RF ID Security and Privacy



Similar documents
On the Security of RFID

Security and Privacy of RFID Systems. Claude Castelluccia

RFID SECURITY. February The Government of the Hong Kong Special Administrative Region

RFID Security. April 10, Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark

Radio Frequency Identification (RFID)

Data Protection Technical Guidance Radio Frequency Identification

RFID Security: Threats, solutions and open challenges

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, Developed by: Smart Card Alliance Identity Council

Evolving Bar Codes. Y398 Internship. William Holmes

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

RFID Security and Privacy. Simson L. Garfinkel, Ph.D. Center for Research on Computation and Society Harvard University October 5, 2005

RFID BASED VEHICLE TRACKING SYSTEM

Radio Frequency Identification (RFID) Vs Barcodes

A Study on the Security of RFID with Enhancing Privacy Protection

RFID TECHNOLOGY: A PARADIGM SHIFT IN BUSINESS PROCESSES. Alp ÜSTÜNDAĞ. Istanbul Technical University Industrial Engineering Department

rf Technology to automate your BUsiness

How To Hack An Rdi Credit Card

Key Words: RFID, radio frequency identification, electronic article surveillance, sensor networks

Strengthen RFID Tags Security Using New Data Structure

An Overview of RFID Security and Privacy threats

PAP: A Privacy and Authentication Protocol for Passive RFID Tags

WHITE PAPER. ABCs of RFID

The Place of Emerging RFID Technology in National Security and Development

ASSET TRACKING USING RFID SRAVANI.P(07241A12A7) DEEPTHI.B(07241A1262) SRUTHI.B(07241A12A3)

SATO RFID White Paper

Cloud RFID UHF Gen 2

RFID the next step in consumer-product relations or Orwellian nightmare?

Active RFID Solutions for Asset Tracking and Inventory Management

Radio Frequency Identification (RFID) An Overview

NerdHerd. Inventory Managment. Written by Cora Holt, Madison Klutts, Madison Aldendifer, Eva Hafermann, Olivia Hines, and Katie Rhodes

Michael I. Shamos, Ph.D., J.D. School of Computer Science Carnegie Mellon University

Security and privacy in RFID

Enabling the secure use of RFID

WHAT IS RFID & HOW WILL IT IMPACT MY BUSINESS?

Tackling Security and Privacy Issues in Radio Frequency Identification Devices

Privacy Implications of RFID Tags by Paul Stamatiou. CS4001, Georgia Institute of Technology November 8 th, 2007

Feature. Security and Privacy Trade-offs in RFID Use. Operational Zone RFID Tag. RFID Reader

An Overview of Approaches to Privacy Protection in RFID

Small Tech, Big Issues

Automated Identification Technologies

Ethical Use of RFID in for the Surveillance of People and the Tracking of Things in Healthcare Delivery

RFID Basics HEGRO Belgium nv - Assesteenweg Ternat Tel.: +32 (0)2/ Fax : +32 (0)2/ info@hegrobelgium.

How To Understand The Power Of An Freddi Tag (Rfid) System

LibRFID: Automation Software for Library Management System Using RFID Technology

What is the ROI of RFID?

NEW TECHNOLOGY. Figure 1. Simplified view of data transfer in low-frequency passive RFID tags (the tag is enlarged for clarity).

Various Attacks and their Countermeasure on all Layers of RFID System

Military Usage of Passive RFID 1

Security Issues in RFID systems. By Nikhil Nemade Krishna C Konda

a GAO GAO INFORMATON SECURITY Radio Frequency Identification Technology in the Federal Government Report to Congressional Requesters

The Drug Quality & Security Act

tags Figure D-1 Components of a Passive RFID System

Computerized RTBS System

Tracking People s Movements by RFID Implants

SOURCE ID RFID Technologies and Data Capture Solutions

Privacy and Security in library RFID Issues, Practices and Architecture

Why Has the Development in RFID Technology Made Asset Management More Urgent?

Security in RFID Networks and Protocols

Efficient Asset Tracking: From Manual to Automated

How To Use Radio Frequency Identification (Rfid) Effectively

Performance Evaluation of a UWB-RFID System for Potential Space Applications Abstract

Asset Tracking & Radio Frequency Identification White Paper

Simplifying IT Management and Data Security with RFID

CHAPTER 7. Wireless Technologies and the Modern Organization

How To Combine Active And Passive Rdi For A More Complete Solution

The Marriage of Passive and Active Technologies in Healthcare. Authors: Dr. Erick C. Jones, Angela Garza, Gowthaman Anatakrishnan, and Jaikrit Kandari

RFIDs and European Policies

Using RFID Techniques for a Universal Identification Device

Hvor går RFID forskning og utvikling?

