RFID privacy. Foundations of Secure e-commerce (bmevihim219) Dr. Levente Buttyán

Size: px
Start display at page:

Download "RFID privacy. Foundations of Secure e-commerce (bmevihim219) Dr. Levente Buttyán"

Transcription

1 Foundations of Secure e-commerce (bmevihim219) Dr. Levente Buttyán Associate Professor BME Hálózati Rendszerek és Szolgáltatások Tanszék Lab of Cryptography and System Security (CrySyS)

2 Outline - RFID applications - RFID architecture - security and privacy threats - prevention of tracking at the application layer - privacy problems at lower layers 2

3 Introduction RFID = Radio-Frequency Identification allows us to identify objects or subjects with neither physical nor visual contact need to place a transponder on or in the object and query it remotely using a reader the principle is fundamentally not new identify-friend-or-foe system of the Royal Air Force in WWII to distinguish allied aircrafts from enemy aircrafts motorway tolls, ski lifts, identification of livestock and pets, automobile ignition keys RFID is becoming interesting due to the ability to develop very small and cheap transponders called electronic tags offer only weak computation and storage capabilities passively powered by the reader s electromagnetic field communication distance is relatively short (a few meters) when outside of the reader s field, tags are inert low cost, small size can be deployed at very large scale pose new security and privacy problems! 3

4 Example applications access control current access control systems in buildings often use RFIDbased wireless tokens, e.g., cards or badges RFID in the automobile sector keyless entry using a key fob that contains an active RFID tag passive entry systems automatically unlock doors when the driver carrying a passive RFID tag approaches the car appeared recently, e.g., on Renault Laguna, Mercedes-Benz S- class, CL-class, and Toyota Lexus LS430 many car keys have an RFID device integrated into them which activates the fuel injection system (anti-theft measure) car keys can be replaced with cards that stay in the drivers pocket 4

5 Example applications (cont d) supply chain the idea is to replace barcodes with low cost RFID tags advantages tags can be scanned quickly in large quantities no need for visual channel tags can be placed right on or in objects, instead of the packaging tags may contain unique identifiers for individual objects facilitates management of objects throughout the entire supply chain (manufacturing, storage, distribution, ) stock and inventories in supermarkets and warehouses is a primary application domain (e.g., Wal-mart, Metro, Migros, ) RFID in libraries a tag in each volume makes borrowing and returning books easier inventories can be carried out without taking books from the shelves examples: K.U. Leuven (Belgium), Santa Clara (United States), Heiloo (Netherlands), Richmond Hill (Canada), 5

6 Example applications (cont d) subdermal tags RFID based identification of domestic animals is done routinely today identification of people??? nightclubs (e.g., Baja Beach Club, Barcelona) VIPs (e.g., members of a special organization) prisoners electronic IDs (passports, ID cards) already in use today chip in the passport contains biometric information of the bearer electronic payments systems electronic toll collection (e.g., EZ Pass) automated fare collection (AFC) in public transport systems contactless payment cards (e.g., Mastercard PayPass) 6

7 Applications in the future smart and easy shopping fast check-out at point-of-sale terminals terminal reads all tags in the shopping cart in a few seconds payment can be speeded up using contactless credit cards return items without receipt no need to keep receipts of purchased items tracking faulty or contaminated products object IDs can serve as indices into purchase records one can easily list all records that contain IDs belonging to a particular set of products and identify consumers that bought those products smart household appliances washing machine can select the appropriate program by reading the tags attached to the clothes refrigerator can print shopping lists automatically or even order food on-line interactive objects consumers can interact with tagged objects through their mobile phones acting as an RFID reader (NFC Near Field Communications technology) the mobile phone can download and display information about scanned objects (e.g., movie poster, furniture, etc.) 7

8 RFID system architecture RFID system elements RFID tags + RFID reader(s) + back-end infrastructure RFID tag = microcircuit + RF antenna tags request response (ID) ID reader RF communications back-end infrastructure and processing 8

9 RFID tag characteristics power active tags have their own battery passive tags have no internal energy source obtain energy from the reader s electromagnetic field reflect reader s RF signal and modulate it with information to be sent semi-passive tags have battery but use it only for internal calculations power for communication is obtained from the reader communication range depends on frequency and transmission power low frequency (LF) and high frequency (HF) tags: few decimeters ultra-high frequency (UHF) tags: several meters note: by using specific antennas and transmission powers above the legal limits, we can largely surpass these ranges note: information sent by a reader (forward channel) can be captured at a distance far superior than that sent by a tag (backward channel) 9

10 RFID tag characteristics (cont d) memory tags contain a minimum number of memory bits to store their identifier (between 32 and 128 bits) depending on the target application, tags can have ROM, EEPROM, RAM or SRAM electronic anti-theft devices (EAS, Electronic Article Surveillance) that can be found on many items, require only one bit (enabled EAS / not enabled EAS) they do not really allow object identification, only detection computing power can vary in a wide range: no computational capabilities, only memory that can be remotely accessed only simple logical operations (e.g., XOR and AND) a few thousand logical gates that allow for symmetric key encryption and hash more evolved tags could use asymmetric key crypto, but those are expensive 10

11 RFID tag characteristics (cont d) physical characteristics typically antenna size determines the size of the tag antenna size depends on the communication range and frequency smallest tag today is µ-tag from Hitachi (~0.4 mm) tamper resistance infeasible for low cost tags (low cost ~ few Euro cents) 11

12 Some specific examples 12

13 Various RFID tags Logistic and industry CD label Life stock and pets Logistic and industry (naked) Key fob Nail tag 13

14 Various RFID readers 14

15 Related standards ISO 14443: proximity cards (A Mifare, B Calypso) 15693: vicinity cards (can be read from a larger distance than proximity cards) 18000: describes a series of diverse RFID technologies, each utilizing a unique frequency band EPC (Electronic Product Code) established by EPCGlobal, a non profit organization made up of several companies and academics promotes very low cost RFID technology with the goal of integrating it into supply chains Class 1: unique identifier (a code that allows the identification of the product to which the tag is attached), and a function permitting the definitive destruction of the tag Class 2: more memory and authentication functions Class 3: semi-passive tags Class 4: active tags, which can potentially communicate with each other currently only Class 1 is fully specified ISO

16 Objectives: identification and authentication (mutual) authentication an authentication protocol allows a reader to be convinced of the identity of a queried tag in case of mutual authentication, the protocol allows a tag to be convinced of the identity of a querying reader identification an identification protocol allows a reader to obtain the identity of a queried tag, but no proof is required in many cases, identification is sufficient (e.g., inventory in a warehouse), although requirements also depend on the adversary model 16

