RFID Security and Privacy. Simson L. Garfinkel, Ph.D. Center for Research on Computation and Society Harvard University October 5, 2005

Size: px
Start display at page:

Download "RFID Security and Privacy. Simson L. Garfinkel, Ph.D. Center for Research on Computation and Society Harvard University October 5, 2005"

Transcription

1 RFID Security and Privacy Simson L. Garfinkel, Ph.D. Center for Research on Computation and Society Harvard University October 5,

2 RFID: The Industry s Vision. Distribution Center Consumer Docks Store Factory Docks. 2

3 RFID: Privacy and Security Concerns. Consumer Privacy Invasion Distribution Center Consumer Docks Store Factory Docks Chip IDs stolen and resold Surveillance by Competitors Cloned Chips Diverted. 3

4 One vision of the privacy problem The consumer privacy problem Here s Mr. Jones in 2020 Replacement hip medical part # Wig model #4456 (cheap polyester) Das Kapital and Communistparty handbook 30 items of lingerie 1500 Euros in wallet Serial numbers: , Source: Ari Juels, RSA Security 4

5 Another vision of the privacy problem.. 5

6 Another vision of the privacy problem.. Hidden tags transmit to hidden receivers in the house. 6

7 The problem is visibility and transparency. Barcodes must be visible to work. Radio waves are invisible and penetrate; RFID tags can be hidden This is both a privacy and security problem. Security Threats Jamming Replay attacks Covert reading Privacy Threats Covert reading Tracking over time Individual profiling 7

8 The threat realized: a prox-card cloner. Source: Jonathan Westhues 8

9 Proposed industry solutions At the tag: Kill Encryption At the ONS: EPC Trust Services EPC-IS provide fine-grained access control. How does one provide fine-grained control with 10 million players? 9

10 First problem with the industry solution: Managing the keys. K 10 K 4 K 3 K 6 K 7 K 5 K 1 K2 K 13 K 9 K 8 K 11 K 12 If all of the keys are different, how are they managed? 10

11 First problem with the industry solution: Managing the keys. K 10 1 K 41 K 31 K 61 K 71 K 51 K 1 K2 K1 K 13 1 K 91 K 81 K 11 1 K 12 1 If all of the keys are the same, how is it protected? 11

12 Kill is a simple solution that works today, but not tomorrow. Post-consumer use of RFID? (Refridgerators, Closets, Washing Machines) Recycling? Returns? How do you verify a kill? What about blind people? Kill unreasonably limits RFID. 12

13 There are several proposals from outside the industry: Sure Kill Foil-lined bags The Blocker Tag Randomization Switches RFID Bill of Rights Abstinence 13

14 Sure Kill This is kill a Biblical Sense. Sanjay Sarma 14

15 Foil-lined bags These are better known as Booster Bags. Checkpoint s MetalPoint detects them. 15

16 The Blocker Tag is a single that that looks like billions: Consumers need to get and trust the tag. Blockers could be made illegal. (Attacks on anti-theft systems.) Juels proposes polite blocking as a compromise. 16

17 A switch could be used to turn the RFID chip on and off RFID Inactive RFID Active 17

18 Randomization Pseudorandom rotation: Random Assignment If the ONS is going to be tightly controlled, randomization poses no additional overhead. 18

19 Randomization breaks the traditional ONS model 96 bits 1 Manufacturer Item SN Instead, you get this: 96 bits 2 Large Random Number 19

20 Policy-based Solutions: The RFID Bill of Rights MIT put an RFID chip in my ID card! 20

21 I have many questions about my chip... Does it have my name on it? Who has access to the database? How far can my card be read? What s the security? What about cash purchases? Where are the readers? What s done with all of this data? 21

22 The RFID Bill of Rights addresses the most obvious RFID abuses Users of RFID systems and purchasers of products containing RFID tags have: 1. The right to know if a product contains an RFID tag. 2. The right to have embedded RFID tags removed, deactivated, or destroyed when a product is purchased. 3. The right to first class RFID alternatives: consumers should not lose other rights (e.g. the right to return a product or to travel on a particular road) if they decide to opt-out of RIFD or exercise an RFID tag s kill feature. 4. The right to know what information is stored inside their RFID tags. If this information is incorrect, there must be a means to correct or amend it. 5. The right to know when, where and why an RFID tag is being read. 22

23 EPCglobal s Guidelines fall short. 1. Consumer Notice of tags, not readers. 2. Consumer Choice consumers are allowed to discard or remove or in the future disable the tags. 3. Consumer Education consumers will have the opportunity easily to obtain accurate information about EPC and its applications. 4. Record Use, Retention and Security Companies will follow existing privacy legislation for their databases. These guidelines: Assume that no information is stored in the tags. No opt-out. Little transparency, no accountability policy/public policy guidelines.html 23

24 Abstinence If we don t solve these security and privacy issues, RFID may be rejected by business and consumers. That would be a pity. Questions? 24

