RFID Security: Threats, solutions and open challenges
|
|
- Marcus Bishop
- 8 years ago
- Views:
Transcription
1 RFID Security: Threats, solutions and open challenges Bruno Crispo Vrije Universiteit Amsterdam 1
2 Table of Content RFID technology and applications Security Issues Privacy Proposed (partial) Solutions Technical Open Issues Conclusions 2
3 What is RFID? RFID: Radio Frequency IDentification Not new, first introduced in 1959 Passive tag patented in 1973 RFID Tags Store up to 1KB Cost ~25c Range up to 6m RFID Readers 3
4 How RFID works? Reader acts as a transmitter (of energy and data) Tag (passive) is powered by this energy and at the same time recieve the data Tag (process) and trasmits data to the reader Reader tag Reader receive the data 4
5 Tag Class taxonomy Class 0/1 Basic capability, passive identity Class 0 factory programmed Class1 user programmable Class 2 Additional functionality Encryption, Limited R/W memory Class 3 Battery to power logic portion of the circuit Longer range More bandwidth Class 4 Active tag Battery powered Acquiring sensing capability 5
6 RFID Applications (Class 0/1) Applications Supply chain management Object tracking (e.g., pallets) Cattle and people tracking Reducing counterfeits (e.g., drugs) Library systems Post-purchase consumer services (e.g., laundry checks) Healthcare (e.g., voice tracking for blind people) 6
7 RFID Applications (Class 2) Applications Physical access control Anti-theft (car key) Fuel payment Transport card Banknotes Passports Visas 7
8 RFID Security Contactless RFID smart card smart-card security issues such as side channel, etc. Active tag, battery powered and sensing security of sensor networks Expensive passive tag with cryptography key management Cheap tags with no crypto EPC tags 8
9 Security issues with passive tags Unauthorized tag reading Eavesdropping Tag cloning Tag tracing Privacy both location and information Tag modification Denial of Service Key management 9
10 Lightweight RFID Crypto Protocol Tassos Dimitriou. "A Lightweight RFID protocol to protect against Traceability and Cloning attacks", IEEE SECURECOMM Against traceability and tag cloning. Forward privacy R T: request T R: h(id i ), N, h IDi (N) R DB: h(id i ), N, h IDi (N) DB: verifies that C[index=h(ID i )]= ID i, N, h IDi (N) verifies h IDi (N) then updated ID i+1 = SHA-1(ID i ) T updates ID, ID i+1 = SHA-1(ID i ) 11
11 Lightweight RFID Crypto Protocol R T: request T R: h(id i ), N, h IDi (N) N cannot be a timestamp or a counter (side channel attack). It must be a random number Old N and ID must be erased Hash is HMAC ID (N)= SHA-1[(ID pad 0 ) SHA-1((ID pad 1 ) N))] 12
12 Lightweight RFID Crypto Protocol Replay attack to spoof a tag M(R) T: request1 T M(R): h(id i ), N, h IDi (N) R M(T): request2 M(T) R: h(id i ), N, h IDi (N) 13
13 Lightweight RFID Crypto Protocol Database Desynchronization M(R) T: request1 T M(R): h(id i ), N, h IDi (N) T updates its ID to ID i+1 R T: request2 T R: h(id i+1 ), N, h IDi+1 (N) But the DB expect to receive ID i 14
14 Lightweight RFID Crypto Protocol Add reader authentication R T: request, N R T R: h(id i ), N T, h IDi (N T,N R ) R T: h IDi+1 (N T,N R ) Still open to man-in-the-middle attacks Desynch by blocking last message Attack on tag Attack on reader Attack to communication User privacy Location privacy Physical attack possible but forward privacy 15
15 Lightweight? Random number generator HMAC Memory (the padding for HMAC is already 1024 bits!) Secure deletion R/W storage...not really or not enough for many tags 16
16 Tag Deactivation Permanent Tag Deactivation Tag removal/destruction SW-based killing Temporary Tag Deactivation Faraday cages SW-based sleep/wake 17
17 Better Solutions Blocker tags Selective jamming Intermediary Device (e.g. RFID Guardian) Fine-gained selective and flexible jamming 18