17 Basic protocols identification R(eader) T(ag): request T R: ID authentication R: pick a random number N R T: N T: compute F(ID, N) T R: ID, F(ID, N) where F is some (not necessarily strong) crypto function, e.g., an encryption or a keyed hash 17

18 Security threats impersonation the adversary can (with non-negligible probability) successfully complete the authentication protocol in the name of a tag relevant only for authentication protocols, because identification protocols are trivially vulnerable to impersonation (no proof of identity is required) countermeasures need strong crypto and proper key management all tags sharing the same crypto key is not a good approach tags are not tamper resistant compromising a single tag allows the adversary to impersonate any other tag tags must have individual keys key diversification techniques are applicable once the tag identifies itself, the reader (back-end system) can look-up the tag key in a database, or compute it on-the-fly using some master key 18

19 Security threats (cont d) relay (wormhole) attack the adversary relays messages between a legitimate reader and a legitimate tag that is remote all systems that assume that successful run of the protocol via the RF interface means that the tagged object or person is present are defeated (e.g., access control systems, car antitheft systems, inventory systems, ) the feasibility of such relay attacks has been demonstrated defense is difficult, crypto alone does not help distance-bounding protocols have been proposed 19

20 Distance-bounding protocols estimate the distance between the parties from the round trip time rapid bit exchange in multiple rounds essentially, no computation during the distance estimation phase challenge-response principle to avoid that one party can send earlier than the reception of the other s last message estimated distance is only an upper bound on the real distance (because any party can always delay responses) if the parties are really far away, then estimated distance cannot be small (it is larger than the real distance) relay attack is detected however, false positives are possible 20

21 Example: Hancke-Kuhn protocol protocol: R : pick a nonce r and generate bits C 1,, C n R T : r T : compute h(k r) and split result into R (0) 1,, R (0) n, R (1) 1,, R (1) n T R : ID R T : C 1 T R : R (C1) 1 R T : C n T R : R (Cn) n distance estimation phase R : look up K that belongs to ID, compute h(k r) and split result into R (0) 1,, R (0) n, R (1) 1,, R (1) n, and for all i, compare R (Ci) i with R (Ci) i properties: tag authentication (prob. 1-(1/2) n ) with distance bounding (prob. 1-(3/4) n ) tag does not need to do computation during the distance estimation phase 21

22 An attack on the H-K protocol R : pick a nonce r and generate bits C 1,, C n R A(T) : r A(R) T : r T : compute h(k r) and split result into R (0) 1,, R (0) n, R (1) 1,, R (1) n T A(R) : ID A(R) sends 0,, 0 to T and receives R (0) 1,, R (0) n A(R) T : r T : compute h(k r) and split result into R (0) 1,, R (0) n, R (1) 1,, R (1) n T A(R) : ID A(R) sends 1,, 1 to T and receives R (1) 1,, R (1) n, A(T) R : ID A(T) responds to any challenge C i of R without communicating remotely with T verification at R is successful, distance bounding is defeated 22

23 Privacy threats in most of the applications, RFID tags respond to the reader s query automatically, without authenticating the reader (only the tag authenticates itself) interaction usually reveals tag specific information (typically the ID stored in the tag, or even more) clandestine scanning of tags is a plausible threat two particular privacy problems: inventorying tracking 23

24 Inventorying a reader can silently determine what objects a person is carrying reader-tag interaction may reveal more than an ID (e.g., title of a tagged book, name of a tagged medicine, ) object can be identified by resolving the ID read from the tag suitcase: Samsonit e jeans: Lee Cooper watch: Casio book: Applied Cryptography shoes: Nike 24

25 Tracking set of readers can determine where a given person is located trivial if tags use unique identifiers even if tag response is not unique, it is possible to track a constellation of a set of particular tags (or tag types/standards!!!) IDs: 12, 34, 56, 7:32 IDs: 12, 34, 56, 7:45 IDs: 12, 34, 56, 8:03 IDs 12, 34, 56, 8:21 25

26 Is this really a problem? other technologies also permit the tracking of people (e.g., video surveillance, GSM, Bluetooth) however, consider the following: RFID tags permit everybody to track people using low cost equipment tags cannot be switched off easily physical or electronic destruction of tags during checkout but how to verify that operation was successful??? tags can be easily hidden, their lifespan is not limited, and analyzing the collected data can be efficiently automated although nominal reading distance is only a few decimeters or meters, a more efficient antenna and larger power could be used to go beyond the presupposed limits in many cases, an adversary can get close enough (e.g., public transport) current trend is towards UHF systems, where the communication distance is larger than in LF/HF systems 26

27 Is this really a problem? Press release: Benetton selects Philips to introduce smart labels across 5,000 worldwide stores Press release: Hidden sensors in clothing may fuel global surveillance network Press release: Benetton has publicly retreated from plans to fit clothing with tiny remote surveillance and tracking chips Gillette has been caught hiding tiny RFID surveillance chips in the packaging of its shaving products. These tiny, high tech spy tags are being used to trigger photo taking of unsuspecting customers! "The world's stupidest anti-shoplifting campaign" - CommsWorld In their "Future Store", a supermarket of the "Extra" chain in Rheinberg near Duisburg (opened in April 2003 with a well-advertised event featuring Claudia Schiffer), the Metro Group are trialing the use of transponders or so-called RFIDs ("Radio Frequency Identification" devices). For its instigation and the related marketing concepts, the Metro Group is receiving an exemplary and future-oriented Big Brother Award. 27

28 Dead tags tell no tales idea: permanently disable tags with a special kill command part of the EPC specification advantages: simple effective disadvantages: eliminates all post-purchase benefits of RFID for the consumer and for society no return of items without receipt no smart house-hold appliances cannot be applied in some applications library e-passports banknotes similar approaches: put RFID tags into price tags or packaging which are removed and discarded 28

29 Sleep command idea: instead of killing the tag definitively, put it in sleep mode tag can be re-activated if needed advantages: simple effective disadvantages: difficult to manage in practice tag re-activation must be password protected how the consumers will manage hundreds of passwords for their tags? passwords can be printed on tags, but then they need to be scanned optically or typed in by the consumer 29

30 Other similar approaches Faraday cage can be effective in some applications (e.g., passports, money wallets) may not be usable in others (e.g., clothes, subdermal) clipped tags tag s antenna can be physically separated from the chip reactivation of the tag can only be done intentionally 30

31 On crypto based approaches tag should not send ID in clear public key crypto would solve the problem ID is encrypted with the public key of the reader only the reader can decrypt it but public key crypto is not available for low cost tags symmetric encryption with a common shared key enough to compromise a single tag, and than all tags become traceable symmetric encryption with individual tag keys encryption must be randomized!!! reader needs to search through the entire set of tag keys and attempt decryption with them (no hint on the key/identity can be provided to the reader) ID refreshment (pseudonyms) adversary should not be able to tell the difference between the information sent by the tag and a random value information sent by the tag should only be used once 31