50 ways to break RFID privacy

50 ways to break RFID privacy 50 ways to break RFID privacy Ton van Deursen 1 University of Luxembourg ton.vandeursen@uni.lu 1 Financial support received from the Fonds National de la Recherche (Luxembourg). RFID privacy 1 / 40 Outline

More information

Security Issues in RFID systems. By Nikhil Nemade Krishna C Konda

Security Issues in RFID systems. By Nikhil Nemade Krishna C Konda Security Issues in RFID systems By Nikhil Nemade Krishna C Konda Agenda Introduction to an RFID System Possible Application Areas Need for Security Vulnerabilities of an RFID system Security Measures currently

More information

RF ID Security and Privacy

RF ID Security and Privacy RF ID Security and Privacy EJ Jung 11/15/10 What is RFID?! Radio-Frequency Identification Tag Antenna Chip How Does RFID Work? 02.3DFEX4.78AF51 EasyToll card #816 Radio signal (contactless) Range: from

More information

An Overview of RFID Security and Privacy threats

An Overview of RFID Security and Privacy threats An Overview of RFID Security and Privacy threats Maxim Kharlamov mkha130@ec.auckland.ac.nz The University of Auckland October 2007 Abstract Radio Frequency Identification (RFID) technology is quickly deploying

More information

Microsoft RFID Platform Data Management. Christopher H. Short Microsoft Technology Center Director

Microsoft RFID Platform Data Management. Christopher H. Short Microsoft Technology Center Director Microsoft RFID Platform Data Management Christopher H. Short Microsoft Technology Center Director RFID Market Evolution Microsoft RFID Industry Focus Manufacturing I: Material Processing Suppliers Microsoft

More information

RFID Security: Threats, solutions and open challenges

RFID Security: Threats, solutions and open challenges RFID Security: Threats, solutions and open challenges Bruno Crispo Vrije Universiteit Amsterdam crispo@cs.vu.nl 1 Table of Content RFID technology and applications Security Issues Privacy Proposed (partial)

More information

An Overview of Approaches to Privacy Protection in RFID

An Overview of Approaches to Privacy Protection in RFID An Overview of Approaches to Privacy Protection in RFID Jimmy Kjällman Helsinki University of Technology Jimmy.Kjallman@tkk.fi Abstract Radio Frequency Identification (RFID) is a common term for technologies

More information

Strengthen RFID Tags Security Using New Data Structure

Strengthen RFID Tags Security Using New Data Structure International Journal of Control and Automation 51 Strengthen RFID Tags Security Using New Data Structure Yan Liang and Chunming Rong Department of Electrical Engineering and Computer Science, University

More information

RFID SECURITY. February 2008. The Government of the Hong Kong Special Administrative Region

RFID SECURITY. February 2008. The Government of the Hong Kong Special Administrative Region RFID SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the

More information

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions July, 2006 Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked

More information

Security Issues in RFID. Kai Wang Research Institute of Information Technology, Tsinghua University, Beijing, China wang-kai09@mails.tsinghua.edu.

Security Issues in RFID. Kai Wang Research Institute of Information Technology, Tsinghua University, Beijing, China wang-kai09@mails.tsinghua.edu. Security Issues in RFID Kai Wang Research Institute of Information Technology, Tsinghua University, Beijing, China wang-kai09@mails.tsinghua.edu.cn Abstract RFID (Radio Frequency IDentification) are one

More information

RFID Security. April 10, 2006. Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark

RFID Security. April 10, 2006. Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark April 10, 2006 Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark 1 Outline What is RFID RFID usage Security threats Threat examples Protection Schemes for

More information

A Study on the Security of RFID with Enhancing Privacy Protection

A Study on the Security of RFID with Enhancing Privacy Protection A Study on the Security of RFID with Enhancing Privacy Protection *Henry Ker-Chang Chang, *Li-Chih Yen and *Wen-Chi Huang *Professor and *Graduate Students Graduate Institute of Information Management

More information

Tackling Security and Privacy Issues in Radio Frequency Identification Devices

Tackling Security and Privacy Issues in Radio Frequency Identification Devices Tackling Security and Privacy Issues in Radio Frequency Identification Devices Dirk Henrici and Paul Müller University of Kaiserslautern, Department of Computer Science, PO Box 3049 67653 Kaiserslautern,

More information

Various Attacks and their Countermeasure on all Layers of RFID System

Various Attacks and their Countermeasure on all Layers of RFID System Various Attacks and their Countermeasure on all Layers of RFID System Gursewak Singh, Rajveer Kaur, Himanshu Sharma Abstract RFID (radio frequency identification) system is one of the most widely used

More information

Identification and Tracking of Individuals and Social Networks using the Electronic Product Code on RFID Tags

Identification and Tracking of Individuals and Social Networks using the Electronic Product Code on RFID Tags Identification and Tracking of Individuals and Social Networks using the Electronic Product Code on RFID Tags Markus Hansen Sebastian Meissner Independent Centre for Privacy Protection Schleswig-Holstein

