Vamsikrishna AmbatiKokil BhaleraoChandra S.CherukuHariPriya ChintalapatiNagaKalyani PadakantiShveta Shahi

Security in RFID

Presented By… NetSecurity-Spring07

What is RFID??

RFID System Components

Architecture

Applications

Security Issues and Challenges ……

Conclusion

Presentation Objectives

RFID (Radio Frequency Identification) uses a micro-chip in a tag to transmit stored data when the tag is exposed to radio waves of the correct frequency.

What is RFID ??

Tag wirelessly sends bits of data when it is triggered by a reader.

Reader transmits radio frequency energy• Provides power for the tag.• Enables communications to and from the tag.• Different operating frequencies are possible.

System of tags, readers, antennas, and software.

RFID systems are composed of three key components..

• The RFID tag, or transponder, carries object identifying data.

• The RFID tag reader, or transceiver, reads and writes tag data.

• The back-end database stores records associated with tag contents.

RFID System Architecture…

Passive RFID Active RFID

Tag Battery No Yes

Availability of power Only in field of reader Continuous

Signal Strength Very High Very Low

Range Up to 3-5m Up to 100m

Tags can be active or passive.

RFID Tags..

Antenna

Active Passive

RFID Applications.. Personal Productivity

• Automatic toll collection• Ticketing and event access• Library checkout

Other Applications

• Automobile Keyless entry • E-Passport

RFID Challenges.. • The Privacy Problem

Wigmodel # 143 (cheap polyester)

$ 1000 in wallet30 Items of

candies

Hacking BOA

• Security• Reader Collision• Tag Collision • Signal Interference in noise • Inconsistent data

RFID Security Issues User Privacy

Replay Attack

Virus Injection

Denial of service

Tag Cloning

User Privacy

Few concerns related to user privacy• Products labeled with insecure tags may reveal sensitive information.• Location privacy violation which may lead to tracking of individual by the

tags they carry.

• RFID passport have signed biometric stored in RFID chip. When there read request it just return the stored value. This signal can be captured and a device can be made to replay the same signal which may seem to come from valid RFID passport.

Replay Attack

Security Concern with replay attack:

Virus can be injected while data is in transit

Concerns with virus injection:• Tags scanned after the database is infected can also be infected with

the virus.• A malicious activity like dropping database tables is possible.

Virus Injection

Denial Of Service Concerns with denial of service:

• Thieves could remove tags or put in foil-lined booster bag that will block RFID reader’s request and temporarily deactivate the tag.

• An attacker could attach RFID on other items causing RFID system to record useless data which will flood an RFID system with more data then it can handle.

Tag Cloning

Ability to spoof tags to overwrite the data in tags, overwrite the tag ID.

A data integrity attack.

Few security concerns• Replace the tag for an expensive item with the tag of cheaper item.

• Switching two books’ RFID data or changing the security status of the tags.

Solutions to security issues

Kill Tag

Smart RFID Tag

Blocker Tag

DST Tag

Authentication Protocol• Simplified Authentication protocol• Enhanced Authentication protocol

The Kill Tag Approach….

• Used to protect consumer privacy. • The RFID tag of the object is killed by sending a special

‘kill’ command to the tag.• A killed tag can never be reactivated.• Example: An RFID tag is killed by check out clerk before the

object is given to customer.• Drawback:

• It is undesirable in many environments.• Many applications require the tag to be active even after purchase.

Smart RFID Tags

• Protect consumer privacy while RFID tag remains active.• Types of smart RFID tag: Hash Lock Approach…. Simple access control mechanism based on one way hash function.

Randomization Hash Lock Approach…. Similar to hash lock but a random number generator is also embedded along with one way hash function.

Hash Lock: Locking protocol

1. Reader R selects a random key and computes metaID = hash(key).

2. R writes metaID to tag T.

3. T enters the locked state.

4. R stores the pair(metaID, key) locally.

Hash Lock Approach: unlock

Reader Tag

querymetaIDmetaID

database (key,metaID)KeyID

Strength of Hash lock Approach• Prevent unauthorized reader from reading the tag because of one-wayness of hash

Weakness of Hash lock Approach• The unauthorized reader can keep track of tag using metaID.

Randomized Hash lock: unlock

Reader Tag

query

R,h(IDk||R)Get all ID’s

database ID1, ID2….IDk IDk

Strength of Randomized Hash lock Approach Address the problem of tracking tags by their metaID

Weakness of Randomized Hash lock Approach Impractical for reader with large number of ID’s

Blocker Tag..• A blocker tag prevents RFID tags from being read• RFID reader can read one tag at a time• Reader will unable to read information if more than one tag

responses• A blocker tag takes advantage of this technique to block the

reader• When a reader try to read a tag belonging to a privacy zone, then

the blocker tag confuses the reader by always responding• This way, blocker tag blocks any tag from being read.• Weakness of Blocker tag

– It can be used as malicious tool.Digital Signature Transponder• It uses cryptographic mechanism in wireless authentication

applications• It acts as a passive transponder and implements a challenge-

response authentication using block cipher• A DST tag contains non-volatile RAM to store 40-bit encryption

key.

DST algorithm

Reader(40-bit

encrypt. Key)

Tag(40-bit

encrypt. Key)

1.40-bit challenge 2. Encipher to 40-

bit Cipher text3. Truncates to 24-bit

response5. Calculates expected challenge

6. Compares calculated challenge with tag response

4. 24-bit response

Simplified Authentication Protocol

Tag Readerh(IDi), N, hIDi (N)

Request

Strength of Simplified Authentication Protocol• Provides protection against tracking, tag cloning and it

also provides forward security.

Weakness of Simplified Authentication Protocol• Replay Attack• Database De-synchronization

ID h(ID)

XXX yyy

aaa bbb

Enhanced Authentication Protocol

Request,NR

H(Idi),NT,hIDi(NT,NR)

hIDi+1(NT,NR)

Strength of Enhanced Authentication Protocol• Tag cannot be attacked because if attacker is masquerading as

reader then he will not know the shared secret which is ID of the tag.

• Reader cannot be attacked because of the shared secret. • Which protects against replay and database de-

synchronization attack.• The communication between tag and reader cannot be attacked

because of one-way of hash.• User privacy cannot be attacked because no identity is released by

the tag.• Location privacy cannot be attacked because ID value changes with

every read.

ReaderTag

ID h(ID)

XXX yyy

aaa bbb

Conclusion

• RFID definitely has some security issues that need to be addressed.

• According to latest report from Texas Instruments there is no fraud reported with DST approach in last eight years.

• In enhanced authentication protocol, both reader and tag are authenticated by each other.

• Enhanced authentication protocol is most secure solution and uptill now we didn’t identify any weakness associated with this protocol.

References• http://www.rfidjournal.com/article/articleview/

549/1/1/• http://en.wikipedia.org/wiki/

Digital_Signature_Transponder• Stephens August Weis, " Security and Privacy in

Radio-Frequency Identification Devices”• Ari Juels and Ronald L. Rivest and Michael

Szydlo, "The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy”

Any Questions

Thank U………..