32 Weis-Sarma-Rivest-Engels protocol setup each tag is initialized with a randomly chosen identifier ID system stores an entry for each tag in its database that contains ID protocol R T : request T : pick a random number r, and compute s = h(id r) T R : r, s R : search through the database for the ID for which h(id r) = s an alternative in theory, the hash function may leak information about its input (e.g., certain bits) instead of hashing, s can be computed as s = ID XOR f K (r), where K is a key shared between T and R, and f.(.) is a pseudo random fn a potential problem no authentication is provided an adversary can replay tag responses (impersonation) 32

33 Molnar-Wagner protocol setup each tag is initialized with a randomly chosen identifier ID and a tag key K the system stores an entry for each tag in its database that contains both ID and K protocol R : pick a random number a R T : a T : pick a random number b, and compute s = ID XOR f K (0 a b) T R : b, s R : search through the database for an (ID, K) pair for which ID XOR f K (0 a b) = s; if found, then compute t = f K (1 a b) R T : t notes the protocol provides mutual authentications 0 and 1 serves as direction indicators 33

34 Ohkubo-Suzuki-Kinoshita protocol setup each tag maintains a state variable s the system stores for each tag its ID and its initial state s 0 two hash functions h and g, and a system parameter m are agreed upon protocol R T : request T : compute response r = g(s) and new state s = h(s) T R : r R : search through the database and find the entry for which g(h (i) (s 0 )) = r for some 0 < i <= m notes protocol provides forward privacy: even if a tag is compromised, its previous interactions cannot be associated with the tag (previous state of the tag cannot be computed due to the one-way property of h) no authentication is provided an adversary can replay tag responses (impersonation) 34

35 OSK protocol with authentication setup same as before protocol R : pick a random number r R T : r T : compute response a = g(r XOR s) and new state s = h(s) T R : a R : search through the database and find the entry for which g(r XOR h (i) (s 0 )) = a for some 0 < i <= m; if found compute b = g(w XOR h (i+1) (s 0 )), where w is a fixed known value R T : b notes both versions are vulnerable to a DoS attack where an adversary queries the tag more than m times; such a victim tag can no longer identify itself to the system if state is advanced only if a correct b is received from R, then privacy can be defeated by preventing T to receive b: state is not updated, and T gives the same response to the same r as before 35

36 The HB protocol HB stands for Hopper and Blum s secure human authentication protocol involves only simple operations that even a human can perform such as XOR and AND basic idea: tag and reader share a secret value x of k bits reader sends a challenge a to the tag tag computes the binary inner product a.x (involves only XOR and AND) and sends the result back legitimate tag gives the right answer with prob. 1, while an impersonating adversary succeeds with probability ½ repeating the procedure can reduce the success probability of the adversary arbitrarily ( (½) n ) unfortunately, each run of the protocol leaks information about x, and ~k runs result in a s.l.e. that can be solved for x with Gaussian elimination to thwart this, the tag injects noise in its responses, and sends a wrong result with probability 0 < q < ½ legitimate tag gives the right answer with prob. 1-q > ½, while an impersonating adversary succeeds with probability ½ still distinguishable 36

37 The HB protocol (cont d) setup tag stores the secret value x (k bits long), and system parameter q system stores for each tag its x value protocol R : pick a from {0, 1} k uniformly at random R T : a T : pick v from {0, 1} such that Pr{v = 1} = q, and compute s = a.x + v T R : s R : for each entry x in the database, check if s = a.x ; after n rounds, the reader selects the entry that matches ~(1-q)n times an active attack an adversary can challenge the tag n times with the same a tag responds with a.x ~(1-q)n > n/2 times and a.x + 1 ~qn < n/2 times the value of a.x can be obtained repeat multiple times with different linearly independent a values system of linear equations can be solved for x 37

38 The HB + protocol (cont d) setup tag stores secret values x and y (each of them is k bits long), and system parameter q system stores for each tag its (x, y) values protocol T : pick b from {0, 1} k uniformly at random, and v from {0, 1} such that Pr{v = 1} = q T R : b R : pick a from {0, 1} k uniformly at random R T : a T : compute s = a.x + b.y + v T R : s R : for each entry (x, y ) in the database, check if s = a.x + b.y ; after n rounds, the reader selects the entry that matches ~(1-q)n times 38

39 The HB + protocol (cont d) an active (man-in-the-middle) attack is still possible active adversary modifies the reader s challenge a to a = a+d tag responds with s = a.x + b.y + v = a.x + b.y + v + d.x the same d is used in each of the n rounds if the tag is successfully authenticated, then d.x = 0. otherwise d.x = 1 repeat the whole procedure for sufficiently many linearly independent d values, and solve the obtained system of linear equations for x once x is determined, an attacker can impersonate the tag by setting b = 0 the adversary can select b, and respond to the reader s challenge a with a.x + v (v is chosen according to the probability q) the same b is used in each of the n rounds if authentication is successful, then b.y = 0, otherwise b.y = 1 repeat the whole procedure for sufficiently many linearly independent b values, and solve the obtained system of linear equations for y 39

40 Traceability in lower layers collision avoidance layer responsible for selecting a single tag when multiple tags are in the reader s range (singulation procedure) also uses identifiers (although these are not necessarily fixed) singulation procedure may reveal these identifiers physical layer defines the physical air interface (frequency, modulation, data encoding, timings, etc) radio fingerprinting may be a problem here 40

41 Binary tree walking a deterministic singulation procedure based on a depth first search in a binary tree, where the leaves are the singulation IDs in each step, the reader sends an ID prefix, and each tag whose ID starts with that prefix responds with the next bit of the ID if multiple tags respond with the same bit, then no collision will occur, and the reader can extend the prefix with the response bit otherwise, if some tags respond differently, then there s a collision, and the reader recurses on both possible extensions of the prefix reader: prefix -? tags: collision reader: prefix 0? tags: 0 reader: prefix 00? tags: 1 reader: prefix 1? tags: 0 reader: prefix 10? tags: collision 41

42 The blocker tag idea: tree is divided into two zones privacy zone: all IDs starting with 1 upon purchase of a product, its tag is transferred into the privacy zone by setting the leading bit the blocker tag is a special tag, such that when the prefix in the reader s query starts with 1, it simulates a collision when the blocker tag is present, all IDs in the privacy zone will appear to be present for the reader when the blocker tag is not present, everything works normally privacy zone transfer to the privacy zone upon purchase 42