More information

Allwin Initiative for Corporate Citizenship Dartmouth Center for the Advancement of Learning Dickey Center Ethics Institute Institute for Security

Allwin Initiative for Corporate Citizenship Dartmouth Center for the Advancement of Learning Dickey Center Ethics Institute Institute for Security Allwin Initiative for Corporate Citizenship Dartmouth Center for the Advancement of Learning Dickey Center Ethics Institute Institute for Security Technology Studies Leslie Center Rockefeller Center Tucker

More information

Privacy Guidelines for RFID Information Systems (RFID Privacy Guidelines)

Privacy Guidelines for RFID Information Systems (RFID Privacy Guidelines) Privacy Guidelines for RFID Information Systems (RFID Privacy Guidelines) Information and Privacy Ann Cavoukian, Ph.D. Commissioner June 2006 Commissioner Ann Cavoukian gratefully acknowledges the work

More information

THE SECURITY AND PRIVACY ISSUES OF RFID SYSTEM

THE SECURITY AND PRIVACY ISSUES OF RFID SYSTEM THE SECURITY AND PRIVACY ISSUES OF RFID SYSTEM Iuon Chang Lin Department of Management Information Systems, National Chung Hsing University, Taiwan, Department of Photonics and Communication Engineering,

More information

Radio Frequency Identification (RFID) Presenter: Dusan Stevanovic April 3, 2007

Radio Frequency Identification (RFID) Presenter: Dusan Stevanovic April 3, 2007 Radio Frequency Identification (RFID) Presenter: Dusan Stevanovic April 3, 2007 Introduction RFID are systems that transmit identity (in the form of a unique serial number) of an object or person wirelessly,

More information

Business Security and Privacy Risk of RFID

Business Security and Privacy Risk of RFID www.nr.no Business Security and Privacy Risk of RFID Are you ready for the Internet of Things? May 10, 2010 Oslo Dr. Lothar Fritsch Lothar Fritsch Research Scientist in IT Security & Privacy in Norsk Regnesentral

More information

Small Tech, Big Issues

Small Tech, Big Issues Small Tech, Big Issues How It Works Advantages of RFID History of the RFID Proposed Uses Identification Medical Records Immigration Security Authentication Ethical Issues Purchase tracking Lack of encryption

More information

RFID Survives Sterilization to Deliver Medical Device Tracking Solution

RFID Survives Sterilization to Deliver Medical Device Tracking Solution RFID Survives Sterilization to Deliver Medical Device Tracking Solution and UDI Compliance Introduction Healthcare providers are increasingly turning to technology solutions to help improve patient outcomes,

More information

Enabling the secure use of RFID

Enabling the secure use of RFID Enabling the secure use of RFID BLACK ME/FOTOLIA.com Enhancing security of radio frequency identification to connect safely to the Internet of Things UHF radio frequency identification (RFID) promises

More information

RFID Security and Privacy: Threats and Countermeasures

RFID Security and Privacy: Threats and Countermeasures RFID Security and Privacy: Threats and Countermeasures Marco Spruit Wouter Wester Technical Report UU-CS- 2013-001 January 2013 Department of Information and Computing Sciences Utrecht University, Utrecht,

More information

Best Practices for the Use of RF-Enabled Technology in Identity Management. January 2007. Developed by: Smart Card Alliance Identity Council

Best Practices for the Use of RF-Enabled Technology in Identity Management. January 2007. Developed by: Smart Card Alliance Identity Council Best Practices for the Use of RF-Enabled Technology in Identity Management January 2007 Developed by: Smart Card Alliance Identity Council Best Practices for the Use of RF-Enabled Technology in Identity

More information

Back-end Server Reader Tag

Back-end Server Reader Tag A Privacy-preserving Lightweight Authentication Protocol for Low-Cost RFID Tags Shucheng Yu, Kui Ren, and Wenjing Lou Department of ECE, Worcester Polytechnic Institute, MA 01609 {yscheng, wjlou}@wpi.edu

More information

Cloud RFID UHF Gen 2

Cloud RFID UHF Gen 2 Cloud RFID UHF Gen 2 Supply chain visibility In store stock management and security. - Stock take by RFID - Stock search - Reorder report, - Dynamic reorder, Security. Introduction The Adilam RFID system

More information

RFID Security and Privacy: A Research Survey. Vincent Naessens Studiedag Rabbit project

RFID Security and Privacy: A Research Survey. Vincent Naessens Studiedag Rabbit project RFID Security and Privacy: A Research Survey Vincent Naessens Studiedag Rabbit project RFID Security and Privacy: A Research Survey 1. Introduction 2. Security and privacy problems 3. Basic RFID tags 4.

