Nurbek Saparkhojayev and Dale R. Thompson, Ph.D., P.E. Computer Science and Computer Engineering Dept. University of Arkansas Matching Electronic Fingerprints.

Slides:



Advertisements
Similar presentations
Dr. Marc Valliant, VP & CTO
Advertisements

Lesson Title: RFID Modulation, Encoding, and Data Rates Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Lesson Title: Threat Modeling Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.
Lesson Title: Tag Threats, Risks, and Mitigation Dale R. Thompson and Jia Di Computer Science and Computer Engineering Dept. University of Arkansas
Physical Unclonable Functions and Applications
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
Physical Unclonable Functions
Chapter 9 Creating and Maintaining Database Presented by Zhiming Liu Instructor: Dr. Bebis.
Department of Labor HSPD-12
Biometric Authentication Andrea Blanco Binglin Li Brian Connelly.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Lesson Title: Threats to and by an RFID system Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Biometrics II CUBS, University at Buffalo
Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.
GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.
PALM VEIN TECHNOLOGY.
Information Security of Embedded Systems : Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.
Lesson Title: Electromagnetics and Antenna Overview Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Lesson Title: Singulation Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This material.
EPC for Security Applications By Jacob Ammons & Joe D’Amato.
Physical-layer Identification of RFID Devices Authors: Boris Danev, Thomas S. Heyde-Benjamin, and Srdjan Capkun Presented by Zhitao Yang 1.
TEAM-1 JACKIE ABBAZIO SASHA PEREZ DENISE SILVA ROBERT TESORIERO Face Recognition Systems.
Security systems need to be able to distinguish the “white hats” from the “black hats”. This all begins with identity. What are some common identifiers.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
Radio Frequency Identification By Bhagyesh Lodha Vinit Mahedia Vishnu Saran Mitesh Bhawsar.
Lesson Title: Hacking RFID and other RF devices Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Lesson Title: History of RFID Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.
CS 736 A methodology for Analyzing the Performance of Authentication Protocol by Laseinde Olaoluwa Peter Department of Computer Science West Virginia.
Lesson Title: Fast Fourier Transform Overview Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Lesson Title: RFID Frequency Bands Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Authentication: Overview
MIXNET for Radio Frequency Identification Jaanus Uudmae, Harshitha Sunkara, Dale R. Thompson, Sean Bruce, and Jayamadhuri.
Lesson Title: Introduction to RFID Applications Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
ECE Lecture 1 Security Services.
1 UCR Hardware Security Primitives with focus on PUFs Slide credit: Srini Devedas and others.
Lesson Title: Privacy Overview Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.
The Future of Biometrics. Operation and performance In a typical IT biometric system, a person registers with the system when one or more of his physical.
Lesson Title: RFID Stakeholders Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1.
Lesson Title: EPCglobal and ISO/IEC Item Management Standards Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
28 th International Traffic Records Forum Biometrics/SmartCard Workshop 28 th International Traffic Records Forum August 4, 2002 Orlando, Florida.
Lesson Title: Types of RFID Tags Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1.
Lesson Title: Guidelines for Securing RFID Systems Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Lesson Title: EPCglobal Gen2 Tag Finite State Machine Dale R. Thompson and Jia Di Computer Science and Computer Engineering Dept. University of Arkansas.
Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 14 October 5, 2004.
Lesson Title: Social Implications of RFID Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Biometric for Network Security. Finger Biometrics.
Ch 13 Trustworthiness Myungchul Kim
Authentication What you know? What you have? What you are?
L. F. Coppenrath & Associates PASSWORD BIOPASSWORD ® Biometric Keystroke Dynamics Technology Overview.
Lesson Title: Media Interface Threats, Risks, and Mitigation Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Lesson Title: FCC Rules for ISM Band Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Biometrics and Security Colin Soutar, CTO Bioscrypt Inc. 10th CACR Information Security Workshop May 8th, 2002.
Lesson Title: ThingNet Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This material.
Lesson Title: Tag Architecture Dale R. Thompson and Jia Di Computer Science and Computer Engineering Dept. University of Arkansas
1 Authentication Technologies Authentication Mechanisms –Something you know –Something you have –Something you are Features –Authenticator & Base secret.
Lesson Title: Animal Identification Standards Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Secure positioning in Wireless Networks Srdjan Capkun, Jean-Pierre Hubaux IEEE Journal on Selected area in Communication Jeon, Seung.
DEFEATING BIOMETRIC AUTHENTICATION SYSTEMS Colin O’Hanlon COSC 480 April 11, 2012.
Access control Presented by: Pius T. S. : Christian C. : Gabes K. : Ismael I. H. : Paulus N.
Lesson Title: RFID Nominal Read Range in Far Field Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Nikita Maria Department of Applied Informatics University of Macedonia - Greece.
Training Arkansas Computing Teachers (TACT)
Lesson Title: Reader Architecture and Antenna Configurations
Copyright © 2008 by Dale R. Thompson Dale R. Thompson
This material is based upon work supported by the National Science Foundation under Grant #XXXXXX. Any opinions, findings, and conclusions or recommendations.
Building the Big Message Authentication Code
Lesson Title: Regulations Affecting RFID
Presentation transcript:

Nurbek Saparkhojayev and Dale R. Thompson, Ph.D., P.E. Computer Science and Computer Engineering Dept. University of Arkansas Matching Electronic Fingerprints of RFID Tags Using the Hotelling’s Algorithm D. R. Thompsonhttp://rfidsecurity.uark.edu1 This material is based upon work supported by the National Science Foundation, Cyber Trust area, under Grant No. CNS Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation. Presented to: IEEE Sensors Applications Symposium, Feb. 17, 2009

