CmpE 209: Network Ssecurity-
Spring’07
Security in RFID
Instructor
Prof. Richard Sinn
Submitted by
Team: netsecurity-spring07
Chandra S.shekhar Cheruku(004806582)
Haripriya Chintalapati(004684109)
Kokil Bhalerao(003877134)
NagaKalyani Padakanti(004723668)
Shveta Shahi(004700151)
Vamsi KrishnaAmbati(004898076)
Date Submitted: 03/06/2007
Table of contentS
1. Introduction 2
1.1 RFID Architecture 2
2. RFID Issue: 3
2.1 Tracking & Spying 3
2.2 Tag Cloning: 5
2.3 Replay Attack 5
3. Solutions to security issues 5
3.1 Kill tag 5
3.2 Blocker tag 5
3.3 Authentication protocol 5
3.3.1 Advantages of Authentication Protocol 6
4. Conclusion 6
1. Introduction 2
2.1. RFID System Components 2
2.1.1 Tags 2
2.1.2 Readers 2
2.1.3 Back-end database 2
3. RFID Applications 2
4. Challenges 3
4.1. Physical challenges 3
Some examples of physical challenges are listed in table below. 3
4.2. Technical challenges 3
5.RFID Issues 3
5.1. User Privacy 3
5.23Tag Cloning 3
5.3.Virus Injection 4
5.4. Denial of service 4
5.5 Replay Attack 4
6. Solutions to security issues 4
6.1 Kill Tag Approach 4
6.2. Smart RFID Tag 5
6.2.1. Randomization Hash Lock 5
6.2.2. The re-encryption approach 5
6.2.3. Silent Tree-Walking 6
6.3 Blocker Tag 6
6.5 Digital Signature Transponder 6
6.6 Authentication Protocol 7
7
6.6.1. Simplified Authentication protocol 7
7
1. Introduction 2
1.1. RFID System Components 2
1.2. RFID System Working 2
2. RFID Applications 2
3. Challenges 2
3.1. Physical challenges 2
3.2. Technical challenges 3
4. 3
RFID Issues 3
4.1. User Privacy 3
4.2. 3
Tag Cloning 3
4.3. Virus Injection 3
4.4. Denial of service 3
4.5 Replay Attack 4
5. Solutions to security issues 4
5.1 Kill Tag Approach 4
5.2. Smart RFID Tag 4
5.2.1. Randomization Hash Lock 4
5.3 Blocker Tag 5
5. 4 Digital Signature Transponder 5
5. 5. Authentication Protocol 6
5.5.1. Simplified Authentication protocol 6
5.5.2. Enhanced Authentication protocol 7
6. Conclusion 7
7. References 8
1. Introduction
Radio Frequency Identification (RFID) is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID tags. An RFID tag is a small inexpensive chip that can be used for identification using radio frequency and can be read several meters away. RFID has several uses ranging from supply chain to library to transportation channels and many more.
There is no doubt that RFID is a part of present and will remain a major part of future; however, there is considerable amount of risk associated with naively using RFID tags for several applications.Tracking,spying,and tag cloning ,…..are some of the security issues related to RFID which needs to be addressed before RFID can be fully harnessed. This report focuses on some of the security issues and measures to tackle those issues.
21.1. RFID System Components
RFID systems are composed of three key components:
· RFID tags known as transponder, carries object identifying data.
· RFID tag reader known as transceiver, which reads and writes tag data.
· Back-end database which stores records associated with tag contents
2.1.1 Tags:
Every item/object that has to be tracked or identified in a RFID system is labeled with a tag. Each tag consists of a microchip for storage and computation, and an antenna coil for communication.
Tag memory may be read-only, write-once read many or fully rewritable. Two basic kinds of tags are Active and Passive tags. While active tags have their own power source, the passive tags rely on the reader for power and cannot initiate Readers: As the name suggests interrogate tags for their data through an RF interface.
Back-end database: The back-end database contains records associated with tag contents.
1.2. RFID System Working
As discussed in previous section RFID tags are ‘interrogated’ by RFID reader. The reader will generate a radio frequency signal that communicated with the tag. The reader has a receiver that senses the reply signal from the tag, and then decodes that signal. The reply from the tag is actually the tag’s data content. All the information associated with the tag contents reside in the back-end data base.