43 Slotted Aloha a probabilistic collision avoidance protocol time is divided into n slots, where n is chosen by the reader each tag randomly chooses one slot and responds to the reader when its slot arrives some collisions may occur to recover, the reader queries the tags again (until no collision occurs) it can mute the tags that have not brought out collisions by indicating their identifiers or the time slots during which they transmitted it can choose a more appropriate n 43

44 Privacy problems with Slotted Aloha if the switch-off technique is used, the reader may mute correctly identified tags by broadcasting their identifier better to broadcast slot numbers instead of identifiers an attack based on keeping a singulation session open is still possible: adversary sends a singulation request to a target tag, tag responds in slot s adversary does not close the session (no ack is sent) later when the adversary suspects that the target tag is present, she can confirm this by sending a new singulation request indicating that only tags which transmitted during s must retransmit if a tag retransmits, there is a high probability that it is the adversary s target tag another tag will respond to the second singulation request if and only if its last session also stayed opened and it also transmitted during s it is fundamental that singulation sessions cannot stay open use some internal timeout to abort singulation sessions with abnormal duration such timers can be implemented by loading a capacitor on the first request and close any open session when the capacitor is empty 44

45 Radio fingerprinting the transient behavior at the very beginning of a transmission will be slightly different for different transceivers, especially if they are produced by different manufacturers one person may carry RFID tags from many different manufacturers, and the particular constellation of brands may be unique to a person! the same may be said about constellation of standards (that differ in frequency band, modulation, and bit encodings) 45

Privacy and Security in library RFID Issues, Practices and Architecture

Privacy and Security in library RFID Issues, Practices and Architecture Privacy and Security in library RFID Issues, Practices and Architecture David Molnar and David Wagner University of California, Berkeley CCS '04 October 2004 Overview Motivation RFID Background Library

More information

Radio Frequency Identification (RFID) Presenter: Dusan Stevanovic April 3, 2007

Radio Frequency Identification (RFID) Presenter: Dusan Stevanovic April 3, 2007 Radio Frequency Identification (RFID) Presenter: Dusan Stevanovic April 3, 2007 Introduction RFID are systems that transmit identity (in the form of a unique serial number) of an object or person wirelessly,

More information

RFID Security: Threats, solutions and open challenges

RFID Security: Threats, solutions and open challenges RFID Security: Threats, solutions and open challenges Bruno Crispo Vrije Universiteit Amsterdam crispo@cs.vu.nl 1 Table of Content RFID technology and applications Security Issues Privacy Proposed (partial)

More information

RF ID Security and Privacy

RF ID Security and Privacy RF ID Security and Privacy EJ Jung 11/15/10 What is RFID?! Radio-Frequency Identification Tag Antenna Chip How Does RFID Work? 02.3DFEX4.78AF51 EasyToll card #816 Radio signal (contactless) Range: from

More information

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards January 2007 Developed by: Smart Card Alliance Identity Council RF-Enabled Applications and Technology:

More information

Radio Frequency Identification (RFID)

Radio Frequency Identification (RFID) Radio Frequency Identification (RFID) Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu These slides are available on-line at: http://www.cse.wustl.edu/~jain/cse574-06/

More information

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions July, 2006 Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked

More information

A Study on the Security of RFID with Enhancing Privacy Protection

A Study on the Security of RFID with Enhancing Privacy Protection A Study on the Security of RFID with Enhancing Privacy Protection *Henry Ker-Chang Chang, *Li-Chih Yen and *Wen-Chi Huang *Professor and *Graduate Students Graduate Institute of Information Management

More information

RFID Security and Privacy: A Research Survey. Vincent Naessens Studiedag Rabbit project

RFID Security and Privacy: A Research Survey. Vincent Naessens Studiedag Rabbit project RFID Security and Privacy: A Research Survey Vincent Naessens Studiedag Rabbit project RFID Security and Privacy: A Research Survey 1. Introduction 2. Security and privacy problems 3. Basic RFID tags 4.

More information

Attacks on neighbor discovery

Attacks on neighbor discovery Cryptographic Protocols (EIT ICT MSc) Dr. Levente Buttyán associate professor BME Hálózati Rendszerek és Szolgáltatások Tanszék Lab of Cryptography and System Security (CrySyS) buttyan@hit.bme.hu, buttyan@crysys.hu

More information

RFID Penetration Tests when the truth is stranger than fiction

RFID Penetration Tests when the truth is stranger than fiction RFID Penetration Tests when the truth is stranger than fiction Dr. Tomáš Rosa, tomas.rosa@rb.cz Raiffeisenbank, a.s. Agenda Technology overview Physical layer of LF and HF bands The Unique ID phenomenon

More information

RFID Security. April 10, 2006. Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark

RFID Security. April 10, 2006. Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark April 10, 2006 Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark 1 Outline What is RFID RFID usage Security threats Threat examples Protection Schemes for

More information

Enabling the secure use of RFID

Enabling the secure use of RFID Enabling the secure use of RFID BLACK ME/FOTOLIA.com Enhancing security of radio frequency identification to connect safely to the Internet of Things UHF radio frequency identification (RFID) promises

More information

Strengthen RFID Tags Security Using New Data Structure

Strengthen RFID Tags Security Using New Data Structure International Journal of Control and Automation 51 Strengthen RFID Tags Security Using New Data Structure Yan Liang and Chunming Rong Department of Electrical Engineering and Computer Science, University

More information

Evolving Bar Codes. Y398 Internship. William Holmes

Evolving Bar Codes. Y398 Internship. William Holmes Evolving Bar Codes Y398 Internship By William Holmes Table of contents Introduction: What is RFID? Types of Tags: Advantages of Tags: RFID applications Conclusion: Introduction: Bar codes have evolved

More information

RFID SECURITY. February 2008. The Government of the Hong Kong Special Administrative Region

RFID SECURITY. February 2008. The Government of the Hong Kong Special Administrative Region RFID SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the

More information

Tackling Security and Privacy Issues in Radio Frequency Identification Devices

Tackling Security and Privacy Issues in Radio Frequency Identification Devices Tackling Security and Privacy Issues in Radio Frequency Identification Devices Dirk Henrici and Paul Müller University of Kaiserslautern, Department of Computer Science, PO Box 3049 67653 Kaiserslautern,

More information

RFID BASED VEHICLE TRACKING SYSTEM

RFID BASED VEHICLE TRACKING SYSTEM RFID BASED VEHICLE TRACKING SYSTEM Operating a managed, busy parking lot can pose significant challenges, especially to a government organization that also owns some of the vehicles in the lot. The parking

More information

Data Protection Technical Guidance Radio Frequency Identification

Data Protection Technical Guidance Radio Frequency Identification Data Protection Technical Guidance Radio Frequency Identification This technical guidance note is aimed at those using or contemplating using RFID technology. It gives a brief summary of the technology

More information

If you are interested in Radio Frequency Identification technology, then this is the best investment that you can make today!

