Security and Privacy in RFID

Transcription

1 Security and Privacy in RFID Sirkka-Liisa Vehkaoja Oulu University of Applied Sciences, Abstract Security and privacy in RFID and mobile RFID services and user-side communication are coming more and more important then the wireless traffic is increasing hugely. Security and privacy protecting mechanism have to be tested to work well. There are still problems to protect the connections against attacks by any kind of hackers. In this paper are handled on the tested systems for more safe and privacy wireless traffic RFID equipped communication. Keywords: Personal information protection, Physical blocking, Rewritable tag, Smart tag approach, Public key encryption, Common key encryption, hash based scheme, K-steps ID matching, Crypto Algorithm, Discovery Service Gateway system, Policy-based user privacy protection. 1 Introduction Personal information protection means same as privacy in this paper. All kind of protection against hackers is very important in information and mobile technology area. Normal RFID tag is called basic tag because of not possesses any cryptographic operation as encryption, strong pseudorandom number generation and hashing. A typical deployment of an RFID system involves three types of entities: tags, readers and back-end server. The tags, also called transponders are attached to/or embedded in objects to be identified. (hosts). They are consist of microchip and RF-coupling element and antenna, which enables communication via radio waves. The microchip can include features as a CMOS integrated circuit, ROM, RAM and nonvolatile EEPROM, autonomous power element as a battery. The readers often called transceivers include a radiofrequency module, a control unit and a coupling element to scan for and communicate with tags. There are too many ways of classify RFID tags such as passive-, active and semi-passive. - Passive tags: It s power captured from reader s radio waves through induction at the antenna. - Active tags: Power supplied autonomously (usually a battery). - Semi-passive tags: Autonomous power provides for an onboard clock and/or powers the tag circuitry, but does not supply the radio interference. Communication is powered by induction as in the passive case. Sometimes RFID readers are stand-alone units, sometimes integrated with cell-phone devices. Sometimes they have interface for communication with a back-end server, with the middleware or the database to implement specific secure business logic with a PC-type device and a custom software in the cell-phone and other components in remote databases accessed through the cell network. 2 Normal RFID tag protection First about the stationary RFID tags handles further mobile RFID tags showing. 2.1 Personal RFID protection Ideas, operations and technologies for personal protection of RFID are based the same as normal information systems. There are two unique features in RFID systems:1. An adversary can access a tag easily without notice since RFID uses radio frequency. 2. The restriction to the cost of the tag is very severe in RFID systems. 2.2 Physical blocking approach Satisfy anonymity and unlinkability by preventing an adversary from accessing RFID tags physically. 1. Kill command, which disables functionality of the tag by EPCglobal standard. 2. Faraday cage, made of conducting material, blocks radio frequency. User encloses RFID tags with Faraday cage, which prevents communication

2 between tags and readers. 3. Proposes by Jules, Karjoth and MosKowitz. 2.3 Rewritable tag approach Nonvolatile RAM (NVRAM) as a flash memory is embedded within each RFID tag. Proposes by Juels and Pappu. 2.4 Smart tag approach Cryptographic function and a ROM are embedded within each RFID tag. The tag changes its output all the time using a cryptographic function public key encryption, common key encryption or hash function on itself. Proposes by Kinoshita. 2.5 K-steps ID matching Hash function H, a ROM and a pseudorandom number generator are embedded within each RFID tag. The tag is using a tree ID structure. The tree has N-leaves and each leaf corresponds to an RFID tag. Each node has an unique label. ID of an RFID tag corresponding to a leaf node defines a sequence of labels from the root node to the leaf node. The server recognized an ID from the output of an RFID tag. Steps. Proposes by Avoine s and Yeo s. 3 Mobile RFID protection Multilateral security approaches in mobile RFID using: 1. Crypto Algorithm 2. Discovery service gateway system 3. Policy-based RFID user privacy protection 3.1 Crypto Algorithm There is a crypto library for efficient processing of the crypto algorithms and security protocols in mobile RFID. It provides security mechanism to the mobile RFID reader and targets the mobile RFID middleware based on the WIPI platform at a reasonable cost and short period of time. In WIPI platform RFID crypto library enables the mobile RFID service provider, wireless content provider and information security industry support. Crypto logical procedures are used to protect against active and passive attacks to achieve the protection. The transmitted data can be encrypted before transmission so that potential attacker can t hacker the content of message. In mobile RFID systems are used for a long time only symmetric procedures. 3.2 Discovery service gateway system A secure service portal for various mobile RFID application services is SMAP (the secure mobile RFID application portal). A service provider using SMAP can easily guaranteed security and privacy protection for several mobile RFID applications. This portal allows to find out offline product information on an EPC, online additional service information, information on authentication for product families or product related to this EPC etc. This gateway system manages the locations and interface of servers and services as registered from the applicable product and service providers for product information and contents corresponding to each EPC. It manages too the mobile OIS system in a mobile RFID security application service network and supports internal functions comprising each element service system. The gateway system seeks appropriate services for capacity provide information transmitting between RFID tag and any device equipped with applicable EPC or contents. A safe server-based system is built by using Web service security technology as a standard to expand RFID data security functions. 3.3 Policy-based RFID user privacy protection The privacy problem will be very serious if the RFID reader is contained in handheld device and many application services are based on B2C model. The RPS system provides for users privacy protection services under mobile RFID environment. In connection between RFID user and RFID tagged product RPS enables the owner to control the backend information connected to the tag as product information, distribution info, owner s personal information etc. The secure privacy protection mechanism is often focused on the tag/reader authentication protocol. Owner s privacy profile-based protection service seems to be quite reliable. There are three service systems using profile-based systems (See Figure 3.). 1. RPS system 2. Service-side system 3. User-side system RPS system RPS system creates a privacy profile for owner s privacy policy, provides the privacy profile to the service-side system and manages the event logs from service-side or RPS system for auditing. Service-side system This system provides information related to the ID code of RFID tag and provides an access function by owner-defined privacy profile.