18 Tree-walk Singulation Depth-first search Tags Present: 001, 011, 110 0?
19 Tree-walk Singulation Depth-first search Tags Present: 001, 011, 110 0? Collision!
20 Tree-walk Singulation Depth-first search Tags Present: 001, 011, 110 0? Collision!
21 Tree-walk Singulation Depth-first search Tags Present: 001, 011, 110 0?
22 Tree-walk Singulation Depth-first search Tags Present: 001, 011, 110 0?
23 Tree-walk Singulation Depth-first search Tags Present: 001, 011, 110 0?
24 How the Blocker tag works? The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy. In V. Atluri, ed. 8th ACM CCS, pp ACM Press Tags Present: 011, 010, 100 *** = (blocker)? 0 1 * =
25 How the Blocker tag works? Tags Present: 011, 010, 100? *** = (blocker) Collision! 0 1 * = attempts 0 Collision! Collision!
26 Selective Blocker (Private zones) Tags Present: 011, 010, 100 1** = (blocker)? * =
27 RFID Guardian "RFID Guardian: A Battery-Powered Mobile Device for Personal RFID Privacy Management, M. Rieback, B. Crispo and A.S. Tanenbaum, ACISP 2005 Blocker tag subjects to differential power analysis while the guardian uses randomly modulated jamming signal Fine granularity and flexible definition of privacy zones Access Control Lists allow rich privacy policies Guardian is mobile and battery powered 30
28 RFID Guardian - ACL Example ACL Action Source Target Command Comment block * MYTAGS * Suppress all queries targeting user's tags allow Home MYTAGS * Home system can query user's tags allow Wal-Mart MYTAGS Read data block Wal-Mart can read (not write) data from user's tags allow * * * All queries to other RFID tags are OK 31
29 RFID Guardian Other functionality Cryptographic helper. Perform crypto operation on behalf of tags (e.g., authentication) Key management Works as reader as well as a tag so can query environment for tags Auditing 32
30 Usage scenario Going Shopping Step 1: RFID Guardian and RFID Reader perform mutual authentication 33
31 Usage scenario Going Shopping Step 1: RFID Guardian and RFID Reader perform mutual authentication Step 2: RFID Reader issues queries to tagged items 34
32 Usage scenario Going Shopping Step 1: RFID Guardian and RFID Reader perform mutual authentication Step 2: RFID Reader issues queries to tagged items Step 3: RFID Guardian listens to queries, and adds tags to an ownership list 35
33 Usage scenario Going Shopping Step 4: RFID Reader sends encrypted sleep/quiet mode keys to RFID Guardian 36
34 Usage scenario Going Shopping Step 4: RFID Reader sends encrypted sleep/quiet mode keys to RFID Guardian Step 5: RFID Guardian uses the sleep/ quiet mode keys immediately to deactivate some of the RFID tags 37
35 Key Management Tags may change owner several time during their lifetime Wal-Mart Alice Alice s boyfriend Readers that will be authorized to query a tag are not always known in advance How to lookup the right key without knowing tag ID? Sleep/wake passwords Hard to update key material after deployment Revocation (e.g., passport) 44
36 Denial of Service Jamming Tag destruction EPC Networks create all series of critical dependencies (e.g., ONS) 45
37 Conclusions Key management is still the biggest problem to solve Need of a security framework that works with different types of tags User interfaces. Still not clear how people interact with tags when they will be really ubiquitous Malware. Tightly coupling cyber word with real world can have disastrous consequences 46
38 Acknowledgements Melanie Rieback and Andrew Tanenbaum VU Kaspersen VU (Law Dept.) Georgi Gaydadjiev TU Delft Philips... 47
39 48
Back-end Server Reader Tag
A Privacy-preserving Lightweight Authentication Protocol for Low-Cost RFID Tags Shucheng Yu, Kui Ren, and Wenjing Lou Department of ECE, Worcester Polytechnic Institute, MA 01609 {yscheng, wjlou}@wpi.edu
More informationContactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council
Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions July, 2006 Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked
More informationVarious Attacks and their Countermeasure on all Layers of RFID System
Various Attacks and their Countermeasure on all Layers of RFID System Gursewak Singh, Rajveer Kaur, Himanshu Sharma Abstract RFID (radio frequency identification) system is one of the most widely used
More informationPrivacy and Security in library RFID Issues, Practices and Architecture
