Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented By:- Siva Prasad Reddy Nooli

Published byArron Eaton Modified over 6 years ago

Similar presentations

Presentation on theme: "Presented By:- Siva Prasad Reddy Nooli"— Presentation transcript:

1 Presented By:- Siva Prasad Reddy Nooli
EPC RFID Tag Security Weaknesses and Defenses - Passport Cards, Enhanced Drivers Licenses, and Beyond -Karl Koscher, Ari Juels, Vjekoslav Brajkovic, Tadayoshi Kohno Presented By:- Siva Prasad Reddy Nooli

2 Motivation EPC – RFID existence Risks and Challenges Counter Measures Security Risks

3 Applications Wide Range of Applications Automation in supply chain
Security borders document verification Driving licenses EPC Gen-2 makes it possible with low cost

4

5 Today’s Agenda Security of EPC RFID tags in United States PASS cards at national border crossings Security of EPC RFID tags in Enhanced Driving Licenses The Risks involved in applying EPC RFID tags in these applications and its reflections on others applications. Counter Measures The conclusions on derived results

6 Vulnerability Analysis
EPC RFID use on PASS cards and EDLs is of prominent security concern The need for vulnerability analysis in these applications The possibilities for security risks Similar to other approaches ISO security standards

7 1. Cloning Security check with public identity documents
Can be cloned with single read Casts doubt on unique – TIDs, Low power tool Apply to tag’s publicly readable data Either eavesdropping or physical invasive attacks

8 2. Readability Major vulnerability other than cloning
Distance at which EPC tag is read EDL inside wallet will be detected even at considerable distance Human body as abstraction for tag reading Privacy with unique serial number

9 3. Other possible attacks
Denial of service and covert channel attacks Cards without PIN Passport cards exempt from similar weaknesses. EDLs’ heightened susceptibility to in-sleeve scanning

10 The Proposed Contribution
Security depends on operational environment The EDL or Passport is checked with photo of its bearer The passenger screening process benefits from multiple layers of security EPC-enabled identity documents should provide adequate security Implementation of “kill” co-opting techniques Helps for anti-counterfeiting and secure item pedigrees

11 Experimental Evaluation of Passport card and EDLS

12 1.Weakness in the TID based anti-cloning mechanism
ACCESS PIN on both the cards and KILL pin of the passport card. Unique identities cannot be cross copied, but manufacturer give enough additional information to determine the tag’s capabilities. E0h vs E2h class of TID Tag specific TID’s might just prevent copying (physical) of one EPC to other but cannot prevent emulation (logical) of EPC tag in another radio device. Not an anti cloning tool but a countermeasure.

13 Continued. Physical copying vs Logical copying
ACCESS PIN on PASSPORT and EDL, and the KILL PIN of the Passport Card cannot be cloned Does not prevent the emulation of an EPC tag in another radio device Forego the security of TID in EDL and Passport Card increases the risks of cloning

14 2.Other memory banks Read-protected pieces of memory on the cards are the KILL PIN and ACCESS PIN on Passport Card and ACCESS PIN on EDLs the entire EPC memory bank (which contains the card’s unique EPC value) is readable, as is the TID memory bank Cards report “no such memory location” error when attempting to read words that we do not expect to be present

15 3.KILL-PIN selection The KILL PIN is unprogrammed and not locked on the Washington State EDLs Unless the EDL Gen-2 tag is specially manufactured, the presence of a generic TID is subject to over-the-air killing by any reader An attacker can exploit the KILL PIN as a covert channel.

16 4.Read-Range Experiments
Given the cloning threat (single read), tag read ranges become a major consideration in the vulnerability of tags to clandestine scanning, so… US Department of State issued radio-opaque shielding sleeves with each Passport Washington State issued protective sleeves for EDLs as well Consistent use of protective sleeves requires diligence on the part of EDL and Passport Card bearers (unlikely) Read ranges could vary due to… The material to which a tag is affixed The configuration of the interrogating reader The physical characteristics of the surrounding scanning environment The tag's antenna

17 Continued. Tested read ranges in different physical environments:
Indoors, freestanding, but with other objects nearby Indoors, in a corridor, with no other nearby objects Outdoors in free space With different carrying modes: Held away from the body Inside a purse, both inside a wallet and in a side pocket In a backpack In a wallet in a back trouser pocket In a wallet in a front shorts pocket Adjacent to a wallet in a front shorts pocket

18 Continued. With different protective sleeves (crumpled vs new):
In a new sleeve, held out by hand; In a crumpled sleeve, held out by hand; In a new sleeve, in a wallet in a back trouser pocket; and In a crumpled sleeve, in a wallet in a back trouser pocket. Why these tests? Read range results have a strong bearing on overall security of the border- crossing system

19 Continued. Observations:
Both cards were subject to reading at distances > 50 meters in optimal conditions Passport Cards, while not readable in new protective sleeve, were readable under certain circumstances in a crumpled sleeve EDLs were readable, inside protective sleeves, at a distance of some tens of centimeters

20 Antenna inside EDL and Passport Card

21 DEFENSIVE DIRECTIONS: BACKWARD-COMPATIBLE CLONING DEFENSES

22 1. KILL Command: An EPC feature designed to protect consumer privacy by providing an option to disable tags at point of sale in retail environments. Tag receiving KILL command along with tag specific 32 bit KILL PIN Pkill would be permanently disabled but depending on the “Power” factor. KILL based authentication.