More information

RFID Payment Card Vulnerabilities Technical Report

RFID Payment Card Vulnerabilities Technical Report RFID Payment Card Vulnerabilities Technical Report Thomas S. Heydt-Benjamin 1, Daniel V. Bailey 2, Kevin Fu 1, Ari Juels 2, and Tom O'Hare 3 Abstract 1: University of Massachusetts at Amherst {tshb, kevinfu}@cs.umass.edu

More information

Data Protection Technical Guidance Radio Frequency Identification

Data Protection Technical Guidance Radio Frequency Identification Data Protection Technical Guidance Radio Frequency Identification This technical guidance note is aimed at those using or contemplating using RFID technology. It gives a brief summary of the technology

More information

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards January 2007 Developed by: Smart Card Alliance Identity Council RF-Enabled Applications and Technology:

More information

RFID Basics HEGRO Belgium nv - Assesteenweg 25-29 - 1740 Ternat Tel.: +32 (0)2/582.31.97 Fax : +32 (0)2/582.11.24 email : info@hegrobelgium.

RFID Basics HEGRO Belgium nv - Assesteenweg 25-29 - 1740 Ternat Tel.: +32 (0)2/582.31.97 Fax : +32 (0)2/582.11.24 email : info@hegrobelgium. RFID Basics RFID Basics Introduction Radio Frequency Identification (RFID) technology has been attracting considerable attention with the expectation of improved supply chain visibility for both suppliers

More information

Asset Tracking & Radio Frequency Identification White Paper

Asset Tracking & Radio Frequency Identification White Paper 2012 Asset Tracking & Radio Frequency Identification White Paper National Office Systems, Inc. 7621 Rickenbacker Drive, Suite 400 Gaithersburg, MD 20879 T 301.840.6264 F 301.840.0243 www.nosinc.com info@nosinc.com

More information

Radio Frequency Identification (RFID)

Radio Frequency Identification (RFID) Radio Frequency Identification (RFID) Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu These slides are available on-line at: http://www.cse.wustl.edu/~jain/cse574-06/

More information

Security and Privacy in Intermodal Baggage Management With RFID

Security and Privacy in Intermodal Baggage Management With RFID Security and Privacy in Intermodal Baggage Management With RFID Ricardo Carapeto Instituto Superior Técnico Universidade Técnica de Lisboa rcarapeto@gmail.com ABSTRACT In order to lower the costs associated

More information

RFID Basics Updated Including Gen 2

RFID Basics Updated Including Gen 2 An Avery Dennison White Paper Printer Systems Division 170 Monarch Lane Miamisburg, OH 45342 800.543.6650 www.monarch.com RFID Basics Updated Including Gen 2 May 2006 Contents Introduction 3 What is RFID?

More information

RFID within the Retail Environment

RFID within the Retail Environment RFID within the Retail Environment Kristina Huber, Lisa Houck, Igor Vinogradov RFID in Retail: The Ethical Dilemma The ethical dilemma surrounding RFID technology in the retail space is the threat to consumer

More information

PAP: A Privacy and Authentication Protocol for Passive RFID Tags

PAP: A Privacy and Authentication Protocol for Passive RFID Tags PAP: A Privacy and Authentication Protocol for Passive RFID s Alex X. Liu LeRoy A. Bailey Department of Computer Science and Engineering Michigan State University East Lansing, MI 48824-1266, U.S.A. {alexliu,

More information

Privacy and Security in library RFID Issues, Practices and Architecture

Privacy and Security in library RFID Issues, Practices and Architecture Privacy and Security in library RFID Issues, Practices and Architecture David Molnar and David Wagner University of California, Berkeley CCS '04 October 2004 Overview Motivation RFID Background Library

More information

Mobile RFID Applications and Security Challenges

Mobile RFID Applications and Security Challenges Mobile RFID Applications and Security Challenges Konidala M. Divyan, Kwangjo Kim Information and Communications University (ICU), International Research Center for Information Security (IRIS) R504, 103-6,

More information

Security and Privacy of RFID Systems. Claude Castelluccia

Security and Privacy of RFID Systems. Claude Castelluccia Security and Privacy of RFID Systems Claude Castelluccia What is RFID? Radio-Frequency Identification Tag Antenna Chip Holds a small amount of unique data a serial number or other unique attribute of the

More information

A Research on Issues Related to RFID Security and Privacy

A Research on Issues Related to RFID Security and Privacy A Research on Issues Related to RFID Security and Privacy Jongki Kim1, Chao Yang2, Jinhwan Jeon3 1 Division of Business Administration, College of Business, Pusan National University 30, GeumJeong-Gu,

More information

A RESEARCH SURVEY: RFID SECURITY & PRIVACY ISSUE

A RESEARCH SURVEY: RFID SECURITY & PRIVACY ISSUE A RESEARCH SURVEY: RFID SECURITY & PRIVACY ISSUE Monika Sharma 1 and Dr. P. C. Agrawal 2 1 Research Scholar Mewar University Department of Computer Science & System Studies, Chittorgarh, Raj., INDIA monika_05@rediffmail.com

More information

The Computer in the Sciences: RFID Technology. California State University, Stanislaus. Student s Name. Professor Dan Bratten CS4000-5

