Security and Privacy of RFID Systems. Claude Castelluccia

Size: px
Start display at page:

Download "Security and Privacy of RFID Systems. Claude Castelluccia"

Transcription

1 Security and Privacy of RFID Systems Claude Castelluccia

2 What is RFID? Radio-Frequency Identification Tag Antenna Chip Holds a small amount of unique data a serial number or other unique attribute of the item The data can be read from a distance no contact or even line of sight necessary 2

3 RFID Adhesive Labels 4 cm 3

4 How does RFID work? 02.3DFEX4.78AF51 EasyToll card #816 Radio signal (contactless) Range: from 3-5 inches to 3 yards Tags (transponders) Attached to objects, call out their (unique) name and/or static data on a special radio frequency Reader (transceiver) Reads data off the tags without direct contact Database Matches tag IDs to physical objects 4

5 Tag Power Source Passive: All power comes from a reader s interrogation signal. Tag s are inactive unless a reader activates them. Passive powering is the cheapest, but shortest range. Semi-Passive: Tags have an on-board power source (battery). Cannot initiate communications, but can be sensors. Longer read range, more cost for battery. Active: On-board power and can initiate communications. 5

6 Operating Frequencies NEAR Field FAR Field 6

7 Main commercial application Barcode RFID Fast, automated scanning (object doesn t have to leave pocket, shelf or container) Line-of-sight reading Reader must be looking at the barcode Static Data No cryptographic operations possible Specifies object type E.g., I am a pack of Juicy Fruit Reading by radio contact Reader can be anywhere within range Write Capabilities Products carry updated info as they move through the supply chain Specifies unique object id E.g., I am a pack of Juicy Fruit #86715-A Can look up this object in the database 7

8 Modern RFID Applications Supply-Chain Management Inventory Control Logistics Retail Check-Out Access Control: Access Cards. Payment Systems: Mobil SpeedPass. Medical Records: Pet tracking chips. 8

9 Other applications of RFID Automobile immobilizers Payment devices Currency? 9

10 Other applications of RFID Tracking cattle Not Really Mad Passports 10

11 Other applications of RFID Medical compliance RFID readers in mobile handsets Showtimes: 16.00,

12 RFID devices take many forms 12

13 RFID really denotes a spectrum of devices Basic smart label Toll payment token Automobile ignition key Mobile phone 13

14 RFID technologies vary widely Computation 3DES, RSA sym.-key crypto ISO E-passports, ID cards US$5 ISO Library books US$0.50 no crypto EPC WalMart US$ cm 1m Intended read range 3m 14

15 Read range? normal malicious reader reader (10cm / 3m) (50cm / 15m) eavesdrop on tag (???) eavesdrop on reader 15 (50m /???)

16 Functionality Classes 16

17 Security Risks: Espionage Corporate Espionage: Identify Valuable Items to Steal Monitor Changes in Inventory Personal Privacy Leaking of personal information (prescriptions, brand of underwear, etc.). Location privacy: Tracking the physical location of individuals by their RFID tags. 17

18 Espionage Case Study The US Food and Drug Administration (FDA) recently recommended tagging prescription drugs with RFID pedigrees. Problems: I m a barbiturate. Steal me. Privacy issues 18

19 Asymmetric Channels Reader Tag Eavesdropper Backward Channel Range (~5m) Forward Channel Range (~100m) 19

20 Security Risks: Forgery RFID casino chips, Mobil SpeedPass, EZ-Pass, FasTrak, prox cards, 500 banknotes, designer clothing. Skimming: Read your tag, make my own. Swapping: Replace real tags with decoys. Producing a basic RFID device is simple. 20

21 Security Risks: Sabotage If we can t eavesdrop or forge valid tags, can simply attack the RFID infrastructure. Wiping out inventory data. Vandalization. Interrupting supply chains. 21

22 Security Challenge Resources, resources, resources. EPC tags ~ 5 cents gates ~ 1 cent. Main security challenges come from resource constraints. Gate count, memory, storage, power, time, bandwidth, performance, die space, and physical size are all tightly constrained. Pervasiveness also makes security hard. 22

23 A brief history: (d)evolution TIME 23

24 Capabilities of an average (passive) tag Little memory Static 64-to-128-bit identifier in current ultra-cheap generation Little computational power A few thousand gates Static keys for read/write permission Not enough resources to support public- or symmetrickey cryptography Cannot support modular arithmetic (RSA, DSS), elliptic curves, DES, AES; Hash functions barely feasible Recent progress on putting AES on RFID tag 24

25 Example Tag Specification 25

26 RFID ACCESS CONTROL MECHANISMS 26

27 RFID access control mechanism: Hash Locks Rivest, Weis, Sarma, Engels (2003). Access control mechanism: Authenticates readers to tags. Only requires OW hash function on tag. Lock tags with a one-way hash output. Unlock tags with the hash pre-image. Old idea, new application. 27

28 Hash Lock Access Control Reader metaid hash(key) Store (key,metaid) Who metaid are you? key metaid Tag Store metaid metaid = hash(key)? Hi, my name is.. Querying Unlocking Locking a locked a a tag tag tag 28

29 Hash Lock Analysis + Cheap to implement on tags: A hash function and storage for metaid. + Security based on hardness of hash. + Hash output has nice random properties. + Low key look-up overhead. - Tags respond predictably; allows tracking+replay. Motivates randomization. 29

30 Randomized Hash Lock Reader Knows tag ID 1,, ID n Search hash(r, ID i ) Query? R,hash(R, ID k ) Tag: ID k Select random R ID k Unlocking a tag 30

31 Randomized Hash Lock Analysis + Implementation requires hash and random number generator Low-cost PRNG. Physical randomness. + Randomized response prevents tracking. - Inefficient brute force key look-up. 31

32 Human-like authentication for extremely cheap RFID tags A. Juels and S. Weis, Crypto 05 RFID tags are a little like people Very limited memory for numbers Very limited ability for arithmetic computation 32

33 Hopper-Blum (HB) Identification Protocol Human 33

34 Hopper-Blum (HB) Identification Protocol Human Challenge A Response f(x,a) Secret X Secret X 34

35 Hopper-Blum (HB) Identification Protocol Human Challenge A R = (X A) + N η Secret X modular dot product Secret X Noise with constant probability η <1/2 35

