View page as slide show

RFID Security

General challenges

  • Privacy
    • RFID systems are seen intrusive by consumers
    • Can be used to follow and monitor people
  • Too many standards
    • Interoperability issues
    • Security not included in standards
  • Legistlation
    • Who will be held accountable on security incidents
      • Tag manufactrurer, System builder, System owner ?
    • Who can monitor and what?
      • Is it legal to read unprotected tags if they are not yours?

RFID system parts from Security perspective

  • Tag
    • Inexpensive device
      • Limited computational capabilities
      • Standard cryptography is mostly not feasible
    • Physical access
      • The way tags are used, it is hard to prevent physical access
      • Tag tampering is big risk
  • Reader
    • Communicates with backend system and tag
    • Several different types
    • Authentication is important
      • prevent unauthorized read and write
      • prevent fake data transmission to backend system
  • Backend system
    • For the backend system, traditional communications and database system security solutions are feasible.

Threats against tags

  • Unauthorised read of tag
    • Monitoring movements of people
    • Monitoring actions (Read through bag what books a person has borrowed from library)
    • Unauthorised read can be conducted from longer distances than what the nominal communication range is
      • 5 cm nominal reading distance tags can be read from 10 meters with proper equipment
      • Attacks get always better so reading distances will grow
  • Unauthorised write of tag
    • Content of tag is changed
      • Only on tags which content can be changed
  • Blocking the reading of tag
    • e.g. passport covers that prevent reading of your passport unless you open it
  • Destruction of tag
    • Circuitry can be demolished with sharp objects, and connection to antennas can be severed
    • Tag can be killed with electromagnetic pulse
  • Moving tag from one object to another
    • TV for the price of jeans

Threat against Reader

  • Copied tags
  • Fake tags
  • Blocking tag reading
    • Preventing the reader to read tags with e.g. radio interference
  • Blocking connection to backend
    • Reading results are not
  • Fake backend
    • A malicious party tries to get tag information via reader by masquerading itself to legitimate backend application
  • temporary storage
    • Reader will store the read data to memory, logs or temporary files before sending it.
    • Reading results may be accessed from unprotected temporary storage

Threat against backend/application

  • Unauthorised read fo database
    • Tag reading database maybe much more attractive target than reading single tag
  • Unauthorised write
    • Fake reader may try to
  • RFID virus
    • executable code/script is inserted to backend application via fake reader or tag
  • Obsolete/outdated data / metadata
    • Ownership change of tag has not been updated to database → tag events are linked to old owner, not new one.
    • Tag has been moved to new item but the database has not been updated.
  • Denial of Service
    • Various attacks to severe the availability of backend system
  • Unsecure ownership transfer
    • Previous owner may read tag after ownership transfer
    • New owner may get access to old owners data after ownership transfer

Securing your system

  • Understand the potential problems
  • Evaluate which are real problems for your solution
  • Select tags and standards that fit best for you
    • unless you want to make your own tags and readers
  • Acknowledge the remaining threats and mitigate them at application level
  • If there is no solution from tag and you can't protect your system think if the benefits from your solution are worth the risk.

What can be done?

  • Unauthorised read of tag
    • Encrypted content
    • Obscure content → content doesn't mean anything unless you can map it to information in database
      • Does not prevent monitoring
  • Fake tags /readers
    • Authentication for tags(S. Piramuthu, ”Protocols for RFID tag/reader authentication”, Decision Support Systems, Volume 2007, Issue 43, pp. 897 - 914, Elsevier, 2007.)
    • Authentication of reader can be conducted using normal device authentication solutions
  • False data
    • encryption and integrity check
      • If tag can do it
  • Viruses
    • Sanitize your reads
    • Tags and the tag reads should be treated same way like forms submitted via web.
  • Broken tags
    • Prevent physical access to tag
    • If tag breaking is issue try to use tags as additional feature giving something extra.

Security

There is no absolute security. You have to decide what kind of solution is best for your application and what kind of risks are acceptable

Last modified: 2013/07/01 14:42