RFID_five_cent by xiangpeng

VIEWS: 8 PAGES: 50

									RFID: Security and Privacy for
    Five-Cent Computers




              Ari Juels
     Principal Research Scientist
          RSA Laboratories
       USENIX Security 2004
                                    LABORATORIES
      What is a Radio-Frequency
      Identification (RFID) tag?
• In terms of appearance…

 Chip (IC)



  Antenna
          What is an RFID tag?
• You may own a few RFID tags…
   – Proximity cards (contactless physical-access cards)
   – ExxonMobil Speedpass
   – EZ Pass
• RFID in fact denotes a spectrum of devices:
          What is an RFID tag?
• You may own a few RFID tags…
   – Proximity cards (contactless physical-access cards)
   – ExxonMobil Speedpass
   – EZ Pass
• RFID in fact denotes a spectrum of devices:



 Basic
 RFID          EZ Pass
                            SpeedPass
  Tag                                        Mobile phone
         What is a basic RFID tag?
• Characteristics:
    – Passive device – receives power from reader
    – Range of up to several meters
    – In effect a “smart label”: simply calls out its (unique)
      name and/or static data


                           “74AB8”
 “Plastic #3”




                “5F8KJ3”
       The capabilities of a basic
              RFID tag
• Little memory
   – Static 64-to-128-bit identifier in current ultra-cheap
     generation (five cents / unit)
   – Hundreds of bits soon
   – Maybe writeable under good conditions
• Little computational power
   – A few thousand gates
   – Static keys for read/write permission
   – No real cryptographic functions available
                    The grand vision:
          RFID as next-generation barcode

    Barcode                RFID tag

                                                    Fast, automated
                                                    scanning
  Line-of-sight            Radio contact

Specifies object type   Uniquely specifies object     Provides pointer
                                                      to database entry
                                                      for every object,
                                                      i.e., unique,
                                                      detailed history
                    Some applications
• Better supply-chain visibility -- #1 compelling
  application
•   U.S. DHS: Passports
•   U.S. FDA: Pharmaceuticals, anti-counterfeiting
•   Libraries
•   Housepets – approx. 50 million




•   Parenting logistics
     – Water-park with tracking bracelet
•   RFID in Euro banknotes (?)
     There is an impending explosion
             in RFID-tag use
• EPCglobal
     –   Joint venture of UCC and EAN
     –   Wal-Mart, Gillette, Procter & Gamble, etc.
     –   Spearheading EPC (electronic product code) data standard for tags
     –   Putting finishing touches on basic-tag standard (Class 1 Gen 2) this week
•   Wal-Mart requiring top 100 suppliers to start deploying RFID in 2005
•   Other retailers and DoD following Wal-Mart lead
•   Pallet and case tagging first -- item-level retail tagging seems years away
•   Estimated costs
          • 2005: $0.05 per tag; hundreds of dollars per reader
          • 2008: $0.01 per tag; several dollars per reader (?)
• A broader vision: “Extended Internet”
The Problems of Privacy and
         Security
   RFID means a world with billions of
     ant-sized, five-cent computers
• Highly mobile
• Contain personal information
• Subject to surreptitious
  scanning
• Again, no cryptography…
• Access control difficult to
  achieve
• Data privacy difficult to
  achieve
     The consumer privacy problem
Here’s                                            Wig
                    Replacement hip            model #4456
Mr. Jones           medical part #459382          (cheap
                                                 polyester)
in 2020…

                                            Das Kapital and
                                             Communist-
                                            party handbook


                                           1500 Euros
                                            in wallet
                                           Serial numbers:
      30 items                             597387,389473
      of lingerie                                 …
         …and the tracking problem
                                                                      Wig
                                                                serial #A817TS8




• Mr. Jones pays with a credit card; his RFID tags now linked to his
  identity; determines level of customer service
    – Think of car dealerships using drivers‟ licenses to run credit checks…
• Mr. Jones attends a political rally; law enforcement scans his RFID
  tags
• Mr. Jones wins Turing Award; physically tracked by paparazzi via
  RFID
     Early examples of consumer
              backlash
• 42% of Google results on “RFID” include word
  “privacy”
• CASPIAN (Consumers Against Supermarket Privacy Invasion and Numbering)
    – Diatribes on RFID at:
         • Spychips.com
         • BoycottGillette.com
         • BoycottBenetton.com
    – National news coverage: NY Times, Time, etc.
• Wal-Mart “smart-shelf project” cancelled
• Benetton RFID plans (purportedly) withdrawn
Some problems you don‟t hear about
• Corporate espionage: Privacy is not just a consumer issue
   – Eavesdropping on warehouse transmissions
   – Scanning of shelves for turnover rates
• Tag counterfeiting
   – Automation means dependence!
   – Think about RFID-enabled medicine cabinets…
• Special demands of U.S. Department of Defense
   – “DoD would be like Wal-Mart… if Christmas were a random event
     every five years, and a stockout meant that everyone in the store could
     die…”                             -Nicholas Tsougas, DoD
Some proposed solutions
 to the privacy problem
Approach 1: Cover RFID tags with
     protective mesh or foil
                       Problems:
                       (1) Makes locomotion
                       difficult
                       (2) Shops don‟t like
                        distributing tools for
                         theft
Approach 2: “Kill” RFID tags