If you are interested in Radio Frequency Identification technology, then this is the best investment that you can make today! If you are interested in Radio Frequency Identification technology, then this is the best investment that you can make today! Here s Here's a training course on on RFID technology, with which CERTIFICATION

More information

Security in Near Field Communication (NFC)

Security in Near Field Communication (NFC) Security in Near Field Communication (NFC) Strengths and Weaknesses Ernst Haselsteiner and Klemens Breitfuß Philips Semiconductors Mikronweg 1, 8101 Gratkorn, Austria ernst.haselsteiner@philips.com klemens.breitfuss@philips.com

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Srdjan Čapkun (joint work with Aurélien Francillon, Boris Danev) 1 Agenda 1. Overview of Car Key Systems 2. Previous Attacks: In

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Aurélien Francillon, Boris Danev, Srdjan Čapkun 1 Modern Cars Evolution Increasing amount of electronics in cars For convenience

More information

rf Technology to automate your BUsiness

rf Technology to automate your BUsiness Motorola Tech Brief June 2011 Understanding the characteristics of the rfid spectrum: Choosing the Right rf Technology to automate your BUsiness How to choose the right rfid technology for your Identification,

More information

RFID Payment Card Vulnerabilities Technical Report

RFID Payment Card Vulnerabilities Technical Report RFID Payment Card Vulnerabilities Technical Report Thomas S. Heydt-Benjamin 1, Daniel V. Bailey 2, Kevin Fu 1, Ari Juels 2, and Tom O'Hare 3 Abstract 1: University of Massachusetts at Amherst {tshb, kevinfu}@cs.umass.edu

More information

Location-Aware and Safer Cards: Enhancing RFID Security and Privacy

Location-Aware and Safer Cards: Enhancing RFID Security and Privacy Location-Aware and Safer Cards: Enhancing RFID Security and Privacy 1 K.Anudeep, 2 Mrs. T.V.Anantha Lakshmi 1 Student, 2 Assistant Professor ECE Department, SRM University, Kattankulathur-603203 1 anudeepnike@gmail.com,

More information

50 ways to break RFID privacy

50 ways to break RFID privacy 50 ways to break RFID privacy Ton van Deursen 1 University of Luxembourg ton.vandeursen@uni.lu 1 Financial support received from the Fonds National de la Recherche (Luxembourg). RFID privacy 1 / 40 Outline

More information

Introduction to RFID Technology

Introduction to RFID Technology Introduction to RFID Technology Athens Information Technology Riding the Time-Machine (1) The AUTO-ID consortium AUTO-ID can track Products, Containers, Vehicles, Animals, as well as their condition 2

More information

Radio Frequency Identification. Done by: Haitham Habli.

Radio Frequency Identification. Done by: Haitham Habli. Radio Frequency Identification Done by: Haitham Habli. Table of contents Definition of RFID. Do they need license? RFID vs other identification systems. Classification of RFID systems. Emerge of passive

More information

PAP: A Privacy and Authentication Protocol for Passive RFID Tags

PAP: A Privacy and Authentication Protocol for Passive RFID Tags PAP: A Privacy and Authentication Protocol for Passive RFID s Alex X. Liu LeRoy A. Bailey Department of Computer Science and Engineering Michigan State University East Lansing, MI 48824-1266, U.S.A. {alexliu,

More information

A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags

A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags Sarah Abughazalah, Konstantinos Markantonakis, and Keith Mayes Smart Card Centre-Information Security Group (SCC-ISG) Royal Holloway,

More information

RFID Design Principles

RFID Design Principles RFID Design Principles Harvey Lehpamer ARTECH HOUSE BOSTON LONDON artechhouse.com Contents Introduction 2 2.1 2.1.1 2.1.2 2.1. 2.1.4 2.2 2.2.1 2.2.2 2. 2..1 2..2 2.4 2.4.1 2.4.2 2.5 2.5.1 2.5.2 Comparison

More information

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS 2011) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ)

Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS 2011) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ) Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS ) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ) Wednesday System Security April Group 6, 1 Agenda 1. Overview of Car

More information

RFID Security and Privacy

RFID Security and Privacy RFID Security and Privacy Gildas Avoine, UCL Belgium These slides will be soon available at http://sites.uclouvain.be/security/publications.html Lecturer Presentation Lecturer Presentation: University

More information

Evangelos Kranakis, School of Computer Science, Carleton University, Ottawa 1. Network Security. Canada France Meeting on Security, Dec 06-08

Evangelos Kranakis, School of Computer Science, Carleton University, Ottawa 1. Network Security. Canada France Meeting on Security, Dec 06-08 Evangelos Kranakis, School of Computer Science, Carleton University, Ottawa 1 Network Security Evangelos Kranakis, School of Computer Science, Carleton University, Ottawa 2 Collaboration with Frank Akujobi

More information

CHAPTER 1 Introduction 1

CHAPTER 1 Introduction 1 Contents CHAPTER 1 Introduction 1 CHAPTER 2 Short-Range Communications Systems 3 2.1 Radio-Frequency Spectrum and Propagation 3 2.1.1 Theory of Electromagnetism and Maxwell s Equations 3 2.1.2 RF Propagation

More information

Security in RFID Networks and Protocols

Security in RFID Networks and Protocols International Journal of Information and Computation Technology. ISSN 0974-2239 Volume 3, Number 5 (2013), pp. 425-432 International Research Publications House http://www. irphouse.com /ijict.htm Security

More information

Security and privacy in RFID

Security and privacy in RFID Security and privacy in RFID Jihoon Cho ISG PhD Student Seminar 8 November 2007 Outline 1 RFID Primer 2 Passive RFID tags 3 Issues on Security and Privacy 4 Basic Tags 5 Symmetric-key Tags 6 Conclusion

More information

Scalable RFID Security Protocols supporting Tag Ownership Transfer

Scalable RFID Security Protocols supporting Tag Ownership Transfer Scalable RFID Security Protocols supporting Tag Ownership Transfer Boyeon Song a,1, Chris J. Mitchell a,1 a Information Security Group, Royal Holloway, University of London, Egham, Surrey, TW20 0EX, UK

More information

Cloud RFID UHF Gen 2

Cloud RFID UHF Gen 2 Cloud RFID UHF Gen 2 Supply chain visibility In store stock management and security. - Stock take by RFID - Stock search - Reorder report, - Dynamic reorder, Security. Introduction The Adilam RFID system

More information

MIFARE CONTACTLESS CARD TECHNOLOLGY AN HID WHITE PAPER

MIFARE CONTACTLESS CARD TECHNOLOLGY AN HID WHITE PAPER MIFARE CONTACTLESS CARD TECHNOLOLGY AN HID WHITE PAPER GENERAL The MIFARE contactless smart card and MIFARE card reader/writer were developed to handle payment transactions for public transportation systems.