36 HB Protocol Example, mod 10 (0, 4, 7) R = 5 7 X = (3,2,1) X = (3,2,1) 36

37 HB Protocol Example round, mod 2 (0, 1, 1) R = 1 0 X = (1,0,1) X = (1,0,1) 37

38 Learning Parity in the presence of Noise (LPN) Given multiple rounds of protocol, find X Given q challenge-response pairs (A 1,R 1 ) (A q,r q ),, find X such that R i = X A i on at most q instances, for constant > 0 Binary values Note that noise is critical else, Gaussian elimination can be used to compute X LPN is NP-hard even within approx. of 2 Theoretical and empirical evidence of average-case hardness Poly. adversarial advantage in HB protocol LPN 38

39 HB Protocol C R X X Problem: Not secure against active adversaries! Malicious reader can supply non-random C-s 39

40 HB + Protocol C X,Y D R = (D Y) + (C X) + Nη X,Y 40

41 HB + Protocol C X,Y R = (D Y) + (C X) + Nη X,Y Intuition: Looks just like HB protocol, except tag outputs C 41

42 HB + Protocol C X,Y D R = (D Y) + (C X) + Nη X,Y Intuition: Looks just like HB protocol, except tag outputs C Tag initiates passive HB protocol to conceal value (D Y) of active challenge-response protocol 42

43 See paper for details: Paper elaborates on security reduction from HB + to LPN Implementation of algorithm seems very practical just linear number of ANDs and XORs and a little noise! Looks like EPC might be amenable, but BUT: Not clear how C is generated? PRNG? Requires q protocol rounds Each round: 3 (or is it 4?) messages 43

44 The PRIVACY Problem 44

45 The privacy problem Mr. Jones in 2015 Bad readers, good tags Wig model #4456 (cheap polyester) Replacement hip medical part # Das Kapital and Communistparty handbook 30 items of lingerie 1500 Euros in wallet Serial numbers: ,

46 The authentication problem Mr. Jones in 2015 Counterfeit! Good readers, bad tags Replacement hip medical part # Mad-cow hamburger lunch Counterfeit! 1500 Euros in wallet Serial numbers: ,

47 Blocking Unwanted Scanning FARADAY CAGE Container made of foil or metal mesh, impenetrable by radio signals of certain frequencies Invitation to Shoplifters Maybe works for a wallet, but huge hassle in general locomotion difficult 47

48 Blocking Unwanted Scanning (Contd.) KILL tag after purchase Special command permanently de-activates tag after the product is purchased RFID tags are much too useful in live state Disables many futuristic applications. 48

49 Blocker Tags Juels, Rivest, Szydlo (2003). Consumer Privacy Protecting Device: Hides your tag data from strangers. Users carry a blocker tag device. Blocker tag injects itself into the tag s anti-collision protocol. Effectively spoofs non-existent tags. 49

50 Blocking Unwanted Scanning (Contd.) The BLOCKER TAG Blocker simulates all (billions of) possible tag serial numbers!! 1,2,3,, 2023 pairs of sneakers and (reading fails) 50

51 How does blocker tag work? When the reader sends a signal, more than one RFID tag may respond: this is a collision Reader cannot accurately read information from more than one tag at a time Example: every tagged item in a supermarket cart responds to the cashier s RFID reader Tree-walking protocol for identifying tags recursively asks question: What is your next bit? It starts with the first bit and ask what is your next bit? If one tag replies 0 and the other replies 1 There is a collision! The reader then fixes a bit, let s say 0, and asks again what is your next bit.. and so on! 51

52 Tree Walking: Example prefix=0 prefix=1 1. Prefix= empty Collision! 1a. Prefix=0 1b. Prefix=1 No collision No collision prefix=00 prefix=01 2. Prefix=00 No collision 2. Prefix=11 Collision! prefix=10 prefix=11 3. ID=001 Talk to tag 001 3a. ID=110 Talk to tag 110 3b. ID=111 Talk to tag Next=1 Next=1 Next=0 Next=1 Next=0 Next=0 Next=1 Next=1 Next=1 52

53 Blocker tag Blocker tag always says both 0 and 1! Guarantees collision no matter what tags are present To talk to a tag, reader must traverse every tree path With 128-bit IDs, reader must try values infeasible! To prevent illegitimate blocking, make blocker tag selective (block only certain ID ranges) E.g., blocker tag blocks all IDs with first bit=1 Items on supermarket shelves have first bit=0 Can t block tags on unpurchased items (antishoplifting) After purchase, flip first bit on the tag from 0 to 1 53

54 Blocker Tag: Example prefix=0 prefix=1 1. Prefix= empty Collision! 1a. Prefix=0 1b. Prefix=1 collision! Collision! prefix=00 prefix=01 2. Prefix=00 Collision! 2. Prefix=11 Collision! prefix=10 prefix=11 3. ID=001 Talk to tag 001 3a. ID=110 Talk to tag 110 No collision 3b. ID=111 Talk to tag Next=1 Next=1 Next=0 Next=1 Next=0 Next=0 Next=1 Next=1 Next=1 Next=0 Next=1 All tags ID are possible! Reader can t know which one are real! 54

55 Another idea: Pseudonym rotation Set of pseudonyms known only by trusted verifier Pseudonyms stored on tag Limited storage means at most, e.g., 10 pseudonyms Tag cycles through pseudonyms 74AB8 MMW91 =? 55

56 Protection against Eavesdropping Eavesdropping (passive attacks) can be prevented by encrypting the data between the tag and the reader But this requires establishing a key and current key exchange solutions are too expensive for current RFID tags Very little memory Static 96-bit+ identifier in current ultra-cheap tags Hundreds of bits soon Little computational power Several thousand gates (mostly for basic functionality) limited cryptographic functions possible (hash?) Pricing pressure may keep it this way for a while Our Contribution: We propose a key exchange protocol that does not require any computation 56

57 Basic Idea: How to send a secret without computing Based on an idea proposed by Bell Labs few decades ago A and B want to share a secret key A sends some random signal on the channel B sends simultaneously the secret on the channel A removes the noise and retrieve the secret An eavesdropper, Eve, only sees noise and cannot retrieve the key 57

58 Assuming random access to the channel (CSMA) A B Eve s view A susbtracts His signal And retrieve key 58

59 Application to RFID We define the concept of noisy tag: a regular tag that is in the reader environment and generates noise The noisy tag is fixed and shares a key with the reader The noisy tag reply is generated from the key and can be computed by the reader i.e. reply = hash(key, nonce) When the reader queries the tag it get 2 bits back: One from the noisy tag that it can compute and cancels out One from the tag that is the secret bit Eve sees 2 bits and does not know which bit was sent by the tag!!! This only works if the 2 bits are different If the bits are the same, the round must be ignored An n-bit long key can be exchange be executing, on average, 2.n rounds. 59