                    Problem:
                    RFID tags are
                    much too useful
                    in “live” state…

                    We already
                    have SpeedPass,
                    etc., and then…
 Tomorrow‟s consumer applications
   • Prada, Soho NYC
      – Personalization / accessorization
  • Tagged products
      – Clothing, appliances, CDs, etc. tagged for store returns and locatable in house
  • “Smart” appliances
      – Refrigerators that automatically create shopping lists and when milk expires
      – Closets that tell you what clothes you have available, and search the Web for
        advice on current styles, etc.
      – Washing machines that detect improper wash cycle
  • “Smart” print
      – Airline tickets that indicate your location in the airport
      – Business cards
  • Aids for cognitively impaired, e.g., “smart” medicine cabinets
      – Project at Intel
  • Recovery of stolen goods (?)
  • Recycling
      – Plastics that sort themselves

Consumers will not want their tags “killed,” but should still have a
right to privacy!
Approach 3: Policy and legislation
• Undoutedly helpful if thought through well, but…

• “Good Housekeeping” seal




• Retailer‟s guarantee means little since tags may be
  read by anyone!
• FTC Section 5 (“Deceptive practices”) and the
  like are similarly limited
   Another possible use of RFID
More efficient mugging

  “Just in case you
  want to know, she‟s
  got 700 Euro and
       a Rolex…”




Whom will the FTC prosecute now?
   Three take-home messages of
             this talk
1. Deployed naïvely, embedding of RFID tags in
   consumer items can present a serious danger
   to privacy and security of consumers and
   enterprises alike in the future.
2. RFID is a technology with high promise. It
   would be unfortunate if security problems
   scotched it.
3. As technologists we must help to achieve a
   good balance of
   PRIVACY/SECURITY and UTILITY.
Technical Approaches to
Enhancing RFID Privacy
  Cryptographers‟ view of device security –
        emphasis on “oracle” access

Welcome to Hell
  IT Department


                      011001010010
   A basic RFID tag cannot survive…


Welcome to Hell
  IT Department



                    011001010010
  For RFID, we can consider different
 and weakened adversarial assumptions
• Adversary is not present 24 hours a day
  – Adversary must be physically close to tag to scan it
• We can deploy security protocols on physical
  channels – not just logical ones
• External, higher-capability devices can help
  protect tags
      First approach [Juels, SCN ‟04]:
       Minimalist cryptography
Key observation: Adversary must have physical proximity to
    tag to interact with it
Key assumption: Adversary can query tag only limited
    number of times in given attack session

• Example: Passive eavesdropping
   – Adversary only hears queries made by legitimate readers
• Example: Building access
   – Adversary has limited time to query tags in parking lot before
     employees authenticate to door readers
• Example: Readers scattered around city
   – Pedestrians within range of reader for limited time
                Pseudonym rotation
• Set of pseudonyms known only by trusted verifier
• Pseudonyms stored on tag
       • Limited storage means at most, e.g., 10 pseudonyms
• Tag cycles through pseudonyms




        “74AB8”                                          “MMW91”

                                   ?
                                 =
       Strengthening the approach
• Strengthen restriction on adversarial queries using
  “throttling”
   – Tag enforces pattern of query delays via, e.g., capacitor-
     discharge timing
• Pseudonym refresh
   – Trusted reader provides new pseudonyms
   – Pseudonyms must be protected against eavesdropping and
     tampering using encryption, but tags cannot do standard
     cryptography!
   – Can load up tag with one-time pads – assuming adversary is
     not always present, some pads will be secret!
• Not for retail items, which must include basic item
  information. Perhaps for prox. cards, tickets, etc.?
Second Approach [Juels, Rivest, & Szydlo CCS „03]:
             The “Blocker” Tag
“Blocker” Tag
            Blocker simulates
            all (billions of)
            possible tag serial
            numbers!!