Privacy and Security in library RFID Issues, Practices and Architecture David Molnar and David Wagner University of California, Berkeley CCS '04 October 2004 Overview Motivation RFID Background Library
More informationPAP: A Privacy and Authentication Protocol for Passive RFID Tags
PAP: A Privacy and Authentication Protocol for Passive RFID s Alex X. Liu LeRoy A. Bailey Department of Computer Science and Engineering Michigan State University East Lansing, MI 48824-1266, U.S.A. {alexliu,
More informationTackling Security and Privacy Issues in Radio Frequency Identification Devices
Tackling Security and Privacy Issues in Radio Frequency Identification Devices Dirk Henrici and Paul Müller University of Kaiserslautern, Department of Computer Science, PO Box 3049 67653 Kaiserslautern,
More informationA Study on the Security of RFID with Enhancing Privacy Protection
A Study on the Security of RFID with Enhancing Privacy Protection *Henry Ker-Chang Chang, *Li-Chih Yen and *Wen-Chi Huang *Professor and *Graduate Students Graduate Institute of Information Management
More informationRF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards
RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards January 2007 Developed by: Smart Card Alliance Identity Council RF-Enabled Applications and Technology:
More informationAn Overview of Approaches to Privacy Protection in RFID
An Overview of Approaches to Privacy Protection in RFID Jimmy Kjällman Helsinki University of Technology Jimmy.Kjallman@tkk.fi Abstract Radio Frequency Identification (RFID) is a common term for technologies
More informationRFID Guardian Back-end Security Protocol
Master Thesis RFID Guardian Back-end Security Protocol Author: Hongliang Wang First Reader: Bruno Crispo Second Reader: Melanie Reiback Department of Computer Science Vrije Universiteit, Amsterdam The
More informationSecurity Issues in RFID. Kai Wang Research Institute of Information Technology, Tsinghua University, Beijing, China wang-kai09@mails.tsinghua.edu.
Security Issues in RFID Kai Wang Research Institute of Information Technology, Tsinghua University, Beijing, China wang-kai09@mails.tsinghua.edu.cn Abstract RFID (Radio Frequency IDentification) are one
More informationOn the Security of RFID
On the Security of RFID Hung-Min Sun Information Security Lab. Department of Computer Science National Tsing Hua University slide 1 What is RFID? Radio-Frequency Identification Tag Reference http://glossary.ippaper.com
More informationRFID SECURITY. February 2008. The Government of the Hong Kong Special Administrative Region
RFID SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the
More informationRFID Guardian Back-end Security Protocol
Master Thesis RFID Guardian Back-end Security Protocol Author: Hongliang Wang First Reader: Bruno Crispo Second Reader: Melanie Reiback Department of Computer Science Vrije Universiteit, Amsterdam The
More informationRFID Security and Privacy: A Research Survey. Vincent Naessens Studiedag Rabbit project
RFID Security and Privacy: A Research Survey Vincent Naessens Studiedag Rabbit project RFID Security and Privacy: A Research Survey 1. Introduction 2. Security and privacy problems 3. Basic RFID tags 4.
More informationRF ID Security and Privacy
RF ID Security and Privacy EJ Jung 11/15/10 What is RFID?! Radio-Frequency Identification Tag Antenna Chip How Does RFID Work? 02.3DFEX4.78AF51 EasyToll card #816 Radio signal (contactless) Range: from
More informationBest Practices for the Use of RF-Enabled Technology in Identity Management. January 2007. Developed by: Smart Card Alliance Identity Council
Best Practices for the Use of RF-Enabled Technology in Identity Management January 2007 Developed by: Smart Card Alliance Identity Council Best Practices for the Use of RF-Enabled Technology in Identity
More informationRFID Guardian: A Battery-Powered Mobile Device for RFID Privacy Management
RFID Guardian: A Battery-Powered Mobile Device for RFID Privacy Management Melanie R. Rieback, Bruno Crispo, and Andrew S. Tanenbaum Department of Computer Science, Vrije Universiteit, Amsterdam, The Netherlands
More informationRFID Security. April 10, 2006. Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark
April 10, 2006 Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark 1 Outline What is RFID RFID usage Security threats Threat examples Protection Schemes for
More informationProxy Framework for Enhanced RFID Security and Privacy