Every object to be identified in an RFID system is physically labeled with a tag. Tags are
typically composed of a microchip for storage and computation, and a coupling element,
such as an antenna coil for communication. Tags may also contain a contact pad, as found
in smart cards. Tag memory may be read-only, write-once read-many or fully rewritable.
A key classification of RFID tags is the source of power. Tags may come in three
flavors: active, semi-passive and passive. Active tags contain an on-board power source,
such as a battery, as well as the ability to initiate their own communications; possibly with
other tags. Semi-passive tags have a battery, but may only respond to incoming transmissions.
Passive tags receive all power from the reader and necessarily cannot initiate any
communications.
17
2. RFID Applications
RFID finds its usage in diversified field. Through RFID it’s possible to track inventory on retail shelves and efficient restocking of goods, tracking of children in theme parks, tracking cattle, and more reliable tracking or trailing of airline baggage. Automated traffic and parking management, evacuation management, food tracking and safety at transport and at storage are yet some more areas where RFID is deployed.
3. Challenges
3.1. Physical challenges
Some examples of physical challenges are listed in table below..
Reader Collision / Occurs when multiple readers in a warehouse attempt to read the same tag at the same time.Tag Collision / Occurs when one reader receives signals that have reflected back from multiple tags at the same time. This confuses the reader because it cannot distinguish between the tags
Signal Interference and Noise / Occurs when ambient warehouse conditions distort the electromagnetic signals sent by the tag and/or reader.
3.2. Technical challenges
Some technical challenges with RFID are security issues (which is covered later on in this report), integration with existing enterprise systems or legacy system, interoperability and standardization.
4.
RFID Issuesssue:
24.1. User Privacy
RFID tags are very small and can be embedded easily in any product that consumers may not even know when they are carrying themcarry without any . knowledge. This can be a big hindrance into the privacy of consumers. There are several policies and guidelines for using RFID information but consumers have no easy way of knowing when the policies are adhered and when it is breached.
Security concerns related to user privacy are:…
Products1. Products labeled with insecure tags may reveal sensitive information.
2. Location Privacy violation which may lead to tracking of individual tags they carry
1. 2. LLocation Privacy violation which may lead to tracking of individual by the tags they carry.
Tracking & Spying
24.2. Many Companies are trying to use RFID chips/ sensors in tracking their users, these chips can also be used as spy agents. RFID tag ID’s which is unique for every product can act as a identifier of each individual user. Using wireless and RFID, it can be possible, to locate the users and their each move.
“Gillette has been caught hiding tiny RFID surveillance chips in the packaging of its shaving products. These tiny, high tech spy tags are being used to trigger photo taking of unsuspecting customers!” [1].
The data stored on RFID can be tracked from any where(Airports, grocery stores, car, home etc) even with its short range frequency radiation, Sybase’s ianywhere[2] supports Enabling intelligent, event-driven RFID and sensor networks. This is capable of creating a network of RFID hardware, environmental sensors, location tracking systems and other devices that enables process automation and efficient network operation, including advanced, built-in capabilities such as RFID reader coordination through time slicing and GPIO. It simplifies the integration of sensor data into enterprise systems, including concurrent feeds into multiple existing applications. The advanced underlying architecture of wireless networks enables business logic or support for new hardware to be easily added to an existing system [3, 4]. A similar solution is Rapid Inventory[4] which can generate web based reports and alerts, see [figure1].
Figure 1: From Assetpulse.com [4]
This technology helps organizations in their business needs and in bringing value products into market. But looking at the security aspect of this solution, this technology can be used not only to track the products, their location etc, but also track and spy people. This data can be hacked based on the vulnerabilities of both RFID and wireless networks. If a hacker can hack the information between sensor networks and edge server[3], the
Even if on throwing them away, the RFID chips will survive. The phone company BelSouth Corp. had applied for a patent on a system for scanning RFID tags in trash, and using the data to study the shopping patterns of individual consumers.
