Presentation is loading. Please wait.

Presentation is loading. Please wait.

Nurbek Saparkhojayev and Dale R. Thompson, Ph.D., P.E. Computer Science and Computer Engineering Dept. University of Arkansas Matching Electronic Fingerprints.

Published byBernadette Griffith Modified over 9 years ago

Similar presentations

Presentation on theme: "Nurbek Saparkhojayev and Dale R. Thompson, Ph.D., P.E. Computer Science and Computer Engineering Dept. University of Arkansas Matching Electronic Fingerprints."— Presentation transcript:

1 Nurbek Saparkhojayev and Dale R. Thompson, Ph.D., P.E. Computer Science and Computer Engineering Dept. University of Arkansas Matching Electronic Fingerprints of RFID Tags Using the Hotelling’s Algorithm D. R. Thompsonhttp://rfidsecurity.uark.edu1 This material is based upon work supported by the National Science Foundation, Cyber Trust area, under Grant No. CNS-0716578. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation. Presented to: IEEE Sensors Applications Symposium, Feb. 17, 2009

2 Problem Counterfeiting travel documents such as ePassport, DHS PASS card, and future drivers licenses Counterfeiting travel documents such as ePassport, DHS PASS card, and future drivers licenses Travel documents contain radio frequency identification (RFID) tags Travel documents contain radio frequency identification (RFID) tags http://rfidsecurity.uark.edu2D. R. Thompson

3 Threats to RFID tags Cloning the tag Cloning the tag –Copy contents of tag to another tag Side-channel (non-invasive) attacks Side-channel (non-invasive) attacks –Monitor certain external parameters such as power consumption, timing delay, or electromagnetic emission –Inject noise/faults to the target to cause irregular behaviors D. R. Thompsonhttp://rfidsecurity.uark.edu3

4 Tag Counterfeiting/Cloning (Spoofing Identity) http://rfidsecurity.uark.edu4D. R. Thompson

5 Manipulating Data on Passport The Hacker’s Choice (Oct. 2, 2008) The Hacker’s Choice (Oct. 2, 2008) –Copied passport –Replaced picture with Elvis’s picture –Turned off active verification –Tested on boarding pass machine –http://freeworld.thc.org/thc- epassport/ –http://www.youtube.com/watc h?v=4HngStyEm4s Used Jeroen van Beek method presented at Black Hat conference Used Jeroen van Beek method presented at Black Hat conference D. R. Thompsonhttp://rfidsecurity.uark.edu5

6 Counterfeiting Mitigation Tag authentication using cryptography Tag authentication using cryptography –Store secrets on the tag that can be verified –Secret keys, symmetric key and public key cryptography Physical unclonable functions (PUFs) Physical unclonable functions (PUFs) Electronic fingerprint (E-Fingerprint) Electronic fingerprint (E-Fingerprint) http://rfidsecurity.uark.edu6D. R. Thompson

7 Objective Prevent counterfeiting of RFID tags Prevent counterfeiting of RFID tags –Methods for creating electronic fingerprint based on physical characteristics of tag –Digital integrated circuit (IC) design methodology that mitigates power- and timing-based side-channel attacks D. R. Thompsonhttp://rfidsecurity.uark.edu7

8 Approach Electronic fingerprint (e-fingerprint) – – Authentication becomes a function of what the device “is” in addition to a secret it “knows.” Digital integrated circuit (IC) design methodology that mitigates power- and timing-based side- channel attacks Digital integrated circuit (IC) design methodology that mitigates power- and timing-based side- channel attacks http://rfidsecurity.uark.edu8D. R. Thompson

9 Two-layer security Authentication becomes a function of what the device “is” in addition to a secret it “knows.” Two-layers – –Cryptography – –Electronic fingerprint (E-fingerprint) D. R. Thompsonhttp://rfidsecurity.uark.edu9

10 D. R. Thompsonhttp://rfidsecurity.uark.edu10

11 Communication between reader and tag D. R. Thompsonhttp://rfidsecurity.uark.edu11 Tag

12 Features Minimum power response at multiple frequencies (MPRMF) Minimum power response at multiple frequencies (MPRMF) Timing Timing Frequency Frequency Phase Phase Transients Transients D. R. Thompsonhttp://rfidsecurity.uark.edu12

13 Minimum power response measured at multiple frequencies D. R. Thompsonhttp://rfidsecurity.uark