Proxy Framework for Enhanced RFID Security and Privacy Tassos Dimitriou Athens Information Technology Markopoulo Ave., 19002, Peania Athens, Greece tdim@ait.edu.gr Abstract Radio Frequency IDentification
More informationRFID Security and Privacy: Threats and Countermeasures
RFID Security and Privacy: Threats and Countermeasures Marco Spruit Wouter Wester Technical Report UU-CS- 2013-001 January 2013 Department of Information and Computing Sciences Utrecht University, Utrecht,
More informationStrengthen RFID Tags Security Using New Data Structure
International Journal of Control and Automation 51 Strengthen RFID Tags Security Using New Data Structure Yan Liang and Chunming Rong Department of Electrical Engineering and Computer Science, University
More information50 ways to break RFID privacy
50 ways to break RFID privacy Ton van Deursen 1 University of Luxembourg ton.vandeursen@uni.lu 1 Financial support received from the Fonds National de la Recherche (Luxembourg). RFID privacy 1 / 40 Outline
More information4. Open issues in RFID security
4. Open issues in RFID security Lot of research efforts has been put on RFID security issues during recent years. A survey conducted by CapGemini showed that consumers see RFID more intrusive than several
More informationA Secure RFID Ticket System For Public Transport
A Secure RFID Ticket System For Public Transport Kun Peng and Feng Bao Institute for Infocomm Research, Singapore Abstract. A secure RFID ticket system for public transport is proposed in this paper. It
More informationA Research on Issues Related to RFID Security and Privacy
A Research on Issues Related to RFID Security and Privacy Jongki Kim1, Chao Yang2, Jinhwan Jeon3 1 Division of Business Administration, College of Business, Pusan National University 30, GeumJeong-Gu,
More informationSECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014
SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz 08.05.2014, ICSG 2014 Table of Contents Introduction AMI Communication Architecture Security Threats Security
More informationRadio Frequency Identification (RFID)
Radio Frequency Identification (RFID) Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu These slides are available on-line at: http://www.cse.wustl.edu/~jain/cse574-06/
More informationAn Overview of RFID Security and Privacy threats
An Overview of RFID Security and Privacy threats Maxim Kharlamov mkha130@ec.auckland.ac.nz The University of Auckland October 2007 Abstract Radio Frequency Identification (RFID) technology is quickly deploying
More informationRFID Penetration Tests when the truth is stranger than fiction
RFID Penetration Tests when the truth is stranger than fiction Dr. Tomáš Rosa, tomas.rosa@rb.cz Raiffeisenbank, a.s. Agenda Technology overview Physical layer of LF and HF bands The Unique ID phenomenon
More informationTHE SECURITY AND PRIVACY ISSUES OF RFID SYSTEM
THE SECURITY AND PRIVACY ISSUES OF RFID SYSTEM Iuon Chang Lin Department of Management Information Systems, National Chung Hsing University, Taiwan, Department of Photonics and Communication Engineering,
More informationSecure Anonymous RFID Authentication Protocols
Secure Anonymous RFID Authentication Protocols Christy Chatmon Computer & Information Sciences Florida A & M University Tallahassee, Florida 32307-5100 cchatmon@cis.famu.edu Tri van Le and Mike Burmester
More informationRFID Security and Privacy. Simson L. Garfinkel, Ph.D. Center for Research on Computation and Society Harvard University October 5, 2005
RFID Security and Privacy Simson L. Garfinkel, Ph.D. Center for Research on Computation and Society Harvard University October 5, 2005 1 RFID: The Industry s Vision. Distribution Center Consumer Docks
More informationModule 7 Security CS655! 7-1!
Module 7 Security CS655! 7-1! Issues Separation of! Security policies! Precise definition of which entities in the system can take what actions! Security mechanism! Means of enforcing that policy! Distributed
More informationA Survey of RFID Authentication Protocols Based on Hash-Chain Method
Third 2008 International Conference on Convergence and Hybrid Information Technology A Survey of RFID Authentication Protocols Based on Hash-Chain Method Irfan Syamsuddin a, Tharam Dillon b, Elizabeth
More informationABSTRACT. Keyword: - RFID, unauthorized transaction, security. Vol-1 Issue-3 2015 1. INTRODUCTION 2. RFID SYSTEM. 1237 www.ijariie.