60 Bit-based Scheme key Reader Noisy Tag Tag 60

61 Nonce Reader Noisy Tag Tag 61

62 hash(key,nonce)=xxxx1 Reader Noisy Tag Tag 62

63 1 Reader Noisy Tag hash(key,nonce)=xxxx1 The noisy tag replies 1 The secret bit is 0! 0 Tag Did Tag send 1 or 0?? 63

64 Some Remarks This solution assumes that Eve cannot differentiate frames sent by the tag from the frames sent by the noisy tag By talking with RFID hardware experts, this looks like a reasonable assumption The popular RSA tag blocker uses the same assumption. The confusion can be increased by using several noisy tags instead of a single one! The noisy tags reply with a code (k-bits), generated from its secret key, instead of one bit to increase robustness The tag replies with a random k-bits code The reader computes all the codes it expects from each of the noisy tags and retrieves the tag code The secret bit is derived from the tag code (the last bit for example) 64

65 Security Assuming that: The bits sent by noisy tags are uniformly distributed The bits sent by tags are uniformly distributed The adversary is not able to determine (with a prob. Larger than ½) the source of a signal => Our scheme is perfectly secure Multiple noisy tags can be used for assumption #3 65

66 Security (2) In our scheme, the key is established opportunistically The reader is not authenticated Protection only against eavesdroppers This is still ok for many applications (e.g. e-passport) - Active adversaries have to be pretty close - Active adversaries can easily be detected by the environment since they emit signals (the tag environment can be physically secured) - In contrast, Eavesdroppers can be pretty far.and are by nature more difficult to detect 66

67 Relay Attacks. 67

68 Relay Attack Door access control- Does authentication help? Who are you? generates a signature with its private_key Claude Hi, I am C.Castelluccia prove it, N B sign A {N B, B} INRIA verifies A s signature using A s public_key and open the door! M INRIA Claude verifies A s signature using A s public_key and open the door! Authentication does not help! 68

69 Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Aurélien Francillon, Boris Danev, Srdjan Čapkun Department of Computer Science ETH Zurich August, 2010

70 Car Keys Active keys Need to be close (<100m) and press a button to open the car. Physical key to start the car. Passive Keyless Entry and Go Need to be close (<2m) and the car opens. Need to be in the car to start the car. No need for human action! Passive Keyless Entry and Go System: The key is in the pocket and when the user is near, the car opens When the key is in the car, the car can be started by pressing an ignition button) Implemented by all major car manufacturers

71 Example Key 433 MHz Antenna? TI TMS 37126* 130 khz passive RFID 433MHz radio + MCU 130KHz antenna/coil 71

72 Passive Keyless Entry and Start Sketch of the Protocol: short range (<2m), active tag Challenge (LF, KHz) If the correct key is authenticated, open the door. Reply (UHF, MHz) long range (<100m)

73 Passive Keyless Entry and Start Sketch of the Protocol: short range (<2m), active tag Challenge (LF, KHz) If the correct key is authenticated, open the door. Reply (UHF, MHz) long range (<100m) Main ideas behind this solution: Key authentication by cryptographic means (c-r protocol) LF Communication implies physical proximity => The system is vulnerable to relay attacks!

74 Our Attack: Relay Attack on PKES Wired Relay Attacker 1 Attacker 2 Tested up to 60 M, amplifier optional

75 Our Attack: Relay Attack on PKES Physical Layer Wireless Relay Cost: $ 30 cm Attacker 1 Attacker m

76 Our Attack: Relay Attack on PKES Physical Layer Wireless Relay

77 Protocols We tested 10 models, 10 different protocols, We did not dig the details there Some weak cryptography has been already extensively studied (keeloq, TI DST ) Some appear to use longer messages? Strong crypto? Unsurprisingly none are resistant to relay attacks

78 Snapshot of Results

79 Measuring maximum delay? How much delay is accepted by the car? Gives the maximum distance achievable on a physical relay Is it possible to do a relay at a higher level? No straight forward solution to relay signals with a configurable delay Default Gnu Radio min delay => 15 ms We modified the original Gnu Radio FPGA Configure delay from 5µs to 10ms by buffering samples on the device itself Samples not sent to the computer

80 Measuring maximum delay? Results: 35 µs is still 10 Km

81 Implications Relay attack in a parking lot One antenna near the elevator While the car owner waits the elevator the attacker opens the car Keys left in kitchen while car parked close to home put an antenna close to the kitchen window Tested in practice

82 Additional insights When started the car can be driven away without maintaining relay No trace of entry/start Can be combined with other attacks [see Oakland 2010] Legal/insurance issues

83 Countermeasures Protection mechanisms: Shield the key (immediate) Remove the battery key (immediate) Build a new system (e.g., based on distance bounding) see e.g. Realization of RF Distance Bounding (UsenixSecurity10) db More info: Aurelien Francillon, Boris Danev, Srdjan Capkun Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars NDSS 2011

84 Conclusions RFID tags will be everywhere (passport, clothes, cars, papers, pens, people ) This will create severe privacy issues Very active research area! 84

85 Some papers/technology reviews January-March 2006 (Vol. 5, No. 1) issue of Two papers to read : An Introduction to RFID Technology by R. Want, Intel research RFID Security and Privacy: A Research Survey by Ari Juels, RSA Laboratories 85

86 To learn more: Limited Bibliography: crypto.csail.mit.edu/~sweis/rfid Primers and current RFID news: RSA Labs RFID Web site: JHU/RSA RFID Web site: David Wagner s Web site: 86

87 The Digital Signature Transponder (DST) A. Juels, S. Bono, M. Green, A. Stubblefield, A. Rubin, and M. Szydlo USENIX Security 05 I m tag #123 f 40-bit challenge C 24-bit response R = f K (C) Car #123 (simplified) Helps secure tens of millions of automobiles Philips claims more than 90% reduction in car theft thanks to RFID! (TI did at one point.) 87 Also used in millions of payment transponders

88 The Digital Signature Transponder (DST) I m tag #123 f 40-bit challenge C 24-bit response R = f K (C) Car #123 (simplified) The key K is only 40 bits in length! 88

89 The Digital Signature Transponder (DST) I m tag #123 f 40-bit challenge C 24-bit response R = f K (C) Car #123 (simplified) Goal: Demonstrate security vulnerability by cloning real DST keys 89