The Computer in the Sciences: RFID Technology. California State University, Stanislaus. Student s Name. Professor Dan Bratten CS4000-5 The Computer in the Sciences: RFID Technology California State University, Stanislaus Student s Name Professor Dan Bratten CS4000-5 March 30, 2006 Last Name 2 The Computer in the Sciences: RFID Technology

More information

Fighting product clones through digital signatures

Fighting product clones through digital signatures Paul Curtis, Katrin Berkenkopf Embedded Experts Team, SEGGER Microcontroller Fighting product clones through digital signatures Product piracy and forgery are growing problems that not only decrease turnover

More information

Mobile Devices and Systems Lesson 04 Smart Systems Labels, RFID and tokens

Mobile Devices and Systems Lesson 04 Smart Systems Labels, RFID and tokens Mobile Devices and Systems Lesson 04 Smart Systems Labels, RFID and tokens Oxford University Press 2007. All rights reserved. 1 Smart systems Smart Labels Smart labels RFID Smart tokens Oxford University

More information

Karsten Nohl University of Virginia. Henryk Plötz HU Berlin

Karsten Nohl University of Virginia. Henryk Plötz HU Berlin Karsten Nohl University of Virginia Henryk Plötz HU Berlin Radio Frequency IDentification Tiny computer chips Passively Powered Karsten Nohl, Henryk Plötz - RFID Security 2 Constant monitoring is already

More information

Feature. Security and Privacy Trade-offs in RFID Use. Operational Zone RFID Tag. RFID Reader

Feature. Security and Privacy Trade-offs in RFID Use. Operational Zone RFID Tag. RFID Reader Feature Security and Privacy Trade-offs in RFID Use S. Srinivasan is a professor of computer information systems at the University of Louisville in Kentucky, USA. He can be reached at srini@louisville.edu.

More information

Implementing high-level Counterfeit Security using RFID and PKI

Implementing high-level Counterfeit Security using RFID and PKI Implementing high-level using RFID and PKI Drugs as example products RFID SysTech 2007 June, 13 Andreas Wallstabe, Hartmut Pohl Technologies RFID, PKI Anti-ing Implementation, Review und Suspected damage:

More information

Privacy Threats in RFID Group Proof Schemes

Privacy Threats in RFID Group Proof Schemes Privacy Threats in RFID Group Proof Schemes HyoungMin Ham, JooSeok Song Abstract RFID tag is a small and inexpensive microchip which is capable of transmitting unique identifier through wireless network

More information

RFID Field Guide. Deploying Radio Frequency Identification Systems. Manish Bhuptani Shahram Moradpour. Sun Microsystems Press A Prentice Hall Title

RFID Field Guide. Deploying Radio Frequency Identification Systems. Manish Bhuptani Shahram Moradpour. Sun Microsystems Press A Prentice Hall Title RFID Field Guide Deploying Radio Frequency Identification Systems Manish Bhuptani Shahram Moradpour Sun Microsystems Press A Prentice Hall Title PRENTICE HALL PTR Prentice Hall Professional Technical Reference

More information

Privacy Implications of RFID Tags by Paul Stamatiou. CS4001, Georgia Institute of Technology November 8 th, 2007

Privacy Implications of RFID Tags by Paul Stamatiou. CS4001, Georgia Institute of Technology November 8 th, 2007 Privacy Implications of RFID Tags by Paul Stamatiou CS4001, Georgia Institute of Technology November 8 th, 2007 Radio Frequency Identification (RFID) is a maturing wireless technology with widespread uses,

More information

EU Policy on RFID & Privacy

EU Policy on RFID & Privacy EU Policy on RFID & Privacy Developments 2007, Outlook 2008 Andreas Krisch http://www.edri.org/ http://www.unwatched.org/ 24C3, 30.12.2007 European Digital Rights (EDRi) Umbrella

More information

A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags

A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags Sarah Abughazalah, Konstantinos Markantonakis, and Keith Mayes Smart Card Centre-Information Security Group (SCC-ISG) Royal Holloway,

More information

The RFID agenda of the European Commission. Florent Frederix European Commission Directorate General Information Society and Media

The RFID agenda of the European Commission. Florent Frederix European Commission Directorate General Information Society and Media The RFID agenda of the European Commission RFID i Danmark 2011 May 3, 2011, IT-University in Copenhagen Florent Frederix European Commission Directorate General Information Society and Media This document

More information

ATTACHMENT E: RFID SECURITY AND PRIVACY WHITE PAPER

ATTACHMENT E: RFID SECURITY AND PRIVACY WHITE PAPER ATTACHMENT E: RFID SECURITY AND PRIVACY WHITE PAPER The attached document is a white paper prepared to survey the issues surrounding RFID and security and privacy. USVISIT-APMO-CONTHSSCHQ04D0096T006-RPT050010-F