                 1,2,3, …, 2023 pairs
                 of sneakers and…
                 (reading fails)…
      “Tree-walking” anti-collision
         protocol for RFID tags
                    0                   1

                              ?
      00           01                   10               11




000    001   010        011       100        101   110        111
                   In a nutshell
• “Tree-walking” protocol for identifying tags
  recursively asks question:
   – “What is your next bit?”
• Blocker tag always says both „0‟ and „1‟!
   – Makes it seem like all possible tags are present
   – Reader cannot figure out which tags are actually
     present
   – Number of possible tags is huge (at least a billion
     billion), so reader stalls
             Two bottles
             of Merlot
             #458790




Blocker tag system should protect privacy but still
       avoid blocking unpurchased items
             Consumer privacy +
             commercial security
• Blocker tag can be selective:
   – Privacy zones: Only block certain ranges of RFID-tag
     serial numbers
   – Zone mobility: Allow shops to move items into privacy
     zone upon purchase
• Example:
   –   Tags might carry a “privacy bit”
   –   Blocker blocks all identifiers with privacy bit on
   –   Items in supermarket have privacy bit off
   –   On checkout, leading bit is flipped from off to on
        • PIN required, as for “kill” operation
                Polite blocking
• We want reader to scan privacy zone when blocker
  is not present
   – Aim of blocker is to keep functionality active – when
     desired by owner
• But if reader attempts to scan when blocker is
  present, it will stall!
• Polite blocking: Blocker informs reader of its
  presence
                    Your humble servant
                    requests that you not
                    scan the privacy zone
      More about blocker tags
• Blocker tag can be cheap
  – Essentially just a “yes” tag and “no” tag with a
    little extra logic
  – Can be embedded in shopping bags, etc.
• With multiple privacy zones, sophisticated,
  e.g., graduated policies are possible
• Works for ALOHA anti-collision too
An Example: The RXA Pharmacy
RFID-tagged bottle + “Blocker” bag
RFID-tagged bottle + “Blocker” bag
                “Soft” Blocking
               [Juels and Brainard WPES „03]

• Idea: Implement polite blocking only – no
  hardware blocking
   – A little like P3P…
• External audit possible: Can detect if readers
  scanning privacy zone
• Advantages:
   – “Soft blocker” tag is an ordinary RFID tag
   – Flexible policy:
      • “Opt-in” now possible
      • e.g., “Medical deblocker” now possible
• Weaker privacy, but can combine with “hard”
  blocker
           Third approach:
Personal Simulator or Proxy for RFID
Nokia mobile-phone RFID kit available in 2004
   –   Readers will be compact, available in personal
       devices
We might imagine a simulation lifecycle:
   1. Mobile phone “acquires” tag when in proximity
   2. Mobile phone deactivates tags or imbues with
      changing pseudonyms
   3. Mobile phone simulates tags to readers, enforcing
      user privacy policy
   4. Mobile phone “releases” tags when tags about to exit
      range
            The Privacy Debate


VeriChip™

            Paying for drinks with wave of the hand
            Club-goers in Spain get implanted chips for
            ID, payment purposes

            WorldNetDaily, 14 April 2004
              www.rapturechrist.com/666.htm




NEW Subdermal Biochip Implant for Cashless Transactions - is it the Mark?

             The mark is a microchip assembly which will be implanted
             under the skin of the right hand. Later on, the mark will
             be implanted under the forehead, so people who have
             no right hand could also have the mark. The microchip
             assembly, called radio frequency identification (RFID) is
             already used in animals. In dogs, the RFID is placed
             between the shoulder blades, and in birds it is implanted
             under the wing. Now there is a one for humans called
             VeriChip™.
            www.spychips.com, www.stoprfid.com




“Unlike a bar code, [an RFID tag] can be read from a distance,
right through your clothes, wallet, backpack or purse -- without
your knowledge or consent -- by anybody with the right reader
device. In a way, it gives strangers x-ray vision powers to spy on
you, to identify both you and the things you're wearing and
carrying.”
                    RFID realities
• Deployers can scarcely get RFID working at all!
• UHF tags hard to read near liquids, like water
   – You are salt water so…
   – If you‟re worried about your sweater being scanned, wear it!
• And even when range is good…
   – In NCR automated point-of-sale trials, participants paid for
     groceries of people behind them…
• Consumer goods manufacturers and retailers don‟t want to
  drive customers away
• Corporations and governments don‟t make very effective
  use of data anyway
“Given the potentially huge benefits to consumers from
wide-scale deployment of RFID, including higher
productivity and lower prices, the privacy community
knows that the only way they can stop RFID at the
consumer level is to make all sorts of outlandish claims
about the Orwellian uses of RFID, which either can‟t
happen or are so unlikely as to be a non-issue.”

                               Robert Atkinson,
                               Progressive Policy Institute
  Admonitions to privacy naysayers
• The technology will improve in
  ways we may not expect
    – Industry has an incentive to
      overcome obstacles
    – Tag power, reader sensitivity,
      antenna
• Standards and legacy systems stick
  around for years – we should try to
  build flexibility and safeguards in
  early
• An RFID tag is not like a cookie –
  psychologically more potent
    – If people think there‟s a privacy
      problem, then there‟s a problem
• Security and privacy are enabling

• Let us not forget the salutary warning of the
  9/11 Commission: “Failure of imagination”
     Open avenues of research
• PIN distribution
  – Cross-enterprise data flows
• Broken crypto
  – “Shrinking generators” analyzed in weaker
    adversarial model
• Adversarial models
• Anti-cloning
  – Sports memorabilia, FDA, etc.
for more information:




 (unofficial URL)

								
To top