechanism. Time-based or counter-based scheme. 10

Attacks and Countermeasures – Virus Tags could be used as a medium to transmit a computer virus. Particular RFID virus could use SQL injection to attack the backend servers and eventually bring an entire RFID system down. Countermeasures: Well-developed middleware. 11

Attacks and Countermeasures – Power analysis Side-channel attack. The power consumption patterns are different when the tag received correct and incorrect password bits. Countermeasures: Either masking the spikes in power consumption or improving the hash algorithm will protect the tags being attacked by power analysis. 12

Attacks and Countermeasures – Tracking Different from any of the previously discussed RFID attacks, tracking is a threat directed to an individual. Manufacturers may put item-level RFID tags into many household products. RFID systems will be used to track people’s movements and even create a precise profile of their purchases. 13

Conclusion Although most of the attacking methods discussed in this paper have existed for several years, there is a chance that they are being applied to attacking RFID technology with the increasing use of RFID. Conduct of risk assessments, definition of security policy and development of more sophisticated approaches to defeat the attacks. 14