23 Co-opting KILL for tag authentication
To Authenticate Tag, a Reader… Must have knowledge of a tag’s valid KILL PIN (Pkill) Constructs an invalid KILL PIN (P’kill) Transmits the KILL PIN pair (P’kill; Pkill), in a random order, across two low-power KILL command sessions Expected Result… A valid tag will acknowledge the correct PIN (by responding with an “Insufficient Power” error code) and reject the incorrect PIN (with no response at all) An invalid tag will respond correctly only once (i.e., with no response to P’kill) – but will not respond to either PIN.

24 2 .The access command Accompanied by 32 bit PIN Paccess command could perform a read access control. ACCESS based authentication. EDL could have its KILL PIN set and locked over-the-air at the border

25 Co-opting ACCESS for tag authentication
ACCESS-Based Authentication (ABA) A form of one-time “challenge-response” To Authenticate Tag, a Reader… Must have knowledge of a tag’s ACCESS PIN (Paccess) as well as its Private Data (D) Transmits the Paccess and confirms correct Private Data (D)

26 Advantages and disadvantages of KBA and ABA
KBA is preferred because of optional ACCESS command and its possible to deploy independently. One can use Pkill to authenticate tags using KILL. Pkill might be revealed to state law enforcement officials, allowing them to authenticate tags (and kill them), but not to clone them Neither technique is resistant to eavesdropping. They are ad-hoc tools. KBA and ABA are backward compatible. KBA, if not carefully implemented, may kill the cards.

27 Experiments with and extensions to KILL- based authentication

28 Implementing KILL-based Authentication (KBA)
The Implementation Challenge Reader Power Calibration: I.e., Having the reader transmit enough power to interrogate a tag, but not enough to actually KILL the tag Two KBA Algorithms are proposed & evaluated: Simple KBA Algorithm Scaled KBA Algorithm Each Algorithm consists of two phases: Reader Power Calibration Phase – correct power level is determined Authentication Phase – the KILL command is issued

29 I. Simple KBA Algorithm Reader Power Calibration Phase
Reader ramps up power, from min to max, in its smallest possible increments Reader transmits the KILL command at each level When reader receives its first reply from the tag, reader’s power level is fixed (at that level) Authentication Phase Reader sends N KILL commands (N-1 bogus PINs, 1 real PIN), at the selected power level, to authenticate the tag

30 Simple KBA Algorithm (Cont.)
Tested using varying distances b/w Tag and Reader’s Antenna Test Criteria: N = 10 (# KILL commands sent) Algorithm repeated 10 times/distance Expectation: 10 successful tag authentications at each distance Observations: Weakness… if tag too close, reader power level not low enough to avoid unintentional KILL Successfully authenticates tag most of the time In practice, authentication could be repeated if unsuccessful

31 II. Scaled KBA Algorithm
More sophisticated. Attempts to avoid unintentional KILLs Calibrates reader power levels b/w the min power required to read tag and the min power required to write tag Why? More power required to write than to read. Tag disablement (a true KILL) would require, minimally, the power to write

32 Scaled KBA Algorithm (Cont.)
Reader Power Calibration Phase (5 steps) Via power ramping, determine the minimum reader power level PW RR required to read the target tag Via power ramping, determine the minimum reader power level PW RW required to write to the tag Verify the availability of minimum margin PW RW − PW RR ≥ µ, where µ is a minimum power- margin parameter. If not, abort. Scale the reader’s power level within the range PW RR+ δ(PW RW − PW RR), for δ ∈ [0, 1]. Ensure that the power level selected doesn’t allow a tag to write to itself. Authentication Phase Reader sends N KILL commands (N-1 bogus PINs, 1 real PIN), at the selected power level, to authenticate the tag

33 Scaled KBA Algorithm (Cont.)
Tested using varying distances b/w Tag and Reader’s Antenna Test Criteria: N = 10 (# KILL commands sent) Algorithm repeated 100 times/ea Expectation: 100 successful tag authentications at each distance Observations: Achieves objective – alleviates unintentional KILLs at short ranges Weakness… calibration phase requires writing to tag, and not all tags support being written to (e.g., PASS cards are perma-locked read-only)

34 Other Security Proposals.
Present mechanisms for protecting the tag: A 16-bit Pseudo-Random Number Generator and A 16-bit Cyclic Redundancy Code Proposed methodologies: TRAP-1: a EPCGen2 RFID protocol TRAP-2: a anonymous EPCGen2 RFID protocol Security: Privacy Authentication Attack Ranges Attack Against RFID systems