More information

Best Practices for the Use of RF-Enabled Technology in Identity Management. January 2007. Developed by: Smart Card Alliance Identity Council

Best Practices for the Use of RF-Enabled Technology in Identity Management. January 2007. Developed by: Smart Card Alliance Identity Council Best Practices for the Use of RF-Enabled Technology in Identity Management January 2007 Developed by: Smart Card Alliance Identity Council Best Practices for the Use of RF-Enabled Technology in Identity

More information

Lesson Title: History of RFID

Lesson Title: History of RFID Page 1 of 6 Lesson Title: History of RFID 6/22/09 Copyright 2008, 2009 by Dale R. Thompson {d.r.thompson@ieee.org} Rationale Why is this lesson important? Why does the student need this lesson? How does

More information

Lightweight Cryptography. Lappeenranta University of Technology

Lightweight Cryptography. Lappeenranta University of Technology Lightweight Cryptography Dr Pekka Jäppinen Lappeenranta University of Technology Outline Background What is lightweight Metrics Chip area Performance Implementation tradeoffs Current situation Conclusions

More information

Security Issues in RFID systems. By Nikhil Nemade Krishna C Konda

Security Issues in RFID systems. By Nikhil Nemade Krishna C Konda Security Issues in RFID systems By Nikhil Nemade Krishna C Konda Agenda Introduction to an RFID System Possible Application Areas Need for Security Vulnerabilities of an RFID system Security Measures currently

More information

Automated Identification Technologies

Automated Identification Technologies Spec 2000 ebusiness Forum Automated Identification Technologies Jon Andresen President Technology Solutions Jon@TechSoln.com Budapest, Hungry 23 October 2008 Agenda 1. AIT Chapter 9 Intro - Jon A. AIT

More information

Security and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags

Security and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags Security and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags Seyed Mohammad Alavi 1, Karim Baghery 2 and Behzad Abdolmaleki 3 1 Imam Hossein Comprehensive University Tehran, Iran

More information

Security Issues in RFID. Kai Wang Research Institute of Information Technology, Tsinghua University, Beijing, China wang-kai09@mails.tsinghua.edu.

Security Issues in RFID. Kai Wang Research Institute of Information Technology, Tsinghua University, Beijing, China wang-kai09@mails.tsinghua.edu. Security Issues in RFID Kai Wang Research Institute of Information Technology, Tsinghua University, Beijing, China wang-kai09@mails.tsinghua.edu.cn Abstract RFID (Radio Frequency IDentification) are one

More information

Back-end Server Reader Tag

Back-end Server Reader Tag A Privacy-preserving Lightweight Authentication Protocol for Low-Cost RFID Tags Shucheng Yu, Kui Ren, and Wenjing Lou Department of ECE, Worcester Polytechnic Institute, MA 01609 {yscheng, wjlou}@wpi.edu

More information

Radio Frequency Identification (RFID) An Overview

Radio Frequency Identification (RFID) An Overview Radio Frequency Identification (RFID) An Overview How RFID Is Changing the Business Environment Today Radio frequency identification (RFID) technology has been in use for several decades to track and identify

More information

An Overview of Approaches to Privacy Protection in RFID

An Overview of Approaches to Privacy Protection in RFID An Overview of Approaches to Privacy Protection in RFID Jimmy Kjällman Helsinki University of Technology Jimmy.Kjallman@tkk.fi Abstract Radio Frequency Identification (RFID) is a common term for technologies

More information

RFID System Description for Logistics & Inventory

RFID System Description for Logistics & Inventory RFID System Description for Logistics & Inventory 1. General The Vizbee platform is a flexible rule based solution for RFID based applications that can adapt to the customer s needs and evolve with them.

More information

RFID Design Principles

RFID Design Principles RFID Design Principles Second Edition Harvey Lehpamer ARTECH HOUSE BOSTON LONDON artechhouse.com Contents CHAPTER 1 Introduction CHAPTER 2 Short-Range Communications Systems 2.1 Radio-Frequency Spectrum

More information

Glossary of RTLS/RFID Terms

Glossary of RTLS/RFID Terms Glossary of RTLS/RFID Terms A Active tag: An RFID tag that has a transmitter to send back information, rather than reflecting back a signal from the reader, as a passive tag does. Most active tags use

More information

Development of a wireless home anti theft asset management system. Project Proposal. P.D. Ehlers 21017914. Study leader: Mr. D.V.

Development of a wireless home anti theft asset management system. Project Proposal. P.D. Ehlers 21017914. Study leader: Mr. D.V. EVALUATION PAGE Format/10 Afrikaans group Revision no: 0 Content/10 Computer Engineering Must revise: Yes No Final mark/20 Must proofread: Yes No Development of a wireless home anti theft asset management

More information

Various Attacks and their Countermeasure on all Layers of RFID System

Various Attacks and their Countermeasure on all Layers of RFID System Various Attacks and their Countermeasure on all Layers of RFID System Gursewak Singh, Rajveer Kaur, Himanshu Sharma Abstract RFID (radio frequency identification) system is one of the most widely used

More information

PUF Physical Unclonable Functions

PUF Physical Unclonable Functions Physical Unclonable Functions Protecting next-generation Smart Card ICs with SRAM-based s The use of Smart Card ICs has become more widespread, having expanded from historical banking and telecommunication

More information

Design And Implementation Of Bank Locker Security System Based On Fingerprint Sensing Circuit And RFID Reader

Design And Implementation Of Bank Locker Security System Based On Fingerprint Sensing Circuit And RFID Reader Design And Implementation Of Bank Locker Security System Based On Sensing Circuit And RFID Reader Khaing Mar Htwe, Zaw Min Min Htun, Hla Myo Tun Abstract: The main goal of this system is to design a locker

More information

Keep Out of My Passport: Access Control Mechanisms in E-passports

Keep Out of My Passport: Access Control Mechanisms in E-passports Keep Out of My Passport: Access Control Mechanisms in E-passports Ivo Pooters June 15, 2008 Abstract Nowadays, over 40 different countries issue biometric passports to increase security on there borders.