90 The Digital Signature Transponder (DST) I m tag #123 f 40-bit challenge C 24-bit response R = f K (C) f Car #123 (simplified) The key K is only 40 bits in length! But what is the cryptographic function f? 90

91 Black-box cryptanalysis key K C f? R = f K (C) Programmable DST 91

92 The full cloning process 1. Skimming 2. Key cracking 3. Simulation 92

93 The full cloning process Step 1: Skimming Obtain responses r 1,r 2 to two challenges, c 1, c 2 ( 1/4 93 second)

94 The full cloning process Step 2: Key cracking C Find secret key k such that r 1 =f k (c 1 ) and r 2 = f k (c 2 ) (30 mins. on 16-way parallel cracker) 94

95 The full cloning process Step 3: Simulation Simulate radio protocols with computation of f k 95

RF ID Security and Privacy

RF ID Security and Privacy RF ID Security and Privacy EJ Jung 11/15/10 What is RFID?! Radio-Frequency Identification Tag Antenna Chip How Does RFID Work? 02.3DFEX4.78AF51 EasyToll card #816 Radio signal (contactless) Range: from

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Aurélien Francillon, Boris Danev, Srdjan Čapkun 1 Modern Cars Evolution Increasing amount of electronics in cars For convenience

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS 2011) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ)

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS 2011) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ) Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS ) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ) Wednesday System Security April Group 6, 1 Agenda 1. Overview of Car

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Srdjan Čapkun (joint work with Aurélien Francillon, Boris Danev) 1 Agenda 1. Overview of Car Key Systems 2. Previous Attacks: In

More information

RFID Security. April 10, 2006. Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark

RFID Security. April 10, 2006. Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark April 10, 2006 Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark 1 Outline What is RFID RFID usage Security threats Threat examples Protection Schemes for

More information

Privacy and Security in library RFID Issues, Practices and Architecture

Privacy and Security in library RFID Issues, Practices and Architecture Privacy and Security in library RFID Issues, Practices and Architecture David Molnar and David Wagner University of California, Berkeley CCS '04 October 2004 Overview Motivation RFID Background Library

More information

Security Issues in RFID systems. By Nikhil Nemade Krishna C Konda

Security Issues in RFID systems. By Nikhil Nemade Krishna C Konda Security Issues in RFID systems By Nikhil Nemade Krishna C Konda Agenda Introduction to an RFID System Possible Application Areas Need for Security Vulnerabilities of an RFID system Security Measures currently

More information

A Study on the Security of RFID with Enhancing Privacy Protection

A Study on the Security of RFID with Enhancing Privacy Protection A Study on the Security of RFID with Enhancing Privacy Protection *Henry Ker-Chang Chang, *Li-Chih Yen and *Wen-Chi Huang *Professor and *Graduate Students Graduate Institute of Information Management

More information

On the Security of RFID

On the Security of RFID On the Security of RFID Hung-Min Sun Information Security Lab. Department of Computer Science National Tsing Hua University slide 1 What is RFID? Radio-Frequency Identification Tag Reference http://glossary.ippaper.com

More information

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions July, 2006 Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked

More information

Strengthen RFID Tags Security Using New Data Structure

Strengthen RFID Tags Security Using New Data Structure International Journal of Control and Automation 51 Strengthen RFID Tags Security Using New Data Structure Yan Liang and Chunming Rong Department of Electrical Engineering and Computer Science, University

More information

RFID Security and Privacy: A Research Survey. Vincent Naessens Studiedag Rabbit project

RFID Security and Privacy: A Research Survey. Vincent Naessens Studiedag Rabbit project RFID Security and Privacy: A Research Survey Vincent Naessens Studiedag Rabbit project RFID Security and Privacy: A Research Survey 1. Introduction 2. Security and privacy problems 3. Basic RFID tags 4.

More information

Tackling Security and Privacy Issues in Radio Frequency Identification Devices

Tackling Security and Privacy Issues in Radio Frequency Identification Devices Tackling Security and Privacy Issues in Radio Frequency Identification Devices Dirk Henrici and Paul Müller University of Kaiserslautern, Department of Computer Science, PO Box 3049 67653 Kaiserslautern,

More information

RFID Security: Threats, solutions and open challenges

RFID Security: Threats, solutions and open challenges RFID Security: Threats, solutions and open challenges Bruno Crispo Vrije Universiteit Amsterdam crispo@cs.vu.nl 1 Table of Content RFID technology and applications Security Issues Privacy Proposed (partial)

More information

Security in Near Field Communication (NFC)

Security in Near Field Communication (NFC) Security in Near Field Communication (NFC) Strengths and Weaknesses Ernst Haselsteiner and Klemens Breitfuß Philips Semiconductors Mikronweg 1, 8101 Gratkorn, Austria ernst.haselsteiner@philips.com klemens.breitfuss@philips.com

More information

50 ways to break RFID privacy

50 ways to break RFID privacy 50 ways to break RFID privacy Ton van Deursen 1 University of Luxembourg ton.vandeursen@uni.lu 1 Financial support received from the Fonds National de la Recherche (Luxembourg). RFID privacy 1 / 40 Outline

More information

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards January 2007 Developed by: Smart Card Alliance Identity Council RF-Enabled Applications and Technology:

More information

PAP: A Privacy and Authentication Protocol for Passive RFID Tags

PAP: A Privacy and Authentication Protocol for Passive RFID Tags PAP: A Privacy and Authentication Protocol for Passive RFID s Alex X. Liu LeRoy A. Bailey Department of Computer Science and Engineering Michigan State University East Lansing, MI 48824-1266, U.S.A. {alexliu,

More information

Back-end Server Reader Tag

Back-end Server Reader Tag A Privacy-preserving Lightweight Authentication Protocol for Low-Cost RFID Tags Shucheng Yu, Kui Ren, and Wenjing Lou Department of ECE, Worcester Polytechnic Institute, MA 01609 {yscheng, wjlou}@wpi.edu

More information

Various Attacks and their Countermeasure on all Layers of RFID System

Various Attacks and their Countermeasure on all Layers of RFID System Various Attacks and their Countermeasure on all Layers of RFID System Gursewak Singh, Rajveer Kaur, Himanshu Sharma Abstract RFID (radio frequency identification) system is one of the most widely used

More information

Security and privacy in RFID

Security and privacy in RFID Security and privacy in RFID Jihoon Cho ISG PhD Student Seminar 8 November 2007 Outline 1 RFID Primer 2 Passive RFID tags 3 Issues on Security and Privacy 4 Basic Tags 5 Symmetric-key Tags 6 Conclusion

