Presentation is loading. Please wait.

Presentation is loading. Please wait.

Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 1 TU Graz/Computer Science/IAIK/VLSI Institute for Applied Information.

Published byMelinda Heaphy Modified over 9 years ago

Similar presentations

Presentation on theme: "Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 1 TU Graz/Computer Science/IAIK/VLSI Institute for Applied Information."— Presentation transcript:

1 Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 1 TU Graz/Computer Science/IAIK/VLSI Institute for Applied Information Processing and Communications (IAIK) Graz University of Technology Thomas Plos Evaluation of Side-Channel Preprocessing Techniques on Cryptographic-Enabled HF and UHF RFID-Tag Prototypes Thomas Plos, Michael Hutter, Martin Feldhofer Workshop on RFID Security 2008 09. - 11.07.2008, Budapest, Hungary

2 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 2 TU Graz/Computer Science/IAIK/VLSI Thomas Plos Outline  Motivation  Prevalent countermeasures  Hiding in time dimension  Attacking techniques on hiding  Arguments for using FFT  Conducted attacks  Tag prototypes  Measurement setup  Results  Conclusion

3 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 3 TU Graz/Computer Science/IAIK/VLSI Thomas Plos Motivation (1)  > 1 billion RFID tags sold in 2006  Movement towards “internet of things”  Current low-cost tags cannot prevent fake products  Enhanced functionality opens field for new applications  Sensors  Actuators  Weakest link of the system determines security  crypto on tags

4 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 4 TU Graz/Computer Science/IAIK/VLSI Thomas Plos Motivation (2)  It was long believed that strong crypto is unfeasible on passive RFID tags  Meanwhile great effort to bring standardized crypto on low-cost tags  Secure algorithm  secure implementation  Side-channel analysis (SCA) exploits implementation weaknesses  Protection via countermeasures necessary

5 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 5 TU Graz/Computer Science/IAIK/VLSI Thomas Plos Prevalent Countermeasures  Make power consumption independent of intermediate values  Principally two ‘types’ of countermeasures:  Hiding  In time dimension:  random insertion of dummy cycles  shuffling  In amplitude dimension:  increase noise  reduce signal  Masking  Boolean masking (e.g.  )  Arithmetic masking (e.g. +, *)

6 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 6 TU Graz/Computer Science/IAIK/VLSI Thomas Plos Hiding in Time Dimension  Highly suitable for low-resource devices like RFID tags  Mainly effects control logic  Cost efficient in terms of hardware  Time is not a critical parameter in RFID due to rather low data rates in protocols  Using the example of AES: Dummy operationsByte shuffling

7 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 7 TU Graz/Computer Science/IAIK/VLSI Thomas Plos Attacking Techniques on Hiding  Filtering (amplitude dimension)  Attenuation of disturbing signals  Requires knowledge of wanted signal/disturbing signal  Integration techniques (time dimension)  Summing up “specific points” defined by a comb or a window  Requires knowledge of “specific points”  Identification of parameters for filtering/integration techniques could be challenging  Can FFT help us?

8 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 8 TU Graz/Computer Science/IAIK/VLSI Thomas Plos Arguments for Using FFT  FFT is time-shift invariant  Efficiency of randomization is diminished  Influence of misaligned traces during measurements is reduced  Filtering of disturbing signals not necessary (e.g. carrier signal of RFID reader)  Differential Frequency Analysis (DFA) first mentioned by C. Gebotys (CHES 2005)

9 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 9 TU Graz/Computer Science/IAIK/VLSI Thomas Plos Conducted Attacks  Analysis of RFID devices (HF and UHF)  Current low-cost RFID tags do not contain strong crypto + randomization  Using self-made tag prototypes  Integration of 128-bit AES with randomization  Comparing DEMA with DFA  Disturbing carrier signal: DEMA + filteringvs.DFA  Disturbing carrier signal + randomization of AES: DEMA + filtering + windowingvs. DFA

10 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 10 TU Graz/Computer Science/IAIK/VLSI Thomas Plos Tag Prototypes  HF tag prototype  13.56MHz  ISO14443-A  Semi passive  UHF tag prototype  868MHz  ISO18000-6C  Semi passive

11 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 11 TU Graz/Computer Science/IAIK/VLSI Thomas Plos Measurement Setup

12 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 12 TU Graz/Computer Science/IAIK/VLSI Thomas Plos Results (1)  HF tag prototype  Disturbing 13.56 MHz carrier signal DEMA + filtering DFA

13 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 13 TU Graz/Computer Science/IAIK/VLSI Thomas Plos Results (2)  UHF tag prototype  Disturbing 868 MHz carrier signal DEMA + filtering DFA

14 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 14 TU Graz/Computer Science/IAIK/VLSI Thomas Plos Results (3)  HF tag prototype  Disturbing 13.56 MHz carrier signal + randomization of AES enabled DEMA + filtering + windowing DFA

15 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 15 TU Graz/Computer Science/IAIK/VLSI Thomas Plos Results (4)  UHF tag prototype  Disturbing 868 MHz carrier signal + randomization of AES enabled DEMA + filtering + windowing DFA

16 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 16 TU Graz/Computer Science/IAIK/VLSI Thomas Plos Conclusion  Evaluation of SCA pre-processing techniques on RFID devices using hiding in time domain  HF and UHF RFID-tag prototypes implementing 128-bit AES with randomization  DEMA + filtering (+windowing) vs. DFA  All attacks successful  DFA offers good results without further knowledge about implementation  Hiding alone as countermeasure for RFID tags not sufficient

17 http://www.iaik.tugraz.at Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 17 TU Graz/Computer Science/IAIK/VLSI Thomas Plos http://www.iaik.tugraz.at/research/sca-lab Thomas.Plos@iaik.tugraz.at Michael.Hutter@iaik.tugraz.at Martin.Feldhofer@iaik.tugraz.at

Download ppt "Institute for Applied Information Processing and Communications (IAIK) – VLSI & Security 1 TU Graz/Computer Science/IAIK/VLSI Institute for Applied Information."

