Security and Privacy in RFID
Sirkka-Liisa Vehkaoja
Oulu University of Applied Sciences, [email protected]
Abstract
Security and privacy in RFID and mobile RFID
services and user-side communication are coming more
and more important then the wireless traffic is
increasing hugely. Security and privacy protecting
mechanism have to be tested to work well. There are still
problems to protect the connections against attacks by
any kind of hackers. In this paper are handled on the
tested systems for more safe and privacy wireless traffic
RFID equipped communication.
Keywords: Personal information protection, Physical
blocking, Rewritable tag, Smart tag approach, Public
key encryption, Common key encryption, hash based
scheme, K-steps ID matching, Crypto Algorithm,
Discovery Service Gateway system, Policy-based user
privacy protection
.
1
Introduction
Personal information protection means same as
privacy in this paper. All kind of protection against
hackers is very important in information and mobile
technology area. Normal RFID tag is called basic tag
because of not possesses any cryptographic operation as
encryption, strong pseudorandom number generation
and hashing.
A typical deployment of an RFID system involves
three types of entities: tags, readers and back-end server.
The tags, also called transponders are attached to/or
embedded in objects to be identified. (hosts). They are
consist of microchip and RF-coupling element and
antenna, which enables communication via radio waves.
The microchip can include features as a CMOS
integrated circuit, ROM, RAM and nonvolatile
EEPROM, autonomous power element as a battery.
The readers often called transceivers include a
radiofrequency module, a control unit and a coupling
element to scan for and communicate with tags. There
are too many ways of classify RFID tags such as
passive-, active and semi-passive.
- Passive tags: It’s power captured from reader’s
radio waves through induction at the antenna.
- Active tags: Power supplied autonomously
(usually a battery).
- Semi-passive tags: Autonomous power provides
for an onboard clock and/or powers the tag
circuitry, but does not supply the radio interference.
Communication is powered by induction as in the
passive case.
Sometimes RFID readers are stand-alone units,
sometimes integrated with cell-phone devices.
Sometimes they have interface for communication with
a back-end server, with the middleware or the database
to implement specific secure business logic with a
PC-type device and a custom software in the cell-phone
and other components in remote databases accessed
through the cell network.
2
Normal RFID tag protection
First about the stationary RFID tags handles further
mobile RFID tags showing.
2.1
Personal RFID protection
Ideas, operations and technologies for personal
protection of RFID are based the same as normal
information systems. There are two unique features in
RFID systems:1. An adversary can access a tag easily
without notice since RFID uses radio frequency. 2. The
restriction to the cost of the tag is very severe in RFID
systems.
2.2
Physical blocking approach
Satisfy anonymity and unlinkability by preventing an
adversary from accessing RFID tags physically.
1. Kill command, which disables functionality of the
tag by EPCglobal standard.
2. Faraday cage, made of conducting material, blocks
radio frequency. User encloses RFID tags with
Faraday cage, which prevents communication
3.
2.3
between tags and readers.
Proposes by Jules, Karjoth and MosKowitz.
Rewritable tag approach
Nonvolatile RAM (NVRAM) as a flash memory is
embedded within each RFID tag. Proposes by Juels
and Pappu.
2.4
Smart tag approach
Cryptographic function and a ROM are embedded
within each RFID tag. The tag changes its output all the
time using a cryptographic function – public key
encryption, common key encryption or hash function –
on itself.
Proposes by Kinoshita.
2.5
K-steps ID matching
Hash function H, a ROM and a pseudorandom
number generator are embedded within each RFID tag.
The tag is using a tree ID structure. The tree has
N-leaves and each leaf corresponds to an RFID tag.
Each node has an unique label. ID of an RFID tag
corresponding to a leaf node defines a sequence of labels
from the root node to the leaf node. The server
recognized an ID from the output of an RFID tag. Steps.
Proposes by Avoine’s and Yeo’s.
3
Mobile RFID protection
Multilateral security approaches in mobile RFID
using:
1.