More information

entigral whitepaper Understanding RFID and Barcode Differences www.entigral.com 877.822.0200

entigral whitepaper Understanding RFID and Barcode Differences www.entigral.com 877.822.0200 entigral whitepaper Understanding RFID and Barcode Differences www.entigral.com 877.822.0200 Understanding RFID and Barcode Differences Don t misuse RFID with applications built for Barcodes Radio Frequency

More information

Strengths and Weaknesses of Access Control Systems. Eric Schmiedl and Mike Spindel

Strengths and Weaknesses of Access Control Systems. Eric Schmiedl and Mike Spindel Strengths and Weaknesses of Access Control Systems Eric Schmiedl and Mike Spindel Choosing a System Error rate Environment Cost Physical Vulnerability Additional Constraints Error Rate False Reject Rate

More information

Lesson Title: History of RFID

Lesson Title: History of RFID Page 1 of 6 Lesson Title: History of RFID 6/22/09 Copyright 2008, 2009 by Dale R. Thompson {d.r.thompson@ieee.org} Rationale Why is this lesson important? Why does the student need this lesson? How does

More information

Lightweight Cryptography. Lappeenranta University of Technology

Lightweight Cryptography. Lappeenranta University of Technology Lightweight Cryptography Dr Pekka Jäppinen Lappeenranta University of Technology Outline Background What is lightweight Metrics Chip area Performance Implementation tradeoffs Current situation Conclusions

More information

RFID and GSM Based ATM Money Transfer Prototype System

RFID and GSM Based ATM Money Transfer Prototype System RFID and GSM Based ATM Money Transfer Prototype System G Vinay Kumar 1, R.Raju 2, Santhosh Kumar 3 PG Student, Embedded System, Dept. of ECE, MLRS, India 1 Project Coordinator, Embedded System, Dept. of

More information

Security and Privacy for Internet of Things Application

Security and Privacy for Internet of Things Application Security and Privacy for Internet of Things Application Qi fang, School of Information Science and Engineering, Central South University, Changsha, China 8-1 Copyright Disclamation This course material

More information

Privacy(and(Data( Protection( (Part(II(

Privacy(and(Data( Protection( (Part(II( Privacy(Recap( Privacy(and(Data( Protection( (Part(II( KTH, Media Law Pam Storr O Legal requirements on data controller. Must consider: O why store personal data? O what personal data? O is the data correct

More information

The Study on RFID Security Method for Entrance Guard System

The Study on RFID Security Method for Entrance Guard System The Study on RFID Security Method for Entrance Guard System Y.C. Hung 1, C.W. Tsai 2, C.H. Hong 3 1 Andrew@mail.ncyu.edu.tw 2 s0930316@mail.ncyu.edu.tw 3 chhong@csie.ncyu.edu.tw Abstract: The RFID technology

More information

On the Security of RFID

On the Security of RFID On the Security of RFID Hung-Min Sun Information Security Lab. Department of Computer Science National Tsing Hua University slide 1 What is RFID? Radio-Frequency Identification Tag Reference http://glossary.ippaper.com

More information

RSA SECURE WEB ACCESS FOR HEALTHCARE ENVIRONMENTS

RSA SECURE WEB ACCESS FOR HEALTHCARE ENVIRONMENTS RSA SECURE WEB ACCESS FOR HEALTHCARE ENVIRONMENTS Security solutions for patient and provider access AT A GLANCE Healthcare organizations of all sizes are responding to the demands of patients, physicians,

More information

Threat Modeling in EPC-Based Information Sharing Networks

Threat Modeling in EPC-Based Information Sharing Networks 12 Threat Modeling in EPC-Based Information Sharing Networks Alexander Ilic, Trevor Burbridge, Andrea Soppera, Florian Michahelles, and Elgar Fleisch CONTENTS 12.1 Introduction... 256 12.2 Related Work...

More information

E-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption

E-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption Journal of Computer Science 6 (7): 723-727, 2010 ISSN 1549-3636 2010 Science Publications E-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption Najlaa A. Abuadhmah,

More information

RFID Design Principles

RFID Design Principles RFID Design Principles Harvey Lehpamer ARTECH HOUSE BOSTON LONDON artechhouse.com Contents Introduction 2 2.1 2.1.1 2.1.2 2.1. 2.1.4 2.2 2.2.1 2.2.2 2. 2..1 2..2 2.4 2.4.1 2.4.2 2.5 2.5.1 2.5.2 Comparison

More information

ANTI-COUNTERFEITING OF FASHION BRANDS USING RFID TECHNOLOGY Patrick C.L. Hui, Kirk H.M. Wong, and Allan C.K. Chan

ANTI-COUNTERFEITING OF FASHION BRANDS USING RFID TECHNOLOGY Patrick C.L. Hui, Kirk H.M. Wong, and Allan C.K. Chan ANTI-COUNTERFEITING OF FASHION BRANDS USING RFID TECHNOLOGY Patrick C.L. Hui, Kirk H.M. Wong, and Allan C.K. Chan ABSTRACT Anti-counterfeiting comes to the attention of fashion brand owners concerned as