More information

RFID SECURITY. February 2008. The Government of the Hong Kong Special Administrative Region

RFID SECURITY. February 2008. The Government of the Hong Kong Special Administrative Region RFID SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the

More information

RFID Penetration Tests when the truth is stranger than fiction

RFID Penetration Tests when the truth is stranger than fiction RFID Penetration Tests when the truth is stranger than fiction Dr. Tomáš Rosa, tomas.rosa@rb.cz Raiffeisenbank, a.s. Agenda Technology overview Physical layer of LF and HF bands The Unique ID phenomenon

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Aurélien Francillon, Boris Danev, Srdjan Capkun Department of Computer Science ETH Zurich 8092 Zurich, Switzerland {aurelien.francillon,

More information

RFID BASED VEHICLE TRACKING SYSTEM

RFID BASED VEHICLE TRACKING SYSTEM RFID BASED VEHICLE TRACKING SYSTEM Operating a managed, busy parking lot can pose significant challenges, especially to a government organization that also owns some of the vehicles in the lot. The parking

More information

RFID Security and Privacy. Simson L. Garfinkel, Ph.D. Center for Research on Computation and Society Harvard University October 5, 2005

RFID Security and Privacy. Simson L. Garfinkel, Ph.D. Center for Research on Computation and Society Harvard University October 5, 2005 RFID Security and Privacy Simson L. Garfinkel, Ph.D. Center for Research on Computation and Society Harvard University October 5, 2005 1 RFID: The Industry s Vision. Distribution Center Consumer Docks

More information

Security and Privacy for Internet of Things Application

Security and Privacy for Internet of Things Application Security and Privacy for Internet of Things Application Qi fang, School of Information Science and Engineering, Central South University, Changsha, China 8-1 Copyright Disclamation This course material

More information

Enabling the secure use of RFID

Enabling the secure use of RFID Enabling the secure use of RFID BLACK ME/FOTOLIA.com Enhancing security of radio frequency identification to connect safely to the Internet of Things UHF radio frequency identification (RFID) promises

More information

The Study on RFID Security Method for Entrance Guard System

The Study on RFID Security Method for Entrance Guard System The Study on RFID Security Method for Entrance Guard System Y.C. Hung 1, C.W. Tsai 2, C.H. Hong 3 1 Andrew@mail.ncyu.edu.tw 2 s0930316@mail.ncyu.edu.tw 3 chhong@csie.ncyu.edu.tw Abstract: The RFID technology

More information

Radio Frequency Identification (RFID) Presenter: Dusan Stevanovic April 3, 2007

Radio Frequency Identification (RFID) Presenter: Dusan Stevanovic April 3, 2007 Radio Frequency Identification (RFID) Presenter: Dusan Stevanovic April 3, 2007 Introduction RFID are systems that transmit identity (in the form of a unique serial number) of an object or person wirelessly,

More information

Using RFID Techniques for a Universal Identification Device

Using RFID Techniques for a Universal Identification Device Using RFID Techniques for a Universal Identification Device Roman Zharinov, Ulia Trifonova, Alexey Gorin Saint-Petersburg State University of Aerospace Instrumentation Saint-Petersburg, Russia {roman,

More information

Security Issues in RFID. Kai Wang Research Institute of Information Technology, Tsinghua University, Beijing, China wang-kai09@mails.tsinghua.edu.

Security Issues in RFID. Kai Wang Research Institute of Information Technology, Tsinghua University, Beijing, China wang-kai09@mails.tsinghua.edu. Security Issues in RFID Kai Wang Research Institute of Information Technology, Tsinghua University, Beijing, China wang-kai09@mails.tsinghua.edu.cn Abstract RFID (Radio Frequency IDentification) are one

More information

An Overview of Approaches to Privacy Protection in RFID

An Overview of Approaches to Privacy Protection in RFID An Overview of Approaches to Privacy Protection in RFID Jimmy Kjällman Helsinki University of Technology Jimmy.Kjallman@tkk.fi Abstract Radio Frequency Identification (RFID) is a common term for technologies

More information

Radio Frequency Identification (RFID)

Radio Frequency Identification (RFID) Radio Frequency Identification (RFID) Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu These slides are available on-line at: http://www.cse.wustl.edu/~jain/cse574-06/

More information

Radio Frequency Identification (RFID) Vs Barcodes

Radio Frequency Identification (RFID) Vs Barcodes Radio Frequency Identification (RFID) Vs Barcodes Which one to choose? Which one is the better technology? Why choose one over the other? Answer: It really depends on the application, and what you want

More information

Security Requirements for RFID Computing Systems

Security Requirements for RFID Computing Systems International Journal of Network Security, Vol.6, No.2, PP.214 226, Mar. 2008 214 Security Requirements for RFID Computing Systems Xiaolan Zhang 1 and Brian King 2 (Corresponding author: Xiaolan Zhang)

More information

RFID Payment Card Vulnerabilities Technical Report

RFID Payment Card Vulnerabilities Technical Report RFID Payment Card Vulnerabilities Technical Report Thomas S. Heydt-Benjamin 1, Daniel V. Bailey 2, Kevin Fu 1, Ari Juels 2, and Tom O'Hare 3 Abstract 1: University of Massachusetts at Amherst {tshb, kevinfu}@cs.umass.edu

More information

RESEARCH SURVEY ON MIFARE WITH RFID TECHNOLOGY

RESEARCH SURVEY ON MIFARE WITH RFID TECHNOLOGY RESEARCH SURVEY ON MIFARE WITH RFID TECHNOLOGY S.SRINIVASAN Assistant Professor, School of Computing, SASTRA University, Kumbakonam-612001 Tamil Nadu, India ramuluvasan@rediffmail.com Dr. C. CHANDRASEKAR

More information

Side Channel Analysis and Embedded Systems Impact and Countermeasures

Side Channel Analysis and Embedded Systems Impact and Countermeasures Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Agenda Advances in Embedded Systems Security From USB stick to game console Current attacks Cryptographic devices Side

More information

rf Technology to automate your BUsiness

rf Technology to automate your BUsiness Motorola Tech Brief June 2011 Understanding the characteristics of the rfid spectrum: Choosing the Right rf Technology to automate your BUsiness How to choose the right rfid technology for your Identification,