3 User-side system The system has a wireless (or wired) network access function and an RFID reader function. Via this system the tag owner accesses the service-side and RPS system. In order to satisfy the privacy protection requirements of mobile RFID service users the profile-based privacy protection service incorporates the functions as access control, registration, privacy profile management, privacy enhanced log management, obligation notification and tag data refreshment. Conclusion of mobility RFID tag investigations The mobility of RFID reader and it s service model will give rise to additional security treats. The killing alone and recoding are not enough and new mechanism are needed for building privacy-preserving RFID architectures. There are many supposes and suggestions for better solutions. This source gives only just that kind of ideas. Nearly all visibility events detected on the research of RFID made by College of Engineering. The US National Science (See Figure 1.). This result verifies the integrity of data-collection procedure because high precision depends on correct ground truth input. Figure 1. A single visibility event between two tags, except of the first, which is the average of A s visibility events with their objects. Average precision and recall for visibility events. PEEX in Figure 1 means Probabilistic Event Extractor for RFID Data research prototype. Security in RFID standards Still there are ISO-, ANSI-, etc.-standards and security technics the state security of RFID-systems have several key problems. Security standards are fairly minimal as exist at all. Finally they left designers integrate their own security methods they like. Cost and power requirements make difficult to incorporate strong security to tags. Many technics propose lightweight authentication and encryption but they often have high cost and required area are impossible to utilize and archieve. To strenghten security of RFID tags are designed a passive active hybrid RFID tag (PART). To it has been employed security and multiple levels during the RFID transaction. These levels are applied in different layers in the communication scheme similar to the layers as in OSI (Open System Interconnection) Model. This system provides layers for security in the final RFID system with: 1. passive activation layer (burst switch) 2. the active communication encoding (physical layer) 3. the use of encrypted data in communication primitives (specified with the RFID design automation) and 4. physical security protection. For example, the reader generates pulses with lenght of 2, 12, 3, and 9 time units. The tag must detect a unique code from the burst and so as activate the remainder of the tag. (See Figure 2.) The SW-based system is implemented in a PIC microprocessor and HW-based system is implemented in ASIC or SoC chips. The strength of encoding is related to two components: the number of bursts in the sequence n and a unique number of different burst length detectable by the receiver b. The clock speeds of the circuit depends on the detection precision of the burst. HW with Spartan 3 FPGA and connection between a generator and detector. Deviation was 100 khz first ~1 µs and it dropped by considering four pulses 0 % for 0,3 µs. Clock speed should be below 1 MHz and resolution of the transceiver at least an order of magnitude (100 khz) lower. 100 khz clock speed is closer to match the capability of transceiver requires 300 x less power than PIC on processing. At such lower clock speeds the clock-gated circuit provides little power advantage. There were used Lynx transmitter and receiver too. RFID communication Model RFID communication model is modeled in three distinct layer: - lowest/physical layer, involving the RF coupling element - thee data link layer/communication layer, including the collision-avoidance protocols - the protocol/application layer, wherein higher-level mechanism such as authentication protocols can be implemented.