Survey on Enhancing Security for RFID Smart Cards Shilpa S. Badhiye 1 Prof.Rupali S. Khule 2 1 student, Electronics and telecommunication Department, MCOERC, Maharashtra, India 2 Professor, Electronics
More informationChap. 1: Introduction
Chap. 1: Introduction Introduction Services, Mechanisms, and Attacks The OSI Security Architecture Cryptography 1 1 Introduction Computer Security the generic name for the collection of tools designed
More informationA Secure and Efficient Authentication Protocol for Mobile RFID Systems
A Secure and Efficient Authentication Protocol for Mobile RFID Systems M.Sandhya 1, T.R.Rangaswamy 2 1 Assistant Professor (Senior Lecturer) CSE Department B.S.A.Crescent Engineering College Chennai, India
More informationIf you are interested in Radio Frequency Identification technology, then this is the best investment that you can make today!
If you are interested in Radio Frequency Identification technology, then this is the best investment that you can make today! Here s Here's a training course on on RFID technology, with which CERTIFICATION
More informationEnabling the secure use of RFID
Enabling the secure use of RFID BLACK ME/FOTOLIA.com Enhancing security of radio frequency identification to connect safely to the Internet of Things UHF radio frequency identification (RFID) promises
More informationSecurity Challenges for User-Oriented RFID Applications within the Internet of Things
Security Challenges for User-Oriented RFID Applications within the Internet of Things G.P. HANCKE, K. MARKANTONAKIS and K.E. MAYES ISG Smart Card Centre Royal Holloway, University of London UNITED KINGDOM
More informationSecurity Issues in RFID systems. By Nikhil Nemade Krishna C Konda
Security Issues in RFID systems By Nikhil Nemade Krishna C Konda Agenda Introduction to an RFID System Possible Application Areas Need for Security Vulnerabilities of an RFID system Security Measures currently
More informationSecure recharge of disposable RFID tickets
Secure recharge of disposable RFID tickets Riccardo Focardi Flaminia Luccio Università Ca Foscari, Venezia {focardi,luccio}@unive.it FAST 2011 15-16 September 2011, Leuven FAST 2011 ()Secure recharge of
More informationSecurity and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags
Security and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags Seyed Mohammad Alavi 1, Karim Baghery 2 and Behzad Abdolmaleki 3 1 Imam Hossein Comprehensive University Tehran, Iran
More informationThe Study on RFID Security Method for Entrance Guard System
The Study on RFID Security Method for Entrance Guard System Y.C. Hung 1, C.W. Tsai 2, C.H. Hong 3 1 Andrew@mail.ncyu.edu.tw 2 s0930316@mail.ncyu.edu.tw 3 chhong@csie.ncyu.edu.tw Abstract: The RFID technology
More informationBSc (Hons.) Computer Science with Network Security. Examinations for 2011/2012 - Semester 2
BSc (Hons.) Computer Science with Network Security BCNS/09/FT Examinations for 2011/2012 - Semester 2 MODULE: WIRELESS NETWORK SECURITY MODULE CODE: SECU 3105 Duration: 2 Hours 15 Minutes Reading time:
More informationSecurity and Privacy for Internet of Things Application
Security and Privacy for Internet of Things Application Qi fang, School of Information Science and Engineering, Central South University, Changsha, China 8-1 Copyright Disclamation This course material
More informationDevelopment of a wireless home anti theft asset management system. Project Proposal. P.D. Ehlers 21017914. Study leader: Mr. D.V.
EVALUATION PAGE Format/10 Afrikaans group Revision no: 0 Content/10 Computer Engineering Must revise: Yes No Final mark/20 Must proofread: Yes No Development of a wireless home anti theft asset management
More informationSecure and Serverless RFID Authentication and Search Protocols
Secure and Serverless RFID Authentication and Search Protocols Chiu C. Tan, Bo Sheng, and Qun Li {cct,shengbo,liqun}@cs.wm.edu Department of Computer Science College of William and Mary Abstract With the
More informationData Protection Technical Guidance Radio Frequency Identification
Data Protection Technical Guidance Radio Frequency Identification This technical guidance note is aimed at those using or contemplating using RFID technology. It gives a brief summary of the technology
More informationSecurity and Privacy in Intermodal Baggage Management With RFID
Security and Privacy in Intermodal Baggage Management With RFID Ricardo Carapeto Instituto Superior Técnico Universidade Técnica de Lisboa rcarapeto@gmail.com ABSTRACT In order to lower the costs associated
More informationA Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags
A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags Sarah Abughazalah, Konstantinos Markantonakis, and Keith Mayes Smart Card Centre-Information Security Group (SCC-ISG) Royal Holloway,
More informationWhat is a Smart Card?