Problem Counterfeiting travel documents such as ePassport, DHS PASS card, and future drivers licenses Counterfeiting travel documents such as ePassport, DHS PASS card, and future drivers licenses Travel documents contain radio frequency identification (RFID) tags Travel documents contain radio frequency identification (RFID) tags R. Thompson

Threats to RFID tags Cloning the tag Cloning the tag –Copy contents of tag to another tag Side-channel (non-invasive) attacks Side-channel (non-invasive) attacks –Monitor certain external parameters such as power consumption, timing delay, or electromagnetic emission –Inject noise/faults to the target to cause irregular behaviors D. R. Thompsonhttp://rfidsecurity.uark.edu3

Tag Counterfeiting/Cloning (Spoofing Identity) R. Thompson

Manipulating Data on Passport The Hacker’s Choice (Oct. 2, 2008) The Hacker’s Choice (Oct. 2, 2008) –Copied passport –Replaced picture with Elvis’s picture –Turned off active verification –Tested on boarding pass machine – epassport/ – h?v=4HngStyEm4s Used Jeroen van Beek method presented at Black Hat conference Used Jeroen van Beek method presented at Black Hat conference D. R. Thompsonhttp://rfidsecurity.uark.edu5

Counterfeiting Mitigation Tag authentication using cryptography Tag authentication using cryptography –Store secrets on the tag that can be verified –Secret keys, symmetric key and public key cryptography Physical unclonable functions (PUFs) Physical unclonable functions (PUFs) Electronic fingerprint (E-Fingerprint) Electronic fingerprint (E-Fingerprint) R. Thompson

Objective Prevent counterfeiting of RFID tags Prevent counterfeiting of RFID tags –Methods for creating electronic fingerprint based on physical characteristics of tag –Digital integrated circuit (IC) design methodology that mitigates power- and timing-based side-channel attacks D. R. Thompsonhttp://rfidsecurity.uark.edu7

Approach Electronic fingerprint (e-fingerprint) – – Authentication becomes a function of what the device “is” in addition to a secret it “knows.” Digital integrated circuit (IC) design methodology that mitigates power- and timing-based side- channel attacks Digital integrated circuit (IC) design methodology that mitigates power- and timing-based side- channel attacks R. Thompson

Two-layer security Authentication becomes a function of what the device “is” in addition to a secret it “knows.” Two-layers – –Cryptography – –Electronic fingerprint (E-fingerprint) D. R. Thompsonhttp://rfidsecurity.uark.edu9

D. R. Thompsonhttp://rfidsecurity.uark.edu10

Communication between reader and tag D. R. Thompsonhttp://rfidsecurity.uark.edu11 Tag

Features Minimum power response at multiple frequencies (MPRMF) Minimum power response at multiple frequencies (MPRMF) Timing Timing Frequency Frequency Phase Phase Transients Transients D. R. Thompsonhttp://rfidsecurity.uark.edu12

Minimum power response measured at multiple frequencies D. R. Thompsonhttp://rfidsecurity.uark.edu13

What will the fingerprint look like? D. R. Thompsonhttp://rfidsecurity.uark.edu14

FAR and FRR False acceptance rate (FAR) Probability that a false identity claim will be accepted Probability that a false identity claim will be accepted Type II error Type II error Like biometrics, most serious type of error Like biometrics, most serious type of error False rejection rate (FRR) Probability that a true identity claim is falsely rejected Probability that a true identity claim is falsely rejected Type I error Type I error D. R. Thompsonhttp://rfidsecurity.uark.edu15

Hotelling’s Two-sample T^2 Algorithm D. R. Thompsonhttp://rfidsecurity.uark.edu16

Create synthetic tag fingerprints D. R. Thompsonhttp://rfidsecurity.uark.edu17

Parameters p = 4 = number of features p = 4 = number of features n1 = n2 = 20 = number of samples n1 = n2 = 20 = number of samples alpha = (95% confidence level) alpha = (95% confidence level) If T^2 > 13.81, assume fingerprints are different If T^2 > 13.81, assume fingerprints are different D. R. Thompsonhttp://rfidsecurity.uark.edu18

Case 1: Compare fingerprint of tag 0 with all other fingerprints at varying noise levels (mean = 0) D. R. Thompsonhttp://rfidsecurity.uark.edu19

D. R. Thompsonhttp://rfidsecurity.uark.edu20

D. R. Thompsonhttp://rfidsecurity.uark.edu21

Case 2: A single tag fingerprint with std. dev compared against itself at noise levels with different means D. R. Thompsonhttp://rfidsecurity.uark.edu22

D. R. Thompsonhttp://rfidsecurity.uark.edu23

Conclusions Hotelling’s performs well across a large range of standard deviations IF the noise has zero mean Hotelling’s performs well across a large range of standard deviations IF the noise has zero mean Modest computations Modest computations D. R. Thompsonhttp://rfidsecurity.uark.edu24

Future Work Apply the algorithm to the measured features instead of the synthetic features Apply the algorithm to the measured features instead of the synthetic features Apply the algorithm across a much larger set of parameters Apply the algorithm across a much larger set of parameters D. R. Thompsonhttp://rfidsecurity.uark.edu25

Contact Information Dale R. Thompson, Ph.D., P.E. Associate Professor Computer Science and Computer Engineering Dept. JBHT – CSCE University of Arkansas Fayetteville, Arkansas Phone: +1 (479) FAX: +1 (479) WWW: D. R. Thompsonhttp://rfidsecurity.uark.edu26

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.