More information

RFID privacy. Foundations of Secure e-commerce (bmevihim219) Dr. Levente Buttyán

RFID privacy. Foundations of Secure e-commerce (bmevihim219) Dr. Levente Buttyán Foundations of Secure e-commerce (bmevihim219) Dr. Levente Buttyán Associate Professor BME Hálózati Rendszerek és Szolgáltatások Tanszék Lab of Cryptography and System Security (CrySyS) buttyan@hit.bme.hu,

More information

Client Server Registration Protocol

Client Server Registration Protocol Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

More information

Lightweight Cryptography. Lappeenranta University of Technology

Lightweight Cryptography. Lappeenranta University of Technology Lightweight Cryptography Dr Pekka Jäppinen Lappeenranta University of Technology Outline Background What is lightweight Metrics Chip area Performance Implementation tradeoffs Current situation Conclusions

More information

ASSET TRACKING USING RFID SRAVANI.P(07241A12A7) DEEPTHI.B(07241A1262) SRUTHI.B(07241A12A3)

ASSET TRACKING USING RFID SRAVANI.P(07241A12A7) DEEPTHI.B(07241A1262) SRUTHI.B(07241A12A3) ASSET TRACKING USING RFID BY SRAVANI.P(07241A12A7) DEEPTHI.B(07241A1262) SRUTHI.B(07241A12A3) OBJECTIVE Our main objective is to acquire an asset tracking system. This keeps track of all the assets you

More information

Security in RFID Networks and Protocols

Security in RFID Networks and Protocols International Journal of Information and Computation Technology. ISSN 0974-2239 Volume 3, Number 5 (2013), pp. 425-432 International Research Publications House http://www. irphouse.com /ijict.htm Security

More information

A Secure RFID Ticket System For Public Transport

A Secure RFID Ticket System For Public Transport A Secure RFID Ticket System For Public Transport Kun Peng and Feng Bao Institute for Infocomm Research, Singapore Abstract. A secure RFID ticket system for public transport is proposed in this paper. It

More information

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the

More information

Authentication requirement Authentication function MAC Hash function Security of

Authentication requirement Authentication function MAC Hash function Security of UNIT 3 AUTHENTICATION Authentication requirement Authentication function MAC Hash function Security of hash function and MAC SHA HMAC CMAC Digital signature and authentication protocols DSS Slides Courtesy

More information

THE SECURITY AND PRIVACY ISSUES OF RFID SYSTEM

THE SECURITY AND PRIVACY ISSUES OF RFID SYSTEM THE SECURITY AND PRIVACY ISSUES OF RFID SYSTEM Iuon Chang Lin Department of Management Information Systems, National Chung Hsing University, Taiwan, Department of Photonics and Communication Engineering,

More information

An Overview of RFID Security and Privacy threats

An Overview of RFID Security and Privacy threats An Overview of RFID Security and Privacy threats Maxim Kharlamov mkha130@ec.auckland.ac.nz The University of Auckland October 2007 Abstract Radio Frequency Identification (RFID) technology is quickly deploying

More information

RFID Security and Privacy: Threats and Countermeasures

RFID Security and Privacy: Threats and Countermeasures RFID Security and Privacy: Threats and Countermeasures Marco Spruit Wouter Wester Technical Report UU-CS- 2013-001 January 2013 Department of Information and Computing Sciences Utrecht University, Utrecht,

More information

Security and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags

Security and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags Security and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags Seyed Mohammad Alavi 1, Karim Baghery 2 and Behzad Abdolmaleki 3 1 Imam Hossein Comprehensive University Tehran, Iran

More information

Mobile Devices and Systems Lesson 04 Smart Systems Labels, RFID and tokens

Mobile Devices and Systems Lesson 04 Smart Systems Labels, RFID and tokens Mobile Devices and Systems Lesson 04 Smart Systems Labels, RFID and tokens Oxford University Press 2007. All rights reserved. 1 Smart systems Smart Labels Smart labels RFID Smart tokens Oxford University

More information

Lesson Title: History of RFID

Lesson Title: History of RFID Page 1 of 6 Lesson Title: History of RFID 6/22/09 Copyright 2008, 2009 by Dale R. Thompson {d.r.thompson@ieee.org} Rationale Why is this lesson important? Why does the student need this lesson? How does

More information

Data Protection Technical Guidance Radio Frequency Identification

Data Protection Technical Guidance Radio Frequency Identification Data Protection Technical Guidance Radio Frequency Identification This technical guidance note is aimed at those using or contemplating using RFID technology. It gives a brief summary of the technology

More information

RFID Basics HEGRO Belgium nv - Assesteenweg 25-29 - 1740 Ternat Tel.: +32 (0)2/582.31.97 Fax : +32 (0)2/582.11.24 email : info@hegrobelgium.

RFID Basics HEGRO Belgium nv - Assesteenweg 25-29 - 1740 Ternat Tel.: +32 (0)2/582.31.97 Fax : +32 (0)2/582.11.24 email : info@hegrobelgium. RFID Basics RFID Basics Introduction Radio Frequency Identification (RFID) technology has been attracting considerable attention with the expectation of improved supply chain visibility for both suppliers

More information

ANTI-COUNTERFEITING OF FASHION BRANDS USING RFID TECHNOLOGY Patrick C.L. Hui, Kirk H.M. Wong, and Allan C.K. Chan

ANTI-COUNTERFEITING OF FASHION BRANDS USING RFID TECHNOLOGY Patrick C.L. Hui, Kirk H.M. Wong, and Allan C.K. Chan ANTI-COUNTERFEITING OF FASHION BRANDS USING RFID TECHNOLOGY Patrick C.L. Hui, Kirk H.M. Wong, and Allan C.K. Chan ABSTRACT Anti-counterfeiting comes to the attention of fashion brand owners concerned as

More information

Evangelos Kranakis, School of Computer Science, Carleton University, Ottawa 1. Network Security. Canada France Meeting on Security, Dec 06-08

Evangelos Kranakis, School of Computer Science, Carleton University, Ottawa 1. Network Security. Canada France Meeting on Security, Dec 06-08 Evangelos Kranakis, School of Computer Science, Carleton University, Ottawa 1 Network Security Evangelos Kranakis, School of Computer Science, Carleton University, Ottawa 2 Collaboration with Frank Akujobi

More information

Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards

Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards White Paper Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards By Dr. Wen-Ping Ying, Director of Software Development, February 2002 Introduction Wireless LAN networking allows the

More information

RF Attendance System Framework for Faculties of Higher Education

RF Attendance System Framework for Faculties of Higher Education RF Attendance System Framework for Faculties of Higher Education Ms. Unnati A. Patel 1 Dr. Swaminarayan Priya R 2 1 Asst. Professor, M.Sc(IT) Department, ISTAR, V.V.Nagar-388120, India 2 Head & ProfessorHH,