More information

Security and Privacy in RFID

Security and Privacy in RFID Security and Privacy in RFID Sirkka-Liisa Vehkaoja Oulu University of Applied Sciences, t8vesi00@students.oamk.fi Abstract Security and privacy in RFID and mobile RFID services and user-side communication

More information

Radio Frequency Identification (RFID) Vs Barcodes

Radio Frequency Identification (RFID) Vs Barcodes Radio Frequency Identification (RFID) Vs Barcodes Which one to choose? Which one is the better technology? Why choose one over the other? Answer: It really depends on the application, and what you want

More information

Relay attacks on card payment: vulnerabilities and defences

Relay attacks on card payment: vulnerabilities and defences Relay attacks on card payment: vulnerabilities and defences Saar Drimer, Steven J. Murdoch http://www.cl.cam.ac.uk/users/{sd410, sjm217} Computer Laboratory www.torproject.org 24C3, 29 December 2007, Berlin,

More information

An Overview of RFID Security and Privacy threats

An Overview of RFID Security and Privacy threats An Overview of RFID Security and Privacy threats Maxim Kharlamov mkha130@ec.auckland.ac.nz The University of Auckland October 2007 Abstract Radio Frequency Identification (RFID) technology is quickly deploying

More information

In the first part of the talk, some common location-based security vulnerabilities will be presented. In the second part, the state-of-the-art

In the first part of the talk, some common location-based security vulnerabilities will be presented. In the second part, the state-of-the-art In the first part of the talk, some common location-based security vulnerabilities will be presented. In the second part, the state-of-the-art countermeasures will be described. 2/63 GPS tracking for cargoes

More information

The Study on RFID Security Method for Entrance Guard System

The Study on RFID Security Method for Entrance Guard System The Study on RFID Security Method for Entrance Guard System Y.C. Hung 1, C.W. Tsai 2, C.H. Hong 3 1 Andrew@mail.ncyu.edu.tw 2 s0930316@mail.ncyu.edu.tw 3 chhong@csie.ncyu.edu.tw Abstract: The RFID technology

More information

NACCU 2013. Migrating to Contactless: 2013 1

NACCU 2013. Migrating to Contactless: 2013 1 NACCU 2013 Migrating to Contactless: 2013 1 AGENDA The demise of cards has been predicted for many years. When will this really happen? This presentation by two card industry experts will cover the rise

More information

CSC 474 -- Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity

CSC 474 -- Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity CSC 474 -- Network Security Topic 6.2 User Authentication CSC 474 Dr. Peng Ning 1 User Authentication Basics CSC 474 Dr. Peng Ning 2 Authentication and Identity What is identity? which characteristics

More information

On the Security of RFID

On the Security of RFID On the Security of RFID Hung-Min Sun Information Security Lab. Department of Computer Science National Tsing Hua University slide 1 What is RFID? Radio-Frequency Identification Tag Reference http://glossary.ippaper.com

More information

WHITE PAPER. ABCs of RFID

WHITE PAPER. ABCs of RFID WHITE PAPER ABCs of RFID Understanding and using Radio Frequency Identification Basics - Part 1 B.Muthukumaran Chief Consultant Innovation & Leadership Gemini Communication Ltd #1, Dr.Ranga Road, 2nd Street,

More information

Multi-vendor Penetration Testing in the Advanced Metering Infrastructure: Future Challenges

Multi-vendor Penetration Testing in the Advanced Metering Infrastructure: Future Challenges Multi-vendor Penetration Testing in the Advanced ing Infrastructure: Future Challenges DIMACS Workshop on Algorithmic Decision Theory for the Smart Grid Stephen McLaughlin - Penn State University 1 Data

More information

How Does It Work? Internet of Things

How Does It Work? Internet of Things Intermec UAP-2100 What is RFID? 18-759: Wireless Networks Lecture 14: RFID Peter Steenkiste and Hedda R. Schmidtke Departments of Computer Science and Electrical and Computer Engineering Spring Semester

More information

Large Vehicle Scale RFID Is it now viable for use? Antti Permala Technical Research Centre of Finland (VTT) 12 June 2008

Large Vehicle Scale RFID Is it now viable for use? Antti Permala Technical Research Centre of Finland (VTT) 12 June 2008 Large Vehicle Scale RFID Is it now viable for use? Antti Permala Technical Research Centre of Finland (VTT) 12 June 2008 Contents Development during last years Technology Applications Cases 2 Three years

More information

International Journal of Engineering Research & Management Technology

International Journal of Engineering Research & Management Technology International Journal of Engineering Research & Management Technology March- 2015 Volume 2, Issue-2 Radio Frequency Identification Security System Mr. Shailendra Kumar Assistant Professor Department of

More information

Using RFID Techniques for a Universal Identification Device

Using RFID Techniques for a Universal Identification Device Using RFID Techniques for a Universal Identification Device Roman Zharinov, Ulia Trifonova, Alexey Gorin Saint-Petersburg State University of Aerospace Instrumentation Saint-Petersburg, Russia {roman,

More information

Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion

Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion By Kerry Maletsky, Business Unit Director Crypto Products Summary There is a growing need for strong hardware security devices

More information

IMPROVISED SECURITY PROTOCOL USING NEAR FIELD COMMUNICATION IN SMART CARDS

IMPROVISED SECURITY PROTOCOL USING NEAR FIELD COMMUNICATION IN SMART CARDS IMPROVISED SECURITY PROTOCOL USING NEAR FIELD COMMUNICATION IN SMART CARDS Mythily V.K 1, Jesvin Veancy B 2 1 Student, ME. Embedded System Technologies, Easwari Engineering College, Ramapuram, Anna University,

More information

Client Server Registration Protocol

Client Server Registration Protocol Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

More information

OBID RFID by FEIG ELECTRONIC. OBID classic / OBID classic-pro. RFID Reader Technology for Security Applications

OBID RFID by FEIG ELECTRONIC. OBID classic / OBID classic-pro. RFID Reader Technology for Security Applications OBID RFID by FEIG ELECTRONIC OBID classic / OBID classic-pro RFID Reader Technology for Security Applications OBID RFID Reader Technologies RFID Readers from the number 1 manufacturer FEIG ELECTRONIC specialized

More information

The Computer in the Sciences: RFID Technology. California State University, Stanislaus. Student s Name. Professor Dan Bratten CS4000-5

The Computer in the Sciences: RFID Technology. California State University, Stanislaus. Student s Name. Professor Dan Bratten CS4000-5 The Computer in the Sciences: RFID Technology California State University, Stanislaus Student s Name Professor Dan Bratten CS4000-5 March 30, 2006 Last Name 2 The Computer in the Sciences: RFID Technology

More information

RADIO FREQUENCY IDENTIFICATION FOR STUDENT ATTENDENCE TRACKING

RADIO FREQUENCY IDENTIFICATION FOR STUDENT ATTENDENCE TRACKING International Journal of Science, Environment and Technology, Vol. 4, No 2, 2015, 468 473 ISSN 2278-3687 (O) 2277-663X (P) RADIO FREQUENCY IDENTIFICATION FOR STUDENT ATTENDENCE TRACKING Anu Sunny, Tharika