2.
3.
3.1
Crypto Algorithm
Discovery service gateway system
Policy-based RFID user privacy protection
Crypto Algorithm
There is a crypto library for efficient processing of the
crypto algorithms and security protocols in mobile
RFID. It provides security mechanism to the mobile
RFID reader and targets the mobile RFID middleware
based on the WIPI platform at a reasonable cost and
short period of time. In WIPI platform RFID crypto
library enables the mobile RFID service provider,
wireless content provider and information security
industry support.
Crypto logical procedures are used to protect against
active and passive attacks to achieve the protection. The
transmitted data can be encrypted before transmission
so that potential attacker can’t hacker the content of
message. In mobile RFID systems are used for a long
time only symmetric procedures.
3.2
Discovery service gateway system
A secure service portal for various mobile RFID
application services is SMAP (the secure mobile RFID
application portal). A service provider using SMAP
can easily guaranteed security and privacy protection for
several mobile RFID applications. This portal allows to
find out offline product information on an EPC, online
additional
service information, information on
authentication for product families or product related to
this EPC etc. This gateway system manages the
locations and interface of servers and services as
registered from the applicable product and service
providers for product information and contents
corresponding to each EPC. It manages too the mobile
OIS system in a mobile RFID security application
service network and supports internal functions
comprising each element service system. The gateway
system seeks appropriate services for capacity provide
information transmitting between RFID tag and any
device equipped with applicable EPC or contents. A safe
server-based system is built by using Web service
security technology as a standard to expand RFID data
security functions.
3.3
Policy-based
protection
RFID
user
privacy
The privacy problem will be very serious if the
RFID reader is contained in handheld device and many
application services are based on B2C model. The RPS
system provides for users privacy protection services
under mobile RFID environment. In connection
between RFID user and RFID tagged product RPS
enables the owner to control the backend information
connected to the tag as product information, distribution
info, owner’s personal information etc.
The secure privacy protection mechanism is often
focused on the tag/reader authentication protocol.
Owner’s privacy profile-based protection service seems
to be quite reliable. There are three service systems
using profile-based systems (See Figure 3.).
1.
2.
3.
RPS system
Service-side system
User-side system
RPS system
RPS system creates a privacy profile for owner’s
privacy policy, provides the privacy profile to the
service-side system and manages the event logs from
service-side or RPS system for auditing.
Service-side system
This system provides information related to the ID code
of RFID tag and provides an access function by
owner-defined privacy profile.
User-side system
The system has a wireless (or wired) network access
function and an RFID reader function. Via this system
the tag owner accesses the service-side and RPS system.
In order to satisfy the privacy protection requirements of
mobile RFID service users the profile-based privacy
protection service incorporates the functions as access
control, registration, privacy profile management,
privacy enhanced log management, obligation
notification and tag data refreshment.
Conclusion of mobility RFID tag investigations
The mobility of RFID reader and it’s service model will
give rise to additional security treats. The killing alone
and recoding are not enough and new mechanism are
needed for building privacy-preserving RFID
architectures. There are many supposes and suggestions
for better solutions.
This source gives only just that kind of ideas.
Nearly all visibility events detected on the research of
RFID made by College of Engineering. The US
National Science (See Figure 1.).
This result verifies the integrity of data-collection
procedure because high precision depends on correct
ground truth input.
Cost and power requirements make difficult to
incorporate strong security to tags.
Many technics propose lightweight authentication and
encryption but they often have high cost and required
area are impossible to utilize and archieve.
To strenghten security of RFID tags are designed a
passive active hybrid RFID tag (PART). To it has been
employed security and multiple levels during the RFID
transaction. These levels are applied in different layers in
the communication scheme similar to the layers as in
OSI (Open System Interconnection) Model. This
system provides layers for security in the final RFID
system with:
1. passive activation layer (burst switch)
2. the active communication encoding (physical
layer)
3. the use of encrypted data in communication
primitives (specified with the RFID design
automation) and
4. physical security protection.