More information

Cloud RFID UHF Gen 2

Cloud RFID UHF Gen 2 Cloud RFID UHF Gen 2 Supply chain visibility In store stock management and security. - Stock take by RFID - Stock search - Reorder report, - Dynamic reorder, Security. Introduction The Adilam RFID system

More information

RAIN RFID and the Internet of Things: Industry Snapshot and Security Needs. Matt Robshaw and Tyler Williamson Impinj Seattle, USA

RAIN RFID and the Internet of Things: Industry Snapshot and Security Needs. Matt Robshaw and Tyler Williamson Impinj Seattle, USA RAIN RFID and the Internet of Things: Industry Snapshot and Security Needs Matt Robshaw and Tyler Williamson Impinj Seattle, USA Overview RAIN RFID The product and standardization landscape Security, performance,

More information

Karsten Nohl University of Virginia. Henryk Plötz HU Berlin

Karsten Nohl University of Virginia. Henryk Plötz HU Berlin Karsten Nohl University of Virginia Henryk Plötz HU Berlin Radio Frequency IDentification Tiny computer chips Passively Powered Karsten Nohl, Henryk Plötz - RFID Security 2 Constant monitoring is already

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 7 Access Control Fundamentals

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 7 Access Control Fundamentals Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control Fundamentals Objectives Define access control and list the four access control models Describe logical access control

More information

A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags

A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags Sarah Abughazalah, Konstantinos Markantonakis, and Keith Mayes Smart Card Centre-Information Security Group (SCC-ISG) Royal Holloway,

More information

Keep Out of My Passport: Access Control Mechanisms in E-passports

Keep Out of My Passport: Access Control Mechanisms in E-passports Keep Out of My Passport: Access Control Mechanisms in E-passports Ivo Pooters June 15, 2008 Abstract Nowadays, over 40 different countries issue biometric passports to increase security on there borders.

More information

Technical Article. NFiC: a new, economical way to make a device NFC-compliant. Prashant Dekate

Technical Article. NFiC: a new, economical way to make a device NFC-compliant. Prashant Dekate Technical NFiC: a new, economical way to make a device NFC-compliant Prashant Dekate NFiC: a new, economical way to make a device NFC-compliant Prashant Dekate The installed base of devices with Near Field

More information

International Journal of Engineering Research & Management Technology

International Journal of Engineering Research & Management Technology International Journal of Engineering Research & Management Technology March- 2015 Volume 2, Issue-2 Radio Frequency Identification Security System Mr. Shailendra Kumar Assistant Professor Department of

More information

Best Practices for the Use of RF-Enabled Technology in Identity Management. January 2007. Developed by: Smart Card Alliance Identity Council

Best Practices for the Use of RF-Enabled Technology in Identity Management. January 2007. Developed by: Smart Card Alliance Identity Council Best Practices for the Use of RF-Enabled Technology in Identity Management January 2007 Developed by: Smart Card Alliance Identity Council Best Practices for the Use of RF-Enabled Technology in Identity

More information

WHITE PAPER. ABCs of RFID

WHITE PAPER. ABCs of RFID WHITE PAPER ABCs of RFID Understanding and using Radio Frequency Identification Basics - Part 1 B.Muthukumaran Chief Consultant Innovation & Leadership Gemini Communication Ltd #1, Dr.Ranga Road, 2nd Street,

More information

Allwin Initiative for Corporate Citizenship Dartmouth Center for the Advancement of Learning Dickey Center Ethics Institute Institute for Security

Allwin Initiative for Corporate Citizenship Dartmouth Center for the Advancement of Learning Dickey Center Ethics Institute Institute for Security Allwin Initiative for Corporate Citizenship Dartmouth Center for the Advancement of Learning Dickey Center Ethics Institute Institute for Security Technology Studies Leslie Center Rockefeller Center Tucker

More information

How Does It Work? Internet of Things

How Does It Work? Internet of Things Intermec UAP-2100 What is RFID? 18-759: Wireless Networks Lecture 14: RFID Peter Steenkiste and Hedda R. Schmidtke Departments of Computer Science and Electrical and Computer Engineering Spring Semester

More information

Introduction to RFID Technology

Introduction to RFID Technology Introduction to RFID Technology Athens Information Technology Riding the Time-Machine (1) The AUTO-ID consortium AUTO-ID can track Products, Containers, Vehicles, Animals, as well as their condition 2

More information

RFID based Bill Generation and Payment through Mobile

RFID based Bill Generation and Payment through Mobile RFID based Bill Generation and Payment through Mobile 1 Swati R.Zope, 2 Prof. Maruti Limkar 1 EXTC Department, Mumbai University Terna college of Engineering,India Abstract Emerging electronic commerce

More information

Privacy Implications of RFID Tags by Paul Stamatiou. CS4001, Georgia Institute of Technology November 8 th, 2007

Privacy Implications of RFID Tags by Paul Stamatiou. CS4001, Georgia Institute of Technology November 8 th, 2007 Privacy Implications of RFID Tags by Paul Stamatiou CS4001, Georgia Institute of Technology November 8 th, 2007 Radio Frequency Identification (RFID) is a maturing wireless technology with widespread uses,

More information

Security & Chip Card ICs SLE 44R35S / Mifare

Security & Chip Card ICs SLE 44R35S / Mifare Security & Chip Card ICs SLE 44R35S / Mifare Intelligent 1 Kbyte EEPROM with Interface for Contactless Transmission, Security Logic and Anticollision according to the MIFARE -System Short Product Info

More information

CPSC 467b: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 1 January 9, 2012 CPSC 467b, Lecture 1 1/22 Course Overview Symmetric Cryptography CPSC 467b, Lecture 1 2/22 Course Overview CPSC

More information

Feature. Security and Privacy Trade-offs in RFID Use. Operational Zone RFID Tag. RFID Reader

Feature. Security and Privacy Trade-offs in RFID Use. Operational Zone RFID Tag. RFID Reader Feature Security and Privacy Trade-offs in RFID Use S. Srinivasan is a professor of computer information systems at the University of Louisville in Kentucky, USA. He can be reached at srini@louisville.edu.

