Presentation is loading. Please wait.

Presentation is loading. Please wait.

Qinghan Xiao, Cam Boulet and Thomas Gibbons Second International Conference on Availability, Reliability and Security, 2007 Speaker : 黃韋綸 RFID Security.

Published byGerard Carter Modified over 8 years ago

Similar presentations

Presentation on theme: "Qinghan Xiao, Cam Boulet and Thomas Gibbons Second International Conference on Availability, Reliability and Security, 2007 Speaker : 黃韋綸 RFID Security."— Presentation transcript:

1 Qinghan Xiao, Cam Boulet and Thomas Gibbons Second International Conference on Availability, Reliability and Security, 2007 Speaker : 黃韋綸 RFID Security Issues in Military Supply Chains

2 Outline Introduction RFID System System components Tag categories Attacks and Countermeasures Conclusion 2

3 Introduction Radio frequency identification. The difference of civilian supply chain and military supply chain. Reveal possible attacks to RFID systems. 3

4 RFID System - System components 4

5 RFID System - Tag categories Passive, semi-passive and active. PassiveActive Power source electromagnetic induction Or microwave Battery Read rangeBelow 3 meters5~100 meters VolumeSmallBig Use length10 years2~7 years PriceCheapExpansive 5

6 Attacks and Countermeasures – Eavesdropping Simple but efficient means. Countermeasures: Establishing a secure channel. Encrypting the communication between the tag and reader. Write the tag with sufficient information to identify the shipment to another automated database. 6

7 Attacks and Countermeasures – Man-in-the-middle (MIM) attack Change the information en route. Countermeasures: Encrypt the communication. Send the information through a secure channel. Provide an authentication protocol. 7

8 Attacks and Countermeasures – Denial of service (DoS) The purpose is disable the RFID system cannot be used. Physical layer attacks, such as jamming and interference. Attacker cannot get very close to the target or use an extremely strong transmitter within an effective distance. 8

9 Attacks and Countermeasures – Spoofing Tag cloning. Countermeasures: Authentication protocol and data encryption. Increase the cost and technology complexity. 9

10 Attacks and Countermeasures – Replay Intercepts communication between a reader and a tag to capture a valid RFID signal. The recorded signal will re-entered into the system when the attacker receives a query from the reader. Since the data appears valid, it will be accepted by the system. Countermeasures: Use a challenge and response mechanism. Time-based or counter-based scheme. 10

11 Attacks and Countermeasures – Virus Tags could be used as a medium to transmit a computer virus. Particular RFID virus could use SQL injection to attack the backend servers and eventually bring an entire RFID system down. Countermeasures: Well-developed middleware. 11

12 Attacks and Countermeasures – Power analysis Side-channel attack. The power consumption patterns are different when the tag received correct and incorrect password bits. Countermeasures: Either masking the spikes in power consumption or improving the hash algorithm will protect the tags being attacked by power analysis. 12

13 Attacks and Countermeasures – Tracking Different from any of the previously discussed RFID attacks, tracking is a threat directed to an individual. Manufacturers may put item-level RFID tags into many household products. RFID systems will be used to track people’s movements and even create a precise profile of their purchases. 13

14 Conclusion Although most of the attacking methods discussed in this paper have existed for several years, there is a chance that they are being applied to attacking RFID technology with the increasing use of RFID. Conduct of risk assessments, definition of security policy and development of more sophisticated approaches to defeat the attacks. 14

Download ppt "Qinghan Xiao, Cam Boulet and Thomas Gibbons Second International Conference on Availability, Reliability and Security, 2007 Speaker : 黃韋綸 RFID Security."

Similar presentations

1 An Ultra-lightweight Authentication Protocol in RFID Speaker: 魏家惠.

1 An Ultra-lightweight Authentication Protocol in RFID Speaker: 魏家惠.
1 Security in Wireless Protocols Bluetooth, 802.11, ZigBee.

1 Security in Wireless Protocols Bluetooth, , ZigBee.
NFC Security What is NFC? NFC Possible Security Attacks. NFC Security Attacks Countermeasures. Conclusion. References.

NFC Security What is NFC? NFC Possible Security Attacks. NFC Security Attacks Countermeasures. Conclusion. References.
NFC Devices: Security and Privacy

NFC Devices: Security and Privacy
Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 1 TU Graz/Computer Science/IAIK/VLSI Institute for Applied Information.

Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 1 TU Graz/Computer Science/IAIK/VLSI Institute for Applied Information.
Timo Kasper Crete, Greece May 10, 2007 An Embedded System for Practical Security Analysis of Contactless Smartcards Timo Kasper, Dario Carluccio and Christof.

Timo Kasper Crete, Greece May 10, 2007 An Embedded System for Practical Security Analysis of Contactless Smartcards Timo Kasper, Dario Carluccio and Christof.
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Authors: Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin.

Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Authors: Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin.
A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.

A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.
Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.

Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Security for RFID Department of Information Management, ChaoYang University of Technology. Speaker : Che-Hao Chen ( 陳哲豪 ) Date:2006/01/18.

Security for RFID Department of Information Management, ChaoYang University of Technology. Speaker : Che-Hao Chen ( 陳哲豪 ) Date:2006/01/18.
A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.

A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.
Lesson Title: Threats to and by an RFID system Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Threats to and by an RFID system Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
RFID Security CMPE 209, Spring 2009 Presented by:- Snehal Patel Hitesh Patel Submitted to:- Prof Richard Sinn.

RFID Security CMPE 209, Spring 2009 Presented by:- Snehal Patel Hitesh Patel Submitted to:- Prof Richard Sinn.
Security in RFID Presented By… NetSecurity-Spring07

Security in RFID Presented By… NetSecurity-Spring07
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.

Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Wireless Sensor Network Security Anuj Nagar CS 590.

Wireless Sensor Network Security Anuj Nagar CS 590.

Similar presentations

Ads by Google