More information

Tiny integrated circuits equipped with radio antennas

Tiny integrated circuits equipped with radio antennas RFID Privacy: An Overview of Problems and Proposed Solutions As organizations aggressively deploy Radio Frequency Identification systems, activists are increasingly concerned about RFID s potential to

More information

Data Storage in RFID Systems

Data Storage in RFID Systems 17 Data Storage in RFID Systems Dirk Henrici, Aneta Kabzeva, Tino Fleuren and Paul Müller University of Kaiserslautern Germany 1. Introduction One of the advantages of the RFID technology over the still

More information

RAIN RFID and the Internet of Things: Industry Snapshot and Security Needs. Matt Robshaw and Tyler Williamson Impinj Seattle, USA

RAIN RFID and the Internet of Things: Industry Snapshot and Security Needs. Matt Robshaw and Tyler Williamson Impinj Seattle, USA RAIN RFID and the Internet of Things: Industry Snapshot and Security Needs Matt Robshaw and Tyler Williamson Impinj Seattle, USA Overview RAIN RFID The product and standardization landscape Security, performance,

More information

The Future of Retail Customer Loyalty

The Future of Retail Customer Loyalty The Future of Retail Customer Loyalty RFID Enables Breakthrough Shopping Experiences Author Rachael McBrearty June 2011 Cisco Internet Business Solutions Group (IBSG) Cisco IBSG 2011 Cisco and/or its affiliates.

More information

Online Ticket Guide Expo Milano 2015 (update 13/05/2015)

Online Ticket Guide Expo Milano 2015 (update 13/05/2015) 1. TYPE OF TICKETS FOR SALE A. TIME PERIOD TYPE (duration) Online Ticket Guide Expo Milano 2015 (update 13/05/2015) 1 DAY Ticket valid for a full day, from Monday to Sunday, with admission from 10 am until

More information

RECOMMENDATIONS COMMISSION

RECOMMENDATIONS COMMISSION 16.5.2009 Official Journal of the European Union L 122/47 RECOMMENDATIONS COMMISSION COMMISSION RECOMMENDATION of 12 May 2009 on the implementation of privacy and data protection principles in applications

More information

3M Cogent, Inc. White Paper. Beyond. Wiegand: Access Control. in the 21st Century. a 3M Company

3M Cogent, Inc. White Paper. Beyond. Wiegand: Access Control. in the 21st Century. a 3M Company 3M Cogent, Inc. White Paper Beyond Wiegand: Access Control in the 21st Century a 3M Company Unprecedented security features & capabilities Why Wiegand? The Problem with Wiegand In 1970, John Wiegand invented

More information

Security Assessment of EPCglobal Architecture Framework

Security Assessment of EPCglobal Architecture Framework Security Assessment of EPCglobal Architecture Framework Divyan M. Konidala, Woan-Sik Kim, and Kwangjo Kim Auto-ID Labs White Paper WP-SWNET-017 Divyan M. Konidala PhD. Candidate, Information and Communications

More information

Radio Frequency Identification (RFID) An Overview

Radio Frequency Identification (RFID) An Overview Radio Frequency Identification (RFID) An Overview How RFID Is Changing the Business Environment Today Radio frequency identification (RFID) technology has been in use for several decades to track and identify

More information

How Secure are Contactless Payment Systems?

How Secure are Contactless Payment Systems? SESSION ID: HT-W01 How Secure are Contactless Payment Systems? Matthew Ngu Engineering Manager RSA, The Security Division of EMC Chris Scott Senior Software Engineer RSA, The Security Division of EMC 2

More information

EPCglobal RFID standards & regulations. Henri Barthel OECD Paris, 5 October 2005

EPCglobal RFID standards & regulations. Henri Barthel OECD Paris, 5 October 2005 EPCglobal RFID standards & regulations Henri Barthel OECD Paris, 5 October 2005 Roots of EPCglobal Auto ID Center (launched in 1999) Six world-class academia Labs: MIT (US), Cambridge (UK), Adelaide (Australia),

More information

SECURITY IN LOW RESOURCE ENVIRONMENTS

SECURITY IN LOW RESOURCE ENVIRONMENTS SECURITY IN LOW RESOURCE ENVIRONMENTS SECURERF WHITE PAPER The discovery of a decades old technology is now promoted by many as the Next Big Thing. This discovery, Radio Frequency Identification (RFID),

More information

Neoscope www.neoscopeit.com 888.810.9077

Neoscope www.neoscopeit.com 888.810.9077 Your law firm depends on intelligence. But can you count on your technology? You may not be in the intelligence technology business, but it s probably impossible to imagine your practice without IT. Today,

More information

If you are interested in Radio Frequency Identification technology, then this is the best investment that you can make today!

If you are interested in Radio Frequency Identification technology, then this is the best investment that you can make today! If you are interested in Radio Frequency Identification technology, then this is the best investment that you can make today! Here s Here's a training course on on RFID technology, with which CERTIFICATION

More information

Towards the Internet of Things: An introduction to RFID technology

Towards the Internet of Things: An introduction to RFID technology Towards the Internet of Things: An introduction to RFID technology Miguel L. Pardal and José Alves Marques Department of Computer Science and Engineering Instituto Superior Técnico, Technical University

More information

COMMISSION OF THE EUROPEAN COMMUNITIES COMMISSION RECOMMENDATION. of 12.5.2009

COMMISSION OF THE EUROPEAN COMMUNITIES COMMISSION RECOMMENDATION. of 12.5.2009 COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 12.5.2009 C(2009) 3200 final COMMISSION RECOMMENDATION of 12.5.2009 on the implementation of privacy and data protection principles in applications supported

More information

Security and Privacy in RFID Applications

Security and Privacy in RFID Applications 13 Security and Privacy in RFID Applications Paweł Rotter Joint Research Centre of the European Commission, Institute for Prospective Technological Studies Seville, Spain Currently at: AGH-University of

More information

A Secure RFID Ticket System For Public Transport

A Secure RFID Ticket System For Public Transport A Secure RFID Ticket System For Public Transport Kun Peng and Feng Bao Institute for Infocomm Research, Singapore Abstract. A secure RFID ticket system for public transport is proposed in this paper. It

More information

Security and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags

Security and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags Security and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags Seyed Mohammad Alavi 1, Karim Baghery 2 and Behzad Abdolmaleki 3 1 Imam Hossein Comprehensive University Tehran, Iran

More information

The Drug Quality & Security Act

The Drug Quality & Security Act The Drug Quality & Security Act Drug Traceability & Interoperable Exchange of Transaction Information, History & Statement Mujadala Abdul-Majid 3E Company February 20, 2014 About 3E Company About 3E Supply

More information

Chapter 15: Computer Security and Privacy

Chapter 15: Computer Security and Privacy Understanding Computers Today and Tomorrow 12 th Edition Chapter 15: Computer Security and Privacy Learning Objectives Explain why all computer users should be concerned about computer security. List some

More information

Simplifying IT Management and Data Security with RFID

Simplifying IT Management and Data Security with RFID Simplifying IT Management and Data Security with RFID IT asset management is a fundamental discipline to contribute to the growth and sustainability of the enterprise. Chief information officers have to

More information

Biometric Authentication Platform for a Safe, Secure, and Convenient Society

Biometric Authentication Platform for a Safe, Secure, and Convenient Society 472 Hitachi Review Vol. 64 (2015), No. 8 Featured Articles Platform for a Safe, Secure, and Convenient Society Public s Infrastructure Yosuke Kaga Yusuke Matsuda Kenta Takahashi, Ph.D. Akio Nagasaka, Ph.D.

More information

Security and privacy in RFID

Security and privacy in RFID Security and privacy in RFID Jihoon Cho ISG PhD Student Seminar 8 November 2007 Outline 1 RFID Primer 2 Passive RFID tags 3 Issues on Security and Privacy 4 Basic Tags 5 Symmetric-key Tags 6 Conclusion

More information

Evangelos Kranakis, School of Computer Science, Carleton University, Ottawa 1. Network Security. Canada France Meeting on Security, Dec 06-08

Evangelos Kranakis, School of Computer Science, Carleton University, Ottawa 1. Network Security. Canada France Meeting on Security, Dec 06-08 Evangelos Kranakis, School of Computer Science, Carleton University, Ottawa 1 Network Security Evangelos Kranakis, School of Computer Science, Carleton University, Ottawa 2 Collaboration with Frank Akujobi

More information

Security and User Privacy for Mobile-RFID Applications in Public Zone

Security and User Privacy for Mobile-RFID Applications in Public Zone Security and User Privacy for Mobile-RFID Applications in Public Zone Divyan M. Konidala, Hyunrok Lee, Dang Nguyen Duc, Kwangjo Kim Information and Communications University (ICU), International Research

More information

Research on Anomaly Detection of RFID Supply Chain Data Based on EPC

Research on Anomaly Detection of RFID Supply Chain Data Based on EPC , pp.62-66 http://dx.doi.org/10.14257/astl.2014.50.10 Research on Anomaly Detection of RFID Supply Chain Data Based on EPC Chunfeng Wang 1 Shuiming Zhong 2 Jin Wang 2 1 Modern Education Technology Center,

More information

Zero-knowledge Device Authentication: Privacy & Security Enhanced RFID preserving Business Value and Consumer Convenience

Zero-knowledge Device Authentication: Privacy & Security Enhanced RFID preserving Business Value and Consumer Convenience 89 Zero-knowledge Device Authentication: Privacy & Security Enhanced RFID preserving Business Value and Consumer Convenience Stephan J. Engberg, Morten B. Harning, Christian Damsgaard Jensen Abstract -

More information