More information

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

More information

RFID Technology, Security Vulnerabilities, and Countermeasures

RFID Technology, Security Vulnerabilities, and Countermeasures 19 RFID Technology, Security Vulnerabilities, and Countermeasures Qinghan Xiao 1, Thomas Gibbons 2 and Hervé Lebrun 2 1 Defence Research and Development Canada Ottawa 2 Canadian Operational Support Command

More information

Introduction to Computer Security

Introduction to Computer Security Introduction to Computer Security Hash Functions and Digital Signatures Pavel Laskov Wilhelm Schickard Institute for Computer Science Integrity objective in a wide sense Reliability Transmission errors

More information

Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart. OV-Chipkaart Security Issues Tutorial for Non-Expert Readers

Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart. OV-Chipkaart Security Issues Tutorial for Non-Expert Readers Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart OV-Chipkaart Security Issues Tutorial for Non-Expert Readers The current debate concerning the OV-Chipkaart security was

More information

Wireless Security: Token, WEP, Cellular

Wireless Security: Token, WEP, Cellular Wireless Security: Token, WEP, Cellular 27 May 2015 Lecture 9 Some slides adapted from Jean-Pierre Seifert (TU Berlin) 27 May 2015 SE 425: Communication and Information Security 1 Topics for Today Security

More information

Radio Frequency Identification. Done by: Haitham Habli.

Radio Frequency Identification. Done by: Haitham Habli. Radio Frequency Identification Done by: Haitham Habli. Table of contents Definition of RFID. Do they need license? RFID vs other identification systems. Classification of RFID systems. Emerge of passive

More information

RFID: Technology and Applications

RFID: Technology and Applications RFID: Technology and Applications Outline Overview of RFID Reader-Tag; Potential applications RFID Technology Internals RF communications Reader/Tag protocols Middleware architecture RFID Business Aspects

More information

MIFARE CONTACTLESS CARD TECHNOLOLGY AN HID WHITE PAPER

MIFARE CONTACTLESS CARD TECHNOLOLGY AN HID WHITE PAPER MIFARE CONTACTLESS CARD TECHNOLOLGY AN HID WHITE PAPER GENERAL The MIFARE contactless smart card and MIFARE card reader/writer were developed to handle payment transactions for public transportation systems.

More information

High-speed cryptography and DNSCurve. D. J. Bernstein University of Illinois at Chicago

High-speed cryptography and DNSCurve. D. J. Bernstein University of Illinois at Chicago High-speed cryptography and DNSCurve D. J. Bernstein University of Illinois at Chicago Stealing Internet mail: easy! Given a mail message: Your mail software sends a DNS request, receives a server address,

More information

Scalable RFID Security Protocols supporting Tag Ownership Transfer

Scalable RFID Security Protocols supporting Tag Ownership Transfer Scalable RFID Security Protocols supporting Tag Ownership Transfer Boyeon Song a,1, Chris J. Mitchell a,1 a Information Security Group, Royal Holloway, University of London, Egham, Surrey, TW20 0EX, UK

More information

Automated Identification Technologies

Automated Identification Technologies Spec 2000 ebusiness Forum Automated Identification Technologies Jon Andresen President Technology Solutions Jon@TechSoln.com Budapest, Hungry 23 October 2008 Agenda 1. AIT Chapter 9 Intro - Jon A. AIT

More information

CSC 474 -- Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity

CSC 474 -- Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity CSC 474 -- Network Security Topic 6.2 User Authentication CSC 474 Dr. Peng Ning 1 User Authentication Basics CSC 474 Dr. Peng Ning 2 Authentication and Identity What is identity? which characteristics

More information

ATTACHMENT E: RFID SECURITY AND PRIVACY WHITE PAPER

ATTACHMENT E: RFID SECURITY AND PRIVACY WHITE PAPER ATTACHMENT E: RFID SECURITY AND PRIVACY WHITE PAPER The attached document is a white paper prepared to survey the issues surrounding RFID and security and privacy. USVISIT-APMO-CONTHSSCHQ04D0096T006-RPT050010-F

More information

RFID TECHNOLOGY Great Eastern Impex Pvt. Ltd. India

RFID TECHNOLOGY Great Eastern Impex Pvt. Ltd. India RFID TECHNOLOGY Great Eastern Impex Pvt. Ltd. India RFID: Introduction Radio Frequency Identification or RFID is the new generation Auto ID technology that uses radio or wireless communication to uniquely

More information

The Drug Quality & Security Act

The Drug Quality & Security Act The Drug Quality & Security Act Drug Traceability & Interoperable Exchange of Transaction Information, History & Statement Mujadala Abdul-Majid 3E Company February 20, 2014 About 3E Company About 3E Supply

More information

LibRFID: Automation Software for Library Management System Using RFID Technology

LibRFID: Automation Software for Library Management System Using RFID Technology LibRFID: Automation Software for Library Management System Using RFID Technology Amar Michael Sequeira 1 Lecturer, Department of Computer Science, Bhandarkars Arts and Science College, Kundapura, Udupi,

More information

WHITE PAPER SERIES / EDITION 1 BUSINESS PROCESSES & APPLICATIONS. Low-Cost RFID Systems: Confronting Security and Privacy SOFTWARE & NETWORK HARDWARE

WHITE PAPER SERIES / EDITION 1 BUSINESS PROCESSES & APPLICATIONS. Low-Cost RFID Systems: Confronting Security and Privacy SOFTWARE & NETWORK HARDWARE WHITE PAPER SERIES / EDITION 1 BUSINESS PROCESSES & APPLICATIONS SOFTWARE & NETWORK HARDWARE AUTOIDLABS-WP-SWNET-013 Low-Cost RFID Systems: Confronting Security and Privacy Damith C. Ranasinghe 1, Daniel

More information

Using RFID Technology to Stop Counterfeiting

Using RFID Technology to Stop Counterfeiting Using RFID Technology to Stop Counterfeiting By Eustace Asanghanwa, Crypto & RF Memory Applications Summary RFID technology is well known for providing labeling solutions to automate inventory control.

More information

Issues with RFID usage in ubiquitous computing applications

Issues with RFID usage in ubiquitous computing applications Issues with RFID usage in ubiquitous computing applications Christian Floerkemeier and Matthias Lampe Institute for Pervasive Computing Department of Computer Science ETH Zurich, Switzerland {floerkem

More information

HASH CODE BASED SECURITY IN CLOUD COMPUTING

HASH CODE BASED SECURITY IN CLOUD COMPUTING ABSTRACT HASH CODE BASED SECURITY IN CLOUD COMPUTING Kaleem Ur Rehman M.Tech student (CSE), College of Engineering, TMU Moradabad (India) The Hash functions describe as a phenomenon of information security

More information