EPC Global of Lawrenceville, N.J.,, the nonprofit organization that sets technical standards for RFID systems, has a code of ethics that requires notifying consumers about the presence of RFID tags. The group also recognizes the right of consumers to deactivate RFID tags, and is working to develop systems to make this easy [5].
Tracking (which may be because of eavesdropping) also creates privacy issues in library that uses RFID since there are no read access control or read passwords.
Static identifiers (these identifiers are sent by the tag in response to a query generated by a nearby reader) can be used to track or hotlist books. Book tracking can be done by correlating multiple observation of the book’s RFID tag. It may not be possible to know the title and author of the book unless the bibliographic data is available; however, the static identifier can still be used to track the book’s movement .Combined with video surveillance and other mechanisms it is easy to track the reading, viewing, and listening habits of different people.
In hotlisting any malicious person can have a ‘hotlist’ of books which he wishes to identify. Now for accomplishing this task ,the malicious person might visit library and read RFID tags on various books, to determine if these tags match any of those on the ‘hotlist’.In current library RFID architectures, each item in a library has a static tag which never changes over the item’s life time, which makes hot listing possible. Hotlisting can be baffling because it allows an adversary to gather information about an individual’s reading habits without a court order. “For another example, readers could be set up at the entrance to stores and used to tailor patron experience or target marketing; these readers would look almost identical to the anti-theft gates used today.”
Tag Cloning:
Security concerns revolve around the ability to spoof tags to overwrite the data in tags, overwrite the tagthe tag ID or sniff/modify data while it's in transit through the air. These concerns are alleviated by controlling the physical environment so that unauthorized users can't access the tags. Controlling the physical environment is easy in closed-loop situations. But in open-loop situations such as a supply chain, the tags are typically moved along with the products all through the supply chain, requiring higher levels of security.
Security concerns with tag cloning are:…
1. One of the major concerns related to tag cloning is that an attacker can replace the tag for
2. an expensive item with the tag of cheaper one.
3. Another concern is that an attacker can replace the item from the shelf and install a replacement tag which can continue authenticating itself and in this way attacker can fool the system into believing that item is still there on shelf.
4. In case of library books using RFID tags it is possible switching two book’s RFID data or changing the security status of the tags.
24.3. vVirus iInjection
1. While the data in the tag is in transit from tag to reader an attacker can inject virus into it. Virus in the tag can in turn infect the database
Security concerns with virus injection are:
Tags scanned after the database is infected can also be infected with the virus.
A malicious activity like dropping database tables is possible.
4.4Denial. Denial of service
RFID systems only work when RFID tags and database are available. If the RFID tags are removed or database is flooded with useless data then it will lead to denial of service attack.
Security concerns with denial of service are::
Thieves could remove tags or put in foil-lined booster bag that will block RFID reader’s request and temporarily deactivate the tag.
An attacker could attach RFID on other items causing RFID system to record useless data which will flood an RFID system with more data then it can handle.
2.
24.53 Replay Attack
In a In replay attack, a valid RFID signal is intercepted and its data is recorded, this data can later be ttransmitted to a reader where it is "played back." Because the data appears valid, the system accepts it.
SecurityIt. Security concerns with replay attacks is:
1. RFID passports have signed biometric stored in RFID chip. When there is read request it just return the stored value. This signal can be captured and a device can be made to replay the same signal which may seem to come from valid RFID passport.
35. Solutions to security issues
35.1 Kill Tag Approach:
This is one of the straightforward approaches used to protect the consumer privacy by killing the RFID tag of the product before it is given to customers. And when a tag is dead, it cannot be reactivated again. The AutoID Center proposed the standard mode of operation where the tags are killed after the purchase of the tagged product. According to their tag design, a special ‘kill’ command is sent to kill the tag.
For instance, a supermarket might use RFID tags to facilitate inventory management. However, in order to protect the consumer privacy, the RFID tag is killed by the checkout clerk before the product is given to customer.
Advantage:
By deactivating the tag, the customer details cannot be traced by malicious readers and hence their privacy is protected.
Disadvantage:
The kill approach is undesirable in many environments. Moreover, many applications require that the tag should be active while in consumer’s possession and hence cannot be killed upon purchase. The following are the few scenarios that require tag to be active even after purchase: