SlideShare una empresa de Scribd logo

RFID Talk

M
masud80
1 de 28
RF-ID: Security and Privacy Risks -Ashraful Alam
How does RF-ID work? Tag Reader Pictures taken from http://www.trovan.com/aboutrfidhow.htm
Types of Tags ,[object Object],[object Object],Short Range (3m or less) Long Range (100m or more) Battery Memory Clock
Typical/Potential Uses of RFID ,[object Object],[object Object],[object Object],[object Object],[object Object],The paper discusses the security and privacy risks from personal individual ID systems perspective.
General Security and Privacy Risks ,[object Object],? Is the Reader authentic? Is the Tag authentic?
General Security and Privacy Risks ,[object Object],Query Answer eavesdropping
General Security and Privacy Risks ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
E-Passport ,[object Object],[object Object],Malaysia, Myanmar Australia, New Zealand USA Netherlands, Germany, Belgium
E-Passport ,[object Object],[object Object],[object Object],[object Object]
E-Passport
Possible Attacks on E-Passports ,[object Object],[object Object],Sign (Name, Birth date Passport No.) + Biometric data Hacker Approx. 3 feet
Possible Attacks on E-Passports ,[object Object],Unique Chip ID Location 1 Location 2 Location 3 Movement History
Possible Attacks on E-Passports ,[object Object],Valid Passport Fake Passport Stolen data Accepted Accepted because the digital signature on e-passport confirms data integrity, not carrier authenticity.
Possible Attacks on E-Passports ,[object Object],Query Answer eavesdropping Several Meters Query Answer Airport customs Computer Lab Mall Theater Function Creep
Possible Attacks on E-Passports ,[object Object],Clandestine scanning /Eavesdropping Hacker Biometric Enrollment Facial Image/ retina Image/ Fingerprint image Extraction Algorithm Template
Possible Attacks on E-Passports ,[object Object],Clandestine scanning /Eavesdropping Hacker Biometric Reader Grocery Store Biometric Reader Computer Lab
Possible Attacks on E-Passports ,[object Object],Static authentication key for the passport Foreign Customs Customs DB Permanently saved
Summary of Attacks ,[object Object],[object Object],[object Object]
Cryptography in E-Passports ,[object Object],r R , k R R {0, 1} 64 (k R = receiver’s secret nonce) S R := r R || r T || k R C R := E K ENC (S R ) M R := M K MAC (C R ) C R ||M R r T R {0, 1} 64 Check if M KMAC (C R ) == M R If yes, Decrypt(C R ) = r R || r T || k R k T R {0, 1} 64, (k T = tag’s secret nonce) S T := r T || r R || k T ,, C T := E K ENC (S T ) M T := M K MAC (C T ) C T ||M T Receiver Tag Session Key = K T (XOR) R T Session Key = K T (XOR) R T K ENC and K MAC are symmetric keys If you are in a country whose symmetric keys are not stored in your e-passport Tag, access control is useless
Cryptography in E-Passports ,[object Object],r R R {0, 1} 64 M 1 R {0, 1} 64 X := M 1 ||r R Sig SK1 (X) Decrypt SK2 (X) = X Check if r R in X matches it’s own r R If yes, Tag is authenticated. Public Key of Tag Private Key of Tag
Cryptography in E-Passports ,[object Object],Passport Issuing Country P Private Key = K P K (Name, …) Digital Signature ensures data integrity but not holder authenticity
Cryptography in E-Passports ,[object Object],r R , k R R {0, 1} 64 (k R = receiver’s secret nonce) S R := r R || r T || k R C R := E K ENC (S R ) M R := M K MAC (C R ) C R ||M R r T R {0, 1} 64 Check if M KMAC (C R ) == M R If yes, Decrypt(C R ) = r R || r T || k R k T R {0, 1} 64, (k T = tag’s secret nonce) S T := r T || r R || k T ,, C T := E K ENC (S T ) M T := M K MAC (C T ) C T ||M T Receiver Tag Session Key = K T (XOR) R T Session Key = K T (XOR) R T K ENC and K MAC are symmetric keys
Cryptography in E-Passports ,[object Object],[object Object],[object Object],[object Object]
Improving the Situation ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Improving the Situation ,[object Object],[object Object],[object Object],[object Object]
Commercial Solution ,[object Object],Crypto Processors
Challenges ,[object Object],[object Object],[object Object],[object Object],[object Object]
Challenges ,[object Object],On-board cryptographic technologies require larger memory. VS Self-powered Active Tag improves security. Lack of real estate. Cost effectiveness

Recomendados

Twg 04-04
Twg 04-04Twg 04-04
Twg 04-04Hai Nguyen
 
Novel construction of Secure RFID Authentication Protocol
Novel construction of Secure RFID Authentication ProtocolNovel construction of Secure RFID Authentication Protocol
Novel construction of Secure RFID Authentication ProtocolCSCJournals
 
Rfid
Rfid Rfid
Rfid durrmuhammad
 
ePassport reloaded goes mobile
ePassport reloaded goes mobileePassport reloaded goes mobile
ePassport reloaded goes mobileJeroen van Beek
 
Hardness of Online Voting
Hardness of Online VotingHardness of Online Voting
Hardness of Online VotingGiuliana Carullo
 
DEFCON 23 - Matteo Becarro Matteo Collura - extracting the painf
DEFCON 23 - Matteo Becarro Matteo Collura - extracting the painfDEFCON 23 - Matteo Becarro Matteo Collura - extracting the painf
DEFCON 23 - Matteo Becarro Matteo Collura - extracting the painfFelipe Prado
 
Mifare classic-slides
Mifare classic-slidesMifare classic-slides
Mifare classic-slidesOWASP (Open Web Application Security Project)
 
SmartCard Forum 2011 - RFID Wormholes
SmartCard Forum 2011 - RFID WormholesSmartCard Forum 2011 - RFID Wormholes
SmartCard Forum 2011 - RFID WormholesOKsystem
 

Recomendados

Twg 04-04
Twg 04-04Twg 04-04
Twg 04-04Hai Nguyen
 
Novel construction of Secure RFID Authentication Protocol
Novel construction of Secure RFID Authentication ProtocolNovel construction of Secure RFID Authentication Protocol
Novel construction of Secure RFID Authentication ProtocolCSCJournals
 
Rfid
Rfid Rfid
Rfid durrmuhammad
 
ePassport reloaded goes mobile
ePassport reloaded goes mobileePassport reloaded goes mobile
ePassport reloaded goes mobileJeroen van Beek
 
Hardness of Online Voting
Hardness of Online VotingHardness of Online Voting
Hardness of Online VotingGiuliana Carullo
 
DEFCON 23 - Matteo Becarro Matteo Collura - extracting the painf
DEFCON 23 - Matteo Becarro Matteo Collura - extracting the painfDEFCON 23 - Matteo Becarro Matteo Collura - extracting the painf
DEFCON 23 - Matteo Becarro Matteo Collura - extracting the painfFelipe Prado
 
Mifare classic-slides
Mifare classic-slidesMifare classic-slides
Mifare classic-slidesOWASP (Open Web Application Security Project)
 
SmartCard Forum 2011 - RFID Wormholes
SmartCard Forum 2011 - RFID WormholesSmartCard Forum 2011 - RFID Wormholes
SmartCard Forum 2011 - RFID WormholesOKsystem
 
Rfid and gsm based attendence system
Rfid and gsm based attendence systemRfid and gsm based attendence system
Rfid and gsm based attendence systemKarthik Kumar
 
Smart card based electronic passport system
Smart card based electronic passport systemSmart card based electronic passport system
Smart card based electronic passport systemEdgefxkits & Solutions
 
RFID attendance system
RFID attendance systemRFID attendance system
RFID attendance systemA.k. Goverdhan
 
Rfid technologies
Rfid technologiesRfid technologies
Rfid technologiesFrancisco Carabez
 
RFID and its applications
RFID and its applicationsRFID and its applications
RFID and its applicationsNaveen Kumar
 
Rfid ppt
Rfid pptRfid ppt
Rfid pptRonson Calvin Fernandes
 
RFID E-passport System
RFID E-passport SystemRFID E-passport System
RFID E-passport SystemReinhardt Rading
 
Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsModeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsShinpei Hayashi
 
Smartcard
SmartcardSmartcard
Smartcardaashish2cool4u
 
Cryptographysecurity 1222867498937700-9
Cryptographysecurity 1222867498937700-9Cryptographysecurity 1222867498937700-9
Cryptographysecurity 1222867498937700-9muthulx
 
Cryptography&Security
Cryptography&SecurityCryptography&Security
Cryptography&SecuritySanjeev Kumar Jaiswal
 
Rfid
RfidRfid
RfidSingavarapu Vijay Kumar
 
amrapali builders@@sub way hacking.pdf
amrapali builders@@sub way hacking.pdfamrapali builders@@sub way hacking.pdf
amrapali builders@@sub way hacking.pdfamrapalibuildersreviews
 
A gen2 based rfid authentication protocol
A gen2 based rfid authentication protocolA gen2 based rfid authentication protocol
A gen2 based rfid authentication protocolSunil Rm
 
Smart Cards
Smart CardsSmart Cards
Smart CardsRajan Kumar
 
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTONullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTOMauro Risonho de Paula Assumpcao
 
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTONullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTOMauro Risonho de Paula Assumpcao
 
Smart Card
Smart CardSmart Card
Smart Carditsvineeth209
 
Smart Card
Smart CardSmart Card
Smart Carditsvineeth209
 
A study of cryptography for satellite applications
A study of cryptography for satellite applicationsA study of cryptography for satellite applications
A study of cryptography for satellite applicationsRajesh Ishida
 
K010117074
K010117074K010117074
K010117074IOSR Journals
 
RSA Algorithm as a Data Security Control Mechanism in RFID
RSA Algorithm as a Data Security Control Mechanism in RFIDRSA Algorithm as a Data Security Control Mechanism in RFID
RSA Algorithm as a Data Security Control Mechanism in RFIDIOSR Journals
 

Más contenido relacionado

Destacado

Rfid and gsm based attendence system
Rfid and gsm based attendence systemRfid and gsm based attendence system
Rfid and gsm based attendence systemKarthik Kumar
 
Smart card based electronic passport system
Smart card based electronic passport systemSmart card based electronic passport system
Smart card based electronic passport systemEdgefxkits & Solutions
 
RFID attendance system
RFID attendance systemRFID attendance system
RFID attendance systemA.k. Goverdhan
 
RFID and its applications
RFID and its applicationsRFID and its applications
RFID and its applicationsNaveen Kumar
 

Destacado (7)

Rfid and gsm based attendence system
Rfid and gsm based attendence systemRfid and gsm based attendence system
Rfid and gsm based attendence system
 
Smart card based electronic passport system
Smart card based electronic passport systemSmart card based electronic passport system
Smart card based electronic passport system
 
RFID attendance system
RFID attendance systemRFID attendance system
RFID attendance system
 
Rfid technologies
Rfid technologiesRfid technologies
Rfid technologies
 
RFID and its applications
RFID and its applicationsRFID and its applications
RFID and its applications
 
Rfid ppt
Rfid pptRfid ppt
Rfid ppt
 
RFID E-passport System
RFID E-passport SystemRFID E-passport System
RFID E-passport System
 

Similar a RFID Talk

Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsModeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsShinpei Hayashi
 
Cryptographysecurity 1222867498937700-9
Cryptographysecurity 1222867498937700-9Cryptographysecurity 1222867498937700-9
Cryptographysecurity 1222867498937700-9muthulx
 
A gen2 based rfid authentication protocol
A gen2 based rfid authentication protocolA gen2 based rfid authentication protocol
A gen2 based rfid authentication protocolSunil Rm
 
A study of cryptography for satellite applications
A study of cryptography for satellite applicationsA study of cryptography for satellite applications
A study of cryptography for satellite applicationsRajesh Ishida
 
RSA Algorithm as a Data Security Control Mechanism in RFID
RSA Algorithm as a Data Security Control Mechanism in RFIDRSA Algorithm as a Data Security Control Mechanism in RFID
RSA Algorithm as a Data Security Control Mechanism in RFIDIOSR Journals
 
Derived Unique Token per Transaction
Derived Unique Token per TransactionDerived Unique Token per Transaction
Derived Unique Token per TransactionPriyanka Aash
 
SCADA deep inside:protocols and software architecture
SCADA deep inside:protocols and software architectureSCADA deep inside:protocols and software architecture
SCADA deep inside:protocols and software architectureqqlan
 
devices and methods for automatic data capture
devices and methods for automatic data capturedevices and methods for automatic data capture
devices and methods for automatic data capturehina6349
 
RFID (RADIO FREQUENCY IDENTIFICATION)
RFID (RADIO FREQUENCY IDENTIFICATION)RFID (RADIO FREQUENCY IDENTIFICATION)
RFID (RADIO FREQUENCY IDENTIFICATION)Soumen Santra
 

Similar a RFID Talk (20)

Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsModeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
 
Smartcard
SmartcardSmartcard
Smartcard
 
Cryptographysecurity 1222867498937700-9
Cryptographysecurity 1222867498937700-9Cryptographysecurity 1222867498937700-9
Cryptographysecurity 1222867498937700-9
 
Cryptography&Security
Cryptography&SecurityCryptography&Security
Cryptography&Security
 
Rfid
RfidRfid
Rfid
 
amrapali builders@@sub way hacking.pdf
amrapali builders@@sub way hacking.pdfamrapali builders@@sub way hacking.pdf
amrapali builders@@sub way hacking.pdf
 
A gen2 based rfid authentication protocol
A gen2 based rfid authentication protocolA gen2 based rfid authentication protocol
A gen2 based rfid authentication protocol
 
Smart Cards
Smart CardsSmart Cards
Smart Cards
 
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTONullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTO
 
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTONullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTO
 
Smart Card
Smart CardSmart Card
Smart Card
 
Smart Card
Smart CardSmart Card
Smart Card
 
A study of cryptography for satellite applications
A study of cryptography for satellite applicationsA study of cryptography for satellite applications
A study of cryptography for satellite applications
 
K010117074
K010117074K010117074
K010117074
 
RSA Algorithm as a Data Security Control Mechanism in RFID
RSA Algorithm as a Data Security Control Mechanism in RFIDRSA Algorithm as a Data Security Control Mechanism in RFID
RSA Algorithm as a Data Security Control Mechanism in RFID
 
Derived Unique Token per Transaction
Derived Unique Token per TransactionDerived Unique Token per Transaction
Derived Unique Token per Transaction
 
SCADA deep inside:protocols and software architecture
SCADA deep inside:protocols and software architectureSCADA deep inside:protocols and software architecture
SCADA deep inside:protocols and software architecture
 
devices and methods for automatic data capture
devices and methods for automatic data capturedevices and methods for automatic data capture
devices and methods for automatic data capture
 
RFID (RADIO FREQUENCY IDENTIFICATION)
RFID (RADIO FREQUENCY IDENTIFICATION)RFID (RADIO FREQUENCY IDENTIFICATION)
RFID (RADIO FREQUENCY IDENTIFICATION)
 
smart card
smart cardsmart card
smart card
 

RFID Talk

  • 1. RF-ID: Security and Privacy Risks -Ashraful Alam
  • 2. How does RF-ID work? Tag Reader Pictures taken from http://www.trovan.com/aboutrfidhow.htm
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.

Notas del editor

  1. This presentation is based on the article and the IEEE paper from today’s reader. It’s intended to highlight the security and privacy risks associated with radio-frequency identification systems.
  2. RF-ID works with a reader and a tag attached to an object. The reader sends a message in the form radio waves to the tag. Similarly the tag returns an answer in the form of radio waves.
  3. There are two types of tags. The passive tag is non-powered. When the reader talks to it, the signal from the reader provides it the required charge to talk back. Active tag has an on-board battery, memory and clock. Active tags are writable and more secure but also more expensive.
  4. Currently most emerging uses of RF-ID are happening in the shopping stores, auto-industry to tag auto-parts, toll-gates to avoid standing in the line, various security applications (Viagra) and ID systems.
  5. Before I go into more details of the security aspects, I’d like to present two generalized scenarios that capture the most basic security concerns. In scenario 1, the question arises in regards to device authentication. Does the Reader trust the Tag or vice versa. Without trust, how secure is for two devices to talk to each other?
  6. In scenario 2, assume the tag and the reader trust each other but their communication channel is unprotected. Therefore, someone in the proper range with radio-wave capturing device can listen to the messages in transit. The picture here depicts passive eavesdropping, but if the eavesdropper were to intercept the messages and alter them, then it becomes a man-in-the-middle attack, which is obviously more harmful.
  7. There are other more sophisticated attacks such as …
  8. This a short intro about E-passport. It is what it implies. A passport that can be used electronically for some purpose. It fuses RF-ID and biometrics technology to identify individuals. It follows standards International Civil Aviation organization. The above is a sample list of countries that use E-passports.
  9. ICAO standards provide a list of mandatory and optional operations to be supported by E-passports. If one implements only the mandatory operations, one has to deal with several security flaws. The data in the chip can be read by anyone nearby with a reader. Uninformed wireless transmission means the passport holder doesn’t know when and which reader is reading data from the passport. . Data in transit is unprotected as we saw before.
  10. Here’s an example of an E-passport. I got it from a website. As you can see the chip on the passport contains your identification data and biometric data. It communicates in 13.56 frequency. A hacker in proper range can pose security and privacy concerns.
  11. Now I am going to go over the details of various potential attacks that can jeopardize your privacy. Here we assume, one implements only the mandatory features of ICAO standards. Clandestine scanning happens when a malicious party just reads the data off the chip.
  12. Clandestine tracking happens due to static chip ID stored in the chip. As you move from one location to another, readers in these locations can identify you based on the unique ID. This creates a trail of your movement.
  13. Skimming and Clone happens when because the data in the chip is unprotected, someone can steal it and put it in their own passport. If there’s not a human oversight in the reader location, the fake passport will be accepted as valid. Biometric data is forged by wearing a mask or gummy finger.
  14. We saw eavesdropping before. But here’s an more grave situation that can happen. Currently E-passports are envisioned to be used in airports, but with more popularity it might see use in e-commerce, access to high security labs, which might cause unforeseen security risks. Labs might require a different set of identifiers to be stored in the chip than airport customs. This effect can help an eavesdropper collect a vast amount of data about you.
  15. Biometric data leakage. To use biometric identifiers, one needs to go through a biometric enrollment process where high quality pictures of the face or iris or whatever it is taken and they are run through an extraction algorithm to create a template. The template in turn is stored in the chip. Now going back to clandestine scanning/eavesdropping, the hacker can get hold the biometric template.
  16. This slide shows what happens when the bio template falls in the hands of the hacker. He can use it at other places to forge his identity.
  17. Next problem is perpetual access. ICAO prescribes an optional operation for basic access control. But the access control keys remain the same until a new passport is obtained. Which means a reader that gets hold the key, can store it and has access to it forever.
  18. In summary, the attacks can be grouped in two categories. The first one is you lose your identity. The second is tracking or hotlisting which means a history of your movement can be built and a malicious party can identify you based simply on the unique ID of the chip without any other identifiers such as photograph or name.
  19. ICAO prescribes some optional security features. Access control is of them. It allows the tag to make sure the receiver is authentic. This is the crypto process that does the access control. In the first step, the tag sends a 64 bit nonce to receiver. The receiver than creates two nonce, one secret and one public. It concats these nonce and the one received from the tag. It then encrypts that with the key KENC. CR is then mac-ed with KMAC. Thing to remember is KENC and KMAC are symmetric keys, so both parties have access to it.
  20. Active authentication is another optional procedure. It allows the receiver to authenticate the tag. The process allows the tag to prove to the receiver that it has the correct combination of public private key pair.
  21. This is the only mandatory crypto operation in ICAO standards. Passport issuing country digitally sign the identifiers and biometric data in the chip. But this process only assures that data in the chip has not be tampered with, but makes no guarantee about the person carrying the passport.
  22. We need to revisit access control crypto process to show a weakness in there.
  23. ICAO standards specifies a max number of bits used in access control keys to be 52 bits. This creates a low entropy for the keys. Entropy is the uncertainty involved in tracking a scrambled number back to its original.