For example, the reader generates pulses with lenght of
2, 12, 3, and 9 time units. The tag must detect a unique
code from the burst and so as activate the remainder of
the tag. (See Figure 2.) The SW-based system is
implemented in a PIC microprocessor and HW-based
system is implemented in ASIC or SoC chips. The
strength of encoding is related to two components: the
number of bursts in the sequence n and a unique number
of different burst length detectable by the receiver b.
The clock speeds of the circuit depends on the detection
precision of the burst. HW with Spartan 3 FPGA and
connection between a generator and detector. Deviation
was 100 kHz first ~1 µs and it dropped by considering
four pulses 0 % for 0,3 µs. Clock speed should be below
1 MHz and resolution
of the transceiver at least an order of magnitude (100
kHz) lower.
100 kHz clock speed is closer to match the capability of
transceiver requires 300 x less power than PIC on
processing. At such lower clock speeds the clock-gated
circuit provides little power advantage. There were used
Lynx transmitter and receiver too.
Figure 1. A single visibility event between two
tags, except of the first, which is the average of A’s
visibility events with their objects. Average precision
and recall for visibility events.
PEEX in Figure 1 means Probabilistic Event Extractor
for RFID Data research prototype.
Security in RFID standards
Still there are ISO-, ANSI-, etc.-standards and security
technics the state security of RFID-systems have several
key problems. Security standards are fairly minimal as
exist at all. Finally they left designers integrate their own
security methods they like.
RFID communication Model
RFID communication model is modeled in three distinct
layer:
- lowest/physical layer, involving the RF coupling
element
- thee data link layer/communication layer,
including the collision-avoidance protocols
- the protocol/application layer, wherein higher-level
mechanism such as authentication protocols can be
implemented.
At every layer of this model there are issues that affect
RFID security. By Faraday cage or larger capacitors can
eliminate such physical-observation attacks as power
manipulation in the RFID internal circuits. For example,
US e-passports incorporate F-shielding pages. At
communication layer it is possible to achieve security
violations and in particular location privacy exploits by
some mechanism as singulation protocol in the EPC
Gen2 standard (EPCglobal 2005) (See Figure 4.). By
keeping the singulation protocol in open state it is
possible for a reader continuously track a tag that
remains within reach, even if the tag were to implement
privacy-preserving protocols at higher layers. Protocol
layer RFID security at a passive RFID tag is strongly
restricted in their maximum circuit area by the amount
of power provided by electromagnetic energy captured
by the antenna. This restriction provides an envelope of
few thousand gates of circuitry available for
implementation of all protocol layer services. Passive
RFIDs are not vulnerable battery-depletion denial of
service attacks that affect other constrained settings such
as sensor networks. Semi-passive tags represent an
unique security domain, but not in minimizing
communication and computation cost. They have not
strong restrictions on circuit as battery can power
comparatively larger circuits.
Resources available for RFID security mechanism
For anonymity and availability in RFID authentication
protocols are some tools which have capabilities for
security measures, considering the requirements of
passive tags – NAND gate-equivalents (GE) is a crucial
measure and provide a few thousand GEs for security in
the higher end tags. Only 1/3 of the circuitry can be used
for security purpose. Per-cycle maximum power and
per-cycle average power required for RFID circuits are
restricted for measurements.
Security mechanism are:
- transient storage
- EPROM, EEPROM
- time-out mechanism
- asymmetric cryptographic primitives
- symmetric cryptographic primitives
Security controls for most RFID implementations
Security controls can be:
- Management: Organization update the policies
- Operational: Ensure the physical security
- Technical: Uses technology to monitor and restrict
the actions can be performed within the system.
Operational security control is physical access control.
Management security control provide authentication
and integrity services, protect RF communication
between reader and tag and protect the data stored on
tags by security policies for usage policy. The most
common security technics are using passwords,
keyed-hash message authentication codes (HMAC) and
digital signature (SEED, KCDSA, ARIA etc.).