An Introduction to Smart Cards and RFIDs Prof. Keith E. Mayes Keith.Mayes@rhul.ac.uk Director of the ISG - Smart Card Centre www.scc.rhul.ac.uk Learning Objectives (MSc MSc) Identify the various types
More informationPlain English Guide To Common Criteria Requirements In The. Field Device Protection Profile Version 0.75
Plain English Guide To Common Criteria Requirements In The Field Device Protection Profile Version 0.75 Prepared For: Process Control Security Requirements Forum (PCSRF) Prepared By: Digital Bond, Inc.
More informationXN--P1AI (РФ) DNSSEC Policy and Practice Statement
XN--P1AI (РФ) DNSSEC Policy and Practice Statement XN--P1AI (РФ) DNSSEC Policy and Practice Statement... 1 INTRODUCTION... 2 Overview... 2 Document name and identification... 2 Community and Applicability...
More informationSecurity by Politics - Why it will never work. Lukas Grunwald DN-Systems GmbH Germany DefCon 15 Las Vegas USA
Security by Politics - Why it will never work Lukas Grunwald DN-Systems GmbH Germany DefCon 15 Las Vegas USA Agenda Motivation Some basics Brief overview epassport (MRTD) Why cloning? How to attack the
More informationSecuring Distribution Automation
Securing Distribution Automation Jacques Benoit, Cooper Power Systems Serge Gagnon, Hydro-Québec Luc Tétreault, Hydro-Québec Western Power Delivery Automation Conference Spokane, Washington April 2010
More informationW ith an estimated 14 billion devices connected to
Renesas Synergy Security Portfolio Delivers Comprehensive Protection from Industrial and IoT Threats Advanced capabilities give developers tools to counter attacks W ith an estimated 14 billion devices
More informationSecurity Analysis and Complexity Comparison of Some Recent Lightweight RFID Protocols
Security Analysis and Complexity Comparison of Some Recent Lightweight RFID Protocols Ehsan Vahedi, Rabab K. Ward and Ian F. Blake Department of Electrical and Computer Engineering The University of British
More informationMaster Thesis RFID Guardian Back-end Security Protocol
Master Thesis RFID Guardian Back-end Security Protocol Hongliang Wang Department of Computer Science Vrije Universiteit, Amsterdam The Netherlands First Reader: Bruno Crispo Second Reader: Melanie Reiback
More informationSecurity in RFID Networks and Protocols
International Journal of Information and Computation Technology. ISSN 0974-2239 Volume 3, Number 5 (2013), pp. 425-432 International Research Publications House http://www. irphouse.com /ijict.htm Security
More informationKeep Out of My Passport: Access Control Mechanisms in E-passports
Keep Out of My Passport: Access Control Mechanisms in E-passports Ivo Pooters June 15, 2008 Abstract Nowadays, over 40 different countries issue biometric passports to increase security on there borders.
More informationWhat Do We Really Mean By Security for RFID
What Do We Really Mean By Security for RFID And How Much Is Enough? March 26, 2008 SecureRF at a glance RFID tag and reader security development and consulting to protect Pharmaceutical Supply Chain and
More informationUser Authentication Guidance for IT Systems
Information Technology Security Guideline User Authentication Guidance for IT Systems ITSG-31 March 2009 March 2009 This page intentionally left blank March 2009 Foreword The User Authentication Guidance
More informationMicrosoft Identity Lifecycle Manager & Gemalto.NET Solutions. Jan 23 rd, 2007
Microsoft Identity Lifecycle Manager & Gemalto.NET Solutions Jan 23 rd, 2007 Microsoft ILM is a comprehensive, integrated, identity and access solution within the Microsoft system architecture. It includes
More informationHow To Protect An Rfid Tag From Attack