More information

RFID Guardian Back-end Security Protocol

RFID Guardian Back-end Security Protocol Master Thesis RFID Guardian Back-end Security Protocol Author: Hongliang Wang First Reader: Bruno Crispo Second Reader: Melanie Reiback Department of Computer Science Vrije Universiteit, Amsterdam The

More information

REAL TIME MONITORING AND TRACKING SYSTEM FOR AN ITEM USING THE RFID TECHNOLOGY

REAL TIME MONITORING AND TRACKING SYSTEM FOR AN ITEM USING THE RFID TECHNOLOGY Review of the Air Force Academy No 3 (30) 2015 REAL TIME MONITORING AND TRACKING SYSTEM FOR AN ITEM USING THE RFID TECHNOLOGY For the past few years, location systems have become a major studying field,

More information

3M Cogent, Inc. White Paper. Beyond. Wiegand: Access Control. in the 21st Century. a 3M Company

3M Cogent, Inc. White Paper. Beyond. Wiegand: Access Control. in the 21st Century. a 3M Company 3M Cogent, Inc. White Paper Beyond Wiegand: Access Control in the 21st Century a 3M Company Unprecedented security features & capabilities Why Wiegand? The Problem with Wiegand In 1970, John Wiegand invented

More information

Information Security Group (ISG) Core Research Areas. The ISG Smart Card Centre. From Smart Cards to NFC Smart Phone Security

Information Security Group (ISG) Core Research Areas. The ISG Smart Card Centre. From Smart Cards to NFC Smart Phone Security Information Security Group (ISG) From Smart Cards to NFC Smart Phone Security Information Security Group Activities Prof. Keith and Mayes Research From the Information Security Group ACE-CSR at Royal Holloway

More information

The Drug Quality & Security Act

The Drug Quality & Security Act The Drug Quality & Security Act Drug Traceability & Interoperable Exchange of Transaction Information, History & Statement Mujadala Abdul-Majid 3E Company February 20, 2014 About 3E Company About 3E Supply

More information

RFID based Bill Generation and Payment through Mobile

RFID based Bill Generation and Payment through Mobile RFID based Bill Generation and Payment through Mobile 1 Swati R.Zope, 2 Prof. Maruti Limkar 1 EXTC Department, Mumbai University Terna college of Engineering,India Abstract Emerging electronic commerce

More information

Karsten Nohl University of Virginia. Henryk Plötz HU Berlin

Karsten Nohl University of Virginia. Henryk Plötz HU Berlin Karsten Nohl University of Virginia Henryk Plötz HU Berlin Radio Frequency IDentification Tiny computer chips Passively Powered Karsten Nohl, Henryk Plötz - RFID Security 2 Constant monitoring is already

More information

Implementation of biometrics, issues to be solved

Implementation of biometrics, issues to be solved ICAO 9th Symposium and Exhibition on MRTDs, Biometrics and Border Security, 22-24 October 2013 Implementation of biometrics, issues to be solved Eugenijus Liubenka, Chairman of the Frontiers / False Documents

More information

RFID TECHNOLOGY: A PARADIGM SHIFT IN BUSINESS PROCESSES. Alp ÜSTÜNDAĞ. Istanbul Technical University Industrial Engineering Department

RFID TECHNOLOGY: A PARADIGM SHIFT IN BUSINESS PROCESSES. Alp ÜSTÜNDAĞ. Istanbul Technical University Industrial Engineering Department RFID TECHNOLOGY: A PARADIGM SHIFT IN BUSINESS PROCESSES Alp ÜSTÜNDAĞ Istanbul Technical University Industrial Engineering Department ABSTRACT: Radio Frequency Identification (RFID) is fast becoming an

More information

Problems of Security in Ad Hoc Sensor Network

Problems of Security in Ad Hoc Sensor Network Problems of Security in Ad Hoc Sensor Network Petr Hanáček * hanacek@fit.vutbr.cz Abstract: The paper deals with a problem of secure communication between autonomous agents that form an ad hoc sensor wireless

More information

RFIDs and European Policies

RFIDs and European Policies ICTSB Seminar on RFID Standardisation CEN/CENELEC Meeting Centre Brussels, Belgium RFIDs and European Policies Gérald SANTUCCI, Head of Unit gerald.santucci@ec.europa.eu European Commission Directorate

More information

Overview of the Internet of Things {adapted based on Things in 2020 Roadmap for the Future by EU INFSO D.4 NETWORKED ENTERPRISE & RFID}

Overview of the Internet of Things {adapted based on Things in 2020 Roadmap for the Future by EU INFSO D.4 NETWORKED ENTERPRISE & RFID} Overview of the Internet of Things {adapted based on Things in 2020 Roadmap for the Future by EU INFSO D.4 NETWORKED ENTERPRISE & RFID} John Soldatos Associate Professor, Athens Information Technology

More information

Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER

Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER with Convenience and Personal Privacy version 0.2 Aug.18, 2007 WHITE PAPER CONTENT Introduction... 3 Identity verification and multi-factor authentication..... 4 Market adoption... 4 Making biometrics

More information

tags Figure D-1 Components of a Passive RFID System

tags Figure D-1 Components of a Passive RFID System Attachment D: RFID Technology Overview The following sections provide an overview to RFID technology, the applications in which they are currently used and other considerations of RFID technology as it

More information

Security and Privacy for Internet of Things Application

Security and Privacy for Internet of Things Application Security and Privacy for Internet of Things Application Qi fang, School of Information Science and Engineering, Central South University, Changsha, China 8-1 Copyright Disclamation This course material

More information

Technical Article. NFiC: a new, economical way to make a device NFC-compliant. Prashant Dekate

Technical Article. NFiC: a new, economical way to make a device NFC-compliant. Prashant Dekate Technical NFiC: a new, economical way to make a device NFC-compliant Prashant Dekate NFiC: a new, economical way to make a device NFC-compliant Prashant Dekate The installed base of devices with Near Field

More information

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY AUTHOR: Raúl Siles Founder and Security Analyst at Taddong Hello and welcome to Intypedia. Today we will talk about the exciting world of security

More information

SECURITY IMPLICATIONS OF NFC IN AUTHENTICATION AND IDENTITY MANAGEMENT

SECURITY IMPLICATIONS OF NFC IN AUTHENTICATION AND IDENTITY MANAGEMENT SECURITY IMPLICATIONS OF NFC IN AUTHENTICATION AND IDENTITY MANAGEMENT Dmitry Barinov SecureKey Technologies Inc. Session ID: MBS-W09 Session Classification: Advanced Session goals Appreciate the superior

More information