Similar presentations

World Class Standards Security challenges in an Internet of Things RFID and beyond, RFID03_07 Scott CADZOW C3L © C3L 2008. All rights reserved Workshop.

World Class Standards Security challenges in an Internet of Things RFID and beyond, RFID03_07 Scott CADZOW C3L © C3L All rights reserved Workshop.
Toward Practical Public Key Anti- Counterfeiting for Low-Cost EPC Tags Alex Arbit, Avishai Wool, Yossi Oren, IEEE RFID April 2011 1.

Toward Practical Public Key Anti- Counterfeiting for Low-Cost EPC Tags Alex Arbit, Avishai Wool, Yossi Oren, IEEE RFID April
Gone in 360 Seconds: Hijacking with Hitag2

Gone in 360 Seconds: Hijacking with Hitag2
RFID: OPPORTUNITIES and CHALLENGES Yize Chen. History In 1969, Mario Cardullo presented a RFID business plan to investors. The application areas include:

RFID: OPPORTUNITIES and CHALLENGES Yize Chen. History In 1969, Mario Cardullo presented a RFID business plan to investors. The application areas include:
NFC Security What is NFC? NFC Possible Security Attacks. NFC Security Attacks Countermeasures. Conclusion. References.

NFC Security What is NFC? NFC Possible Security Attacks. NFC Security Attacks Countermeasures. Conclusion. References.
Technical Issues Regarding Near Field Communication Group 16 Tyler Swofford Matthew Kotan.

Technical Issues Regarding Near Field Communication Group 16 Tyler Swofford Matthew Kotan.
Time Cost Evaluation for Executing RFID Authentication Protocols Yingjiu Li, Ph.D. Associate Professor School of Information Systems Singapore Management.

Time Cost Evaluation for Executing RFID Authentication Protocols Yingjiu Li, Ph.D. Associate Professor School of Information Systems Singapore Management.
Mobile Appliance Security: Concerns and Challenges Mahesh Mamidipaka ICS 259: Seminar in Design Science 1. Securing Mobile Appliances: New Challenges for.

Mobile Appliance Security: Concerns and Challenges Mahesh Mamidipaka ICS 259: Seminar in Design Science 1. Securing Mobile Appliances: New Challenges for.
Timo Kasper Crete, Greece May 10, 2007 An Embedded System for Practical Security Analysis of Contactless Smartcards Timo Kasper, Dario Carluccio and Christof.

Timo Kasper Crete, Greece May 10, 2007 An Embedded System for Practical Security Analysis of Contactless Smartcards Timo Kasper, Dario Carluccio and Christof.
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL 6788 11.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
Yossef Oren, Dvir Schirman, and Avishai Wool: Tel Aviv University ESORICS 2013.

Yossef Oren, Dvir Schirman, and Avishai Wool: Tel Aviv University ESORICS 2013.
1 Remote Power Analysis of RFID Tags Joint work with Adi Shamir yossi.oren[at]weizmann.ac.il 28/Aug/06.

1 Remote Power Analysis of RFID Tags Joint work with Adi Shamir yossi.oren[at]weizmann.ac.il 28/Aug/06.
Anti-counterfeiting via Federated RFID Tags’ Diversities Lei Yang Tsinghua University Pai Peng, Fan Dang, Xiang-Yang Li, Yunhao Liu.

Anti-counterfeiting via Federated RFID Tags’ Diversities Lei Yang Tsinghua University Pai Peng, Fan Dang, Xiang-Yang Li, Yunhao Liu.
Ruhr University Bochum Cryptography in Heavily Constraint Environments Christof Paar EUROBITS Center for IT Security COmmunication SecuritY (COSY) Group.

Ruhr University Bochum Cryptography in Heavily Constraint Environments Christof Paar EUROBITS Center for IT Security COmmunication SecuritY (COSY) Group.
Zheming CSCE715.  A wireless sensor network (WSN) ◦ Spatially distributed sensors to monitor physical or environmental conditions, and to cooperatively.

Zheming CSCE715.  A wireless sensor network (WSN) ◦ Spatially distributed sensors to monitor physical or environmental conditions, and to cooperatively.
1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.

1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.
EMBEDDED RFID IN PRODUCT IDENTIFICATION Tommi Kallonen Jari Porras Lappeenranta University of Technology.

EMBEDDED RFID IN PRODUCT IDENTIFICATION Tommi Kallonen Jari Porras Lappeenranta University of Technology.
Geneva, Switzerland, 15-16 September 2014 Lightweight Cryptography for the Connected Car/ITS Security Shiho Moriai Director, Security Fundamentals Laboratory,

Geneva, Switzerland, September 2014 Lightweight Cryptography for the Connected Car/ITS Security Shiho Moriai Director, Security Fundamentals Laboratory,
Radu Muresan CODES+ISSS'04, September 8-10, 2004, Stockholm, Sweden1 Current Flattening in Software and Hardware for Security Applications Authors: R.

Radu Muresan CODES+ISSS'04, September 8-10, 2004, Stockholm, Sweden1 Current Flattening in Software and Hardware for Security Applications Authors: R.
Multidisciplinary Engineering Senior Design Project 06509 RFID Garage Door Entry System Preliminary Design Review 2.24.2006 Team Members: Kenneth Williams,

Multidisciplinary Engineering Senior Design Project RFID Garage Door Entry System Preliminary Design Review Team Members: Kenneth Williams,

Similar presentations

Ads by Google