S e c u r i t y & P r i v a c y A Framework for Assessing RFID System Security and Privacy Risks This framework for evaluating security and privacy risks in RFID systems focuses on key application domains,
More informationPart I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT
Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code
More informationHow To Protect Your Data From Being Hacked On Security Cloud
F-SECURE SECURITY CLOUD Purpose, function and benefits October 2015 CONTENTS F-Secure Security Cloud in brief 2 Security Cloud benefits 3 How does Security Cloud work? 4 Security Cloud metrics 4 Security
More informationComplying with PCI Data Security
Complying with PCI Data Security Solution BRIEF Retailers, financial institutions, data processors, and any other vendors that manage credit card holder data today must adhere to strict policies for ensuring
More informationScalable RFID Security Protocols supporting Tag Ownership Transfer
Scalable RFID Security Protocols supporting Tag Ownership Transfer Boyeon Song a,1, Chris J. Mitchell a,1 a Information Security Group, Royal Holloway, University of London, Egham, Surrey, TW20 0EX, UK
More informationRFID Design Principles
RFID Design Principles Harvey Lehpamer ARTECH HOUSE BOSTON LONDON artechhouse.com Contents Introduction 2 2.1 2.1.1 2.1.2 2.1. 2.1.4 2.2 2.2.1 2.2.2 2. 2..1 2..2 2.4 2.4.1 2.4.2 2.5 2.5.1 2.5.2 Comparison
More informationDEVELOPMENT OF ANTI-THEFT DOOR SYSTEM FOR SECURITY ROOM
Part-I: Natural and Applied Sciences ISSN-L: 2223-9553, ISSN: 2223-9944 DEVELOPMENT OF ANTI-THEFT DOOR SYSTEM FOR SECURITY ROOM Safaa A. Mahdi Technical Institute, Babylon, IRAQ. amam2012449@yahoo.com
More informationNetwork Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23
Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest
More informationSECURITY FLOWS AND IMPROVEMENT OF A RECENT ULTRA LIGHT-WEIGHT RFID PROTOCOL
SECURITY FLOWS AND IMPROVEMENT OF A RECENT ULTRA LIGHT-WEIGHT RFID PROTOCOL Mehrdad Kianersi and Mahmoud Gardeshi 1 Department of Information Technology and Communication, I.H.University, Tehran, Iran
More informationCSC 474 -- Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity
CSC 474 -- Network Security Topic 6.2 User Authentication CSC 474 Dr. Peng Ning 1 User Authentication Basics CSC 474 Dr. Peng Ning 2 Authentication and Identity What is identity? which characteristics
More informationATTACHMENT E: RFID SECURITY AND PRIVACY WHITE PAPER
ATTACHMENT E: RFID SECURITY AND PRIVACY WHITE PAPER The attached document is a white paper prepared to survey the issues surrounding RFID and security and privacy. USVISIT-APMO-CONTHSSCHQ04D0096T006-RPT050010-F
More informationSecurity/Privacy Models for "Internet of things": What should be studied from RFID schemes? Daisuke Moriyama and Shin ichiro Matsuo NICT, Japan
Security/Privacy Models for "Internet of things": What should be studied from RFID schemes? Daisuke Moriyama and Shin ichiro Matsuo NICT, Japan 1 Internet of Things (IoT) CASAGRAS defined that: A global
More informationTETRA Security for Poland
TETRA ASSOCIATION TETRA Security for Poland Brian Murgatroyd TETRA ASSOCIATION former Chairman Security and Fraud Prevention Group Warren Systems (SFPG) Independent Security Consultant brian@warrensystems.co.uk
More informationHow To Attack A Key Card With A Keycard With A Car Key (For A Car)
Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars (NDSS ) Aurélien Francillon, Boris Danev, Srdjan Čapkun (ETHZ) Wednesday System Security April Group 6, 1 Agenda 1. Overview of Car
More informationBiometric Authentication Platform for a Safe, Secure, and Convenient Society
472 Hitachi Review Vol. 64 (2015), No. 8 Featured Articles Platform for a Safe, Secure, and Convenient Society Public s Infrastructure Yosuke Kaga Yusuke Matsuda Kenta Takahashi, Ph.D. Akio Nagasaka, Ph.D.