Low cost RFID tag security systems
For secure functions in RFID low cost tags are used
complexity classes for deviding tags by complexity
theory (See Figure 5.). C-class (Circuit with polynomial
order of the number of logic gates) in mobile phones is
using RP-class (random polynomial) of algorithms.
These tasks include processing of data, transmitting data
and other normal procedures. By complexity theory all
RP-class of algorithms can be implemented on C-class
of circuits. In UWB modulation using in time slot
hidden system is used a pulse position modulator
(PPM). A CS PRNG (Cryptographically Secure Pseudo
Random Number Generator) determines the time
hopping codes. There are too using physically
unclonable functions, which are using HW-based
random function (PUF) integrated to low cost RFID tag
IC. Minimalist cryptography usin in RFID tags are
sometimes used. By the theory the tag may carry
multiple random-looking names. Each occasion is a tag
quered, the tag releases a different name. Only an
authorized verifier can tell when different names belong
to the same tag.
There are noisy tag protocols and one time codes to
secure the traffic between RFID tags and readers. In one
time codes system is used a simple operator as XOR
function based on use of shared secret encrypted with
random binary sequences string between a tag and a
database with one or more features. It provides only
mutual authentication between RFID readers and tags.
The backend database and the reader are treated as a
single entity, which communicates with a tag via the
RFID air-interface.
As far as future directions, A5 algorithm is used in
GSM mobile communication standard is using in
Hidden Field Equations (HFE) system. This method is
used in a direct application to the analysis of bit oriented
stream generator based on shift register and has ability
to represent the encryption HW-using polynomial
equations.
4
Summary
Privacy and security level of RFID are very important
issues. This source shows only supposes by words “if”
and “example” as far as this is. The good results of
researching are still quite true and in use. Then
comparing the precision and recall events of the raw
data stream against a third sets of tag reads, which is
made by PEEX. With the several algorithms and tools
could ameliorate antenna’s reading problems in pocket
or duffel bag by cleaning the data.
EPC tags are low-cost and they have only basic
functions.
RFID tags usually communicate using some form of
Manchester encoding which combines data
communication with a synchronization clock. Each bit
is contained with a window in the signal, which contains
a transition in the middle (“1” -and “0”- states in the
queue).
Level of security and privacy will depend on the used
application. There are multiple SW- and HW-based
systems in use and suggested for use to provide for
better these systems reliability. Biomedical security
solutions use layer2 privacy control, proxy using MAC
protocols,
encryption,
centralized
authority,
challenge-response authentication protocols, update
algorithm for secret keys etc. methods. The time and
paper lef no possibilities to concentrate for these systems.
Designers are only the people who know and have to
know what technic use.
The sensors are too like same devices as RFID tags.
They have same kind of problems. The user of RFID
tag cannot see RF-emissions, they only form their
impressions based on physical cues and industry
explanations. It will allow the physical and logical
access performed by policy decision and preliminary
examinations.
Example of use biomedical security solutions for
animals and human beings. The implantable
micromodule and blood glucose RFID device.
The other example solution is supply-chain in logistics
are used years.
References
[1] S. Ahson, M. Ilyas. RFID handbook Applications,
Technology, Security, and Privacy. 2008 crcpress,
27-28: 485-521, 611-620, 17. April 2009.
[2] College of Engineering. The US National Science
Foundation funded this research under its
ComputingResearch Initiative grants 0454394,
IIS-0428168, and IIS-0415193.. An, Pervasive
computer , Authorized licensed use limited to:
Oulun Seudun Ammattikorkeakoulu. Downloaded
on March 30, 2009 at 08:48 from IEEE Xplore.
Restrictions apply..
[3] rfid_surway_28_09_05.
Figure 2. For example, reader generates pulses
Figure 3. Service system comprising the profile-based privacy protection service
Figure 4. Example of tag singulation
Figure 5. Complexity classes of low cost RFID tags security