4 At every layer of this model there are issues that affect RFID security. By Faraday cage or larger capacitors can eliminate such physical-observation attacks as power manipulation in the RFID internal circuits. For example, US e-passports incorporate F-shielding pages. At communication layer it is possible to achieve security violations and in particular location privacy exploits by some mechanism as singulation protocol in the EPC Gen2 standard (EPCglobal 2005) (See Figure 4.). By keeping the singulation protocol in open state it is possible for a reader continuously track a tag that remains within reach, even if the tag were to implement privacy-preserving protocols at higher layers. Protocol layer RFID security at a passive RFID tag is strongly restricted in their maximum circuit area by the amount of power provided by electromagnetic energy captured by the antenna. This restriction provides an envelope of few thousand gates of circuitry available for implementation of all protocol layer services. Passive RFIDs are not vulnerable battery-depletion denial of service attacks that affect other constrained settings such as sensor networks. Semi-passive tags represent an unique security domain, but not in minimizing communication and computation cost. They have not strong restrictions on circuit as battery can power comparatively larger circuits. Resources available for RFID security mechanism For anonymity and availability in RFID authentication protocols are some tools which have capabilities for security measures, considering the requirements of passive tags NAND gate-equivalents (GE) is a crucial measure and provide a few thousand GEs for security in the higher end tags. Only 1/3 of the circuitry can be used for security purpose. Per-cycle maximum power and per-cycle average power required for RFID circuits are restricted for measurements. Security mechanism are: - transient storage - EPROM, EEPROM - time-out mechanism - asymmetric cryptographic primitives - symmetric cryptographic primitives Security controls for most RFID implementations Security controls can be: - Management: Organization update the policies - Operational: Ensure the physical security - Technical: Uses technology to monitor and restrict the actions can be performed within the system. Operational security control is physical access control. Management security control provide authentication and integrity services, protect RF communication between reader and tag and protect the data stored on tags by security policies for usage policy. The most common security technics are using passwords, keyed-hash message authentication codes (HMAC) and digital signature (SEED, KCDSA, ARIA etc.). Low cost RFID tag security systems For secure functions in RFID low cost tags are used complexity classes for deviding tags by complexity theory (See Figure 5.). C-class (Circuit with polynomial order of the number of logic gates) in mobile phones is using RP-class (random polynomial) of algorithms. These tasks include processing of data, transmitting data and other normal procedures. By complexity theory all RP-class of algorithms can be implemented on C-class of circuits. In UWB modulation using in time slot hidden system is used a pulse position modulator (PPM). A CS PRNG (Cryptographically Secure Pseudo Random Number Generator) determines the time hopping codes. There are too using physically unclonable functions, which are using HW-based random function (PUF) integrated to low cost RFID tag IC. Minimalist cryptography usin in RFID tags are sometimes used. By the theory the tag may carry multiple random-looking names. Each occasion is a tag quered, the tag releases a different name. Only an authorized verifier can tell when different names belong to the same tag. There are noisy tag protocols and one time codes to secure the traffic between RFID tags and readers. In one time codes system is used a simple operator as XOR function based on use of shared secret encrypted with random binary sequences string between a tag and a database with one or more features. It provides only mutual authentication between RFID readers and tags. The backend database and the reader are treated as a

5 single entity, which communicates with a tag via the RFID air-interface. As far as future directions, A5 algorithm is used in GSM mobile communication standard is using in Hidden Field Equations (HFE) system. This method is used in a direct application to the analysis of bit oriented stream generator based on shift register and has ability to represent the encryption HW-using polynomial equations. Technology, Security, and Privacy crcpress, 27-28: , , 17. April [2] College of Engineering. The US National Science Foundation funded this research under its ComputingResearch Initiative grants , IIS , and IIS An, Pervasive computer, Authorized licensed use limited to: Oulun Seudun Ammattikorkeakoulu. Downloaded on March 30, 2009 at 08:48 from IEEE Xplore. Restrictions apply.. [3] rfid_surway_28_09_05. 4 Summary Privacy and security level of RFID are very important issues. This source shows only supposes by words if and example as far as this is. The good results of researching are still quite true and in use. Then comparing the precision and recall events of the raw data stream against a third sets of tag reads, which is made by PEEX. With the several algorithms and tools could ameliorate antenna s reading problems in pocket or duffel bag by cleaning the data. EPC tags are low-cost and they have only basic functions. RFID tags usually communicate using some form of Manchester encoding which combines data communication with a synchronization clock. Each bit is contained with a window in the signal, which contains a transition in the middle ( 1 -and 0 - states in the queue). Level of security and privacy will depend on the used application. There are multiple SW- and HW-based systems in use and suggested for use to provide for better these systems reliability. Biomedical security solutions use layer2 privacy control, proxy using MAC protocols, encryption, centralized authority, challenge-response authentication protocols, update algorithm for secret keys etc. methods. The time and paper lef no possibilities to concentrate for these systems. Designers are only the people who know and have to know what technic use. The sensors are too like same devices as RFID tags. They have same kind of problems. The user of RFID tag cannot see RF-emissions, they only form their impressions based on physical cues and industry explanations. It will allow the physical and logical access performed by policy decision and preliminary examinations. Example of use biomedical security solutions for animals and human beings. The implantable micromodule and blood glucose RFID device. The other example solution is supply-chain in logistics are used years. References [1] S. Ahson, M. Ilyas. RFID handbook Applications,

6 Figure 2. For example, reader generates pulses Figure 3. Service system comprising the profile-based privacy protection service Figure 4. Example of tag singulation Figure 5. Complexity classes of low cost RFID tags security