More informationSecurity in Near Field Communication (NFC)
Security in Near Field Communication (NFC) Strengths and Weaknesses Ernst Haselsteiner and Klemens Breitfuß Philips Semiconductors Mikronweg 1, 8101 Gratkorn, Austria ernst.haselsteiner@philips.com klemens.breitfuss@philips.com
More informationEvaluating RFID Research a Literature Review
Evaluating RFID Research a Literature Review Franklin T. Warren Business Information Technology Virginia Polytechnic Institute and State University Fall 2007 A Paper in Partial Fulfillment of the requirements
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Shinu Mathew John http://shinu.info/ Chapter 1 Introduction http://shinu.info/ 2 Background Information Security requirements
More informationSecure Active RFID Tag System
Secure Active RFID Tag System Isamu Yamada 1, Shinichi Shiotsu 1, Akira Itasaki 2, Satoshi Inano 1, Kouichi Yasaki 2, and Masahiko Takenaka 2 1 Fujitsu Laboratories Ltd. 64 Nishiwaki, Ohkubo-cho, Akashi
More informationTELECOMMUNICATION NETWORKS
THE USE OF INFORMATION TECHNOLOGY STANDARDS TO SECURE TELECOMMUNICATION NETWORKS John Snare * Manager Telematic and Security Systems Section Telecom Australia Research Laboratories Victoria TELECOMMUNICATIONS
More informationRelay Attacks on Passive Keyless Entry and Start Systems in Modern Cars
Relay Attacks on Passive Keyless Entry and Start Systems in Modern Cars Srdjan Čapkun (joint work with Aurélien Francillon, Boris Danev) 1 Agenda 1. Overview of Car Key Systems 2. Previous Attacks: In
More informationPUF Physical Unclonable Functions
Physical Unclonable Functions Protecting next-generation Smart Card ICs with SRAM-based s The use of Smart Card ICs has become more widespread, having expanded from historical banking and telecommunication
More informationKeeping SCADA Networks Open and Secure DNP3 Security
Keeping SCADA Networks Open and Secure DNP3 Security June 2008 DNP3 Protocol DNP3 protocol has become widely accepted within water and electrical utilities worldwide for SCADA communications with field
More informationCHAPTER 1 Introduction 1
Contents CHAPTER 1 Introduction 1 CHAPTER 2 Short-Range Communications Systems 3 2.1 Radio-Frequency Spectrum and Propagation 3 2.1.1 Theory of Electromagnetism and Maxwell s Equations 3 2.1.2 RF Propagation
More informationPublic Key Applications & Usage A Brief Insight
Public Key Applications & Usage A Brief Insight Scenario :: Identification, Authentication & Non- Repudiation :: Confidentiality :: Authenticity, requirements and e-business Integrity for electronic transaction
More informationSSL Protect your users, start with yourself
SSL Protect your users, start with yourself Kulsysmn 14 december 2006 Philip Brusten Overview Introduction Cryptographic algorithms Secure Socket Layer Certificate signing service
More informationDigital Identity Management
Digital Identity Management Techniques and Policies E. Bertino CS Department and ECE School CERIAS Purdue University bertino@cs.purdue.edu Digital Identity Management What is DI? Digital identity (DI)
More informationUsing RFID Techniques for a Universal Identification Device
Using RFID Techniques for a Universal Identification Device Roman Zharinov, Ulia Trifonova, Alexey Gorin Saint-Petersburg State University of Aerospace Instrumentation Saint-Petersburg, Russia {roman,
More informationRFID privacy. Foundations of Secure e-commerce (bmevihim219) Dr. Levente Buttyán
Foundations of Secure e-commerce (bmevihim219) Dr. Levente Buttyán Associate Professor BME Hálózati Rendszerek és Szolgáltatások Tanszék Lab of Cryptography and System Security (CrySyS) buttyan@hit.bme.hu,
More informationArnab Roy Fujitsu Laboratories of America and CSA Big Data WG
Arnab Roy Fujitsu Laboratories of America and CSA Big Data WG 1 The Big Data Working Group (BDWG) will be identifying scalable techniques for data-centric security and privacy problems. BDWG s investigation
More informationMobile network security report: Poland
Mobile network security report: Poland GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin February 2015 Abstract. Mobile networks differ widely in their protection capabilities against common
More informationHow Does It Work? Internet of Things
Intermec UAP-2100 What is RFID? 18-759: Wireless Networks Lecture 14: RFID Peter Steenkiste and Hedda R. Schmidtke Departments of Computer Science and Electrical and Computer Engineering Spring Semester
More informationHow To Hack An Rdi Credit Card
RFID Payment Card Vulnerabilities Technical Report Thomas S. Heydt-Benjamin 1, Daniel V. Bailey 2, Kevin Fu 1, Ari Juels 2, and Tom O'Hare 3 Abstract 1: University of Massachusetts at Amherst {tshb, kevinfu}@cs.umass.edu
More informationHardware Security Modules for Protecting Embedded Systems
Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &
More information