RESEARCH SURVEY ON MIFARE WITH RFID TECHNOLOGY

Mobile RFID Applications and Security Challenges

ACTA UNIVERSITATIS APULENSIS No 9/2005. Burja Lucian and Tanase Mihai

RF Attendance System Framework for Faculties of Higher Education

Asset Management Services. White Paper

Modern Multipurpose Security Management System

White Paper. Wonderware Mobile Solutions RFID Technology. What s Inside: Invensys is now

RFID in a nutshell. Colin Jervis, Director, Kinetic Consulting Ltd

RFID Tags. Prasanna Kulkarni Motorola. ILT Workshop Smart Labels USA February 21, 2008


REAL TIME MONITORING AND TRACKING SYSTEM FOR AN ITEM USING THE RFID TECHNOLOGY

Implementing RFID in Library: Methodologies, Advantages and Disadvantages

Transcription:

RF ID Security and Privacy EJ Jung 11/15/10 What is RFID?! Radio-Frequency Identification Tag Antenna Chip

How Does RFID Work? 02.3DFEX4.78AF51 EasyToll card #816 Radio signal (contactless) Range: from 3-5 inches to 3 yards Tags (transponders) Attached to objects, call out identifying data on a special radio frequency Reader (transceiver) Reads data off the tags without direct contact Database Matches tag IDs to physical objects RFID is the Barcode of the Future Barcode RFID Fast, automated scanning (object doesn t have to leave pocket, shelf or container) Line-of-sight reading Reader must be looking at the barcode Specifies object type E.g., I am a pack of Juicy Fruit Reading by radio contact Reader can be anywhere within range Specifies unique object id E.g., I am a pack of Juicy Fruit #86715-A Can look up this object in the database

RFID Tag Power Sources! Passive (this is what mostly used now) Tags are inactive until the reader s interrogation signal wakes them up Cheap, but short range only! Semi-passive On-board battery, but cannot initiate communication Can serve as sensors, collect information from environment: for example, smart dust for military applications More expensive, longer range! Active On-board battery, can initiate communication RFID Capabilities! No or very limited power! Little memory Static 64- or 128-bit identifier in current 5-cent tags! Little computational power A few thousand gates at most Static keys for read/write access control! Not enough resources to support public- or symmetric-key cryptography Cannot support modular arithmetic (RSA, DSS), elliptic curves, DES, AES; hash functions are barely feasible Recent progress on putting AES on RFID tags

Where Are RFID Used?! Physical-access cards! Inventory control Gillette Mach3 razor blades, ear tags on cows, kid bracelets in waterparks, pet tracking http://www.youtube.com/watch?v=4zj7txodxbe! Logistics and supply-chain management Track a product from manufacturing through shipping to the retail shelf! Gas station and highway toll payment Mobil SpeedPass Commercial Applications of RFID! RFID cost is dropping dramatically, making it possible to tag even low-value objects Around 5c per tag, $100 for a reader! Logistics and supply-chain management is the killer application for RFID Shipping, inventory tracking, shelf stocking, anticounterfeiting, anti-shoplifting! Massive deployment of RFID is in the works Wal-Mart pushing suppliers to use RFID at pallet level, Gillette has ordered 500,000,000 RFID tags Backlash by privacy advocates

Futuristic Applications! Prada store in New York City already uses RFID to display matching accessories on in-store screens! Refrigerator shelves that tell when milk expires! Airline tickets with RFIDs on them that help direct travelers through the airport! Microwave ovens that read cooking directions from RFID tags on food packages! RFID tags on postage stamps! Businesses may attach RFID tags to invoices, coupons, and return envelopes Privacy Issues (due to Ari Juels)

Risks! Personal privacy FDA recommended tagging drugs with RFID pedigrees ; ECB planned to add RFID tags to euro banknotes I ll furtively scan your briefcase and learn how much cash you are carrying and which prescription medications you are taking! Skimming: read your tag and make my own In February 2005, JHU-RSA Labs team skimmed and cloned Texas Instruments RFID device used in car antitheft protection and SpeedPass gas station tokens! Corporate espionage Track your competitor s inventory Cloning RFID! Human implant with health information VeriMed by VeriChip Corp.! Cloned in August 2006 record the signals from RFID replay to the interrogator http://www.rfidjournal.com/article/articleview/2607/1/1/! Credit card 1 st generation of credit card could be recorded and replayed http://www.nytimes.com/2006/10/23/business/23card.html http://youtube.com/watch?v=xpkzfetzueq http://prisms.cs.umass.edu/~kevinfu/video/rfid-cc-clips.mov

Reading private information! Passport reading from RFID half inch opened passport is readable http://youtube.com/watch?v=-xxaqraf7pi! Collective information from database EZ pass information tracks whereabouts http://www.msnbc.msn.com/id/20216302/ Blocking Unwanted Scanning! Kill tag after purchase Special command permanently de-activates tag after the product is purchased Disables many futuristic applications IBM Clipped tags! Faraday cage Container made of foil or metal mesh, impenetrable by radio signals of certain frequencies Shoplifters are already known to use foil-lined bags Maybe works for a wallet, but huge hassle in general! Active jamming Disables all RFID, including legitimate applications

Location privacy in phones! Location-based services arising foursquare, geofencing, etc check-in how foursquare works: http://www.youtube.com/watch?v=dua7bokqn_e! Danger of location updates http://www.youtube.com/watch?v=nctda7pokxk http://news.cnet.com/8301-1009_3-10260183- 83.html k-anonymous location privacy! Collect k people s locations and present an aggregated value e.g. weighted average of coordinates useful in metro areas not so much in less inhabited areas! Research in progress e.g. Policy-aware sender anonymity in location based services by Deutsch et al., ICDE 2010

Temporal delay! Give a location in the past or projected future! Usually combined with aggregation! Application-dependent utility e.g. traffic information from the past is not useful Through intermediaries! Your cell phone company knows where you are ask cell phone companies to forward information useful in diaster situations

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information