35 Some more details RFID and EPC on Internet of Things
RFID transponders (tags) consist of: Micro Chip Antenna Case Battery Energy Sources Passive Semi – Passive Active

36 Key vendors of EPC RFID devices:
Frequency Bands: Low Frequency - (LF, kHz) High Frequency - (HF, MHz) Ultra High Frequency - (UHF, MHz, GHz, 5.8GHz) Key vendors of EPC RFID devices: Datalogic Honeywell International Zebra Tecgnologies

37 Conclusion Explored the issue of cloning in most widely deployed radio device, the Class-1 Gen-2 EPC tag Focused on deployment of RFID tags in Passport Cards and Enhanced Drivers Licenses Can be extended well beyond EDLs and Passport Cards to EPC deployment wherever cloning or counterfeiting poses a risk KILL-Based Authentication (KBA) offers a viable strategy in defense of the Gen-2 EPC Tag’s weakness to cloning Simple KBA is the most promising approach when Scaled KBA cannot be used e.g., when tag writing is not supported (as is the case with the PASS Card)

38 References http://www.ijcst.com/vol61/1/26-Mohsen-Hallaj-Asghar.pdf
technologydevelopmenttrends-and-opportunities-market-research-report-to- 2021

39 Q&A

40 Thank You

Download ppt "Presented By:- Siva Prasad Reddy Nooli"

Similar presentations

Made Harta Dwijaksara Park, Yi Jae

Made Harta Dwijaksara Park, Yi Jae
Gone in 360 Seconds: Hijacking with Hitag2

Gone in 360 Seconds: Hijacking with Hitag2
Lecture 6 User Authentication (cont)

Lecture 6 User Authentication (cont)
G53SEC 1 Hardware Security The (slightly) more tactile side of security.

G53SEC 1 Hardware Security The (slightly) more tactile side of security.
Timo Kasper Crete, Greece May 10, 2007 An Embedded System for Practical Security Analysis of Contactless Smartcards Timo Kasper, Dario Carluccio and Christof.

Timo Kasper Crete, Greece May 10, 2007 An Embedded System for Practical Security Analysis of Contactless Smartcards Timo Kasper, Dario Carluccio and Christof.
A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.

A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.
Security for RFID Department of Information Management, ChaoYang University of Technology. Speaker : Che-Hao Chen ( 陳哲豪 ) Date:2006/01/18.

Security for RFID Department of Information Management, ChaoYang University of Technology. Speaker : Che-Hao Chen ( 陳哲豪 ) Date:2006/01/18.
Nurbek Saparkhojayev and Dale R. Thompson, Ph.D., P.E. Computer Science and Computer Engineering Dept. University of Arkansas Matching Electronic Fingerprints.

Nurbek Saparkhojayev and Dale R. Thompson, Ph.D., P.E. Computer Science and Computer Engineering Dept. University of Arkansas Matching Electronic Fingerprints.
RFID Security CMPE 209, Spring 2009 Presented by:- Snehal Patel Hitesh Patel Submitted to:- Prof Richard Sinn.

RFID Security CMPE 209, Spring 2009 Presented by:- Snehal Patel Hitesh Patel Submitted to:- Prof Richard Sinn.
Risk of Using RFID chips in Passports Oscar Mendez.

Risk of Using RFID chips in Passports Oscar Mendez.
Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.

Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.
RFID Cardinality Estimation with Blocker Tags

RFID Cardinality Estimation with Blocker Tags
October 05 Standards. October 05 - 2 My own lesson in RFID standardization.

October 05 Standards. October My own lesson in RFID standardization.
RFID in Mobile Commerce and Security Concerns Chassica Braynen April 25, 2007.

RFID in Mobile Commerce and Security Concerns Chassica Braynen April 25, 2007.
Real World Applications of RFID Mr. Mike Rogers Bryan Senior High School Omaha, NE.

Real World Applications of RFID Mr. Mike Rogers Bryan Senior High School Omaha, NE.
Lecture Notes #7 Radio Frequency Identification (RFID)

Lecture Notes #7 Radio Frequency Identification (RFID)
EPC for Security Applications By Jacob Ammons & Joe D’Amato.

EPC for Security Applications By Jacob Ammons & Joe D’Amato.
Physical-layer Identification of RFID Devices Authors: Boris Danev, Thomas S. Heyde-Benjamin, and Srdjan Capkun Presented by Zhitao Yang 1.

Physical-layer Identification of RFID Devices Authors: Boris Danev, Thomas S. Heyde-Benjamin, and Srdjan Capkun Presented by Zhitao Yang 1.
David Molnar, David Wagner - Authors Eric McCambridge - Presenter.

David Molnar, David Wagner - Authors Eric McCambridge - Presenter.
1 Computer Networks Course: CIS 3003 Fundamental of Information Technology.

1 Computer Networks Course: CIS 3003 Fundamental of Information Technology.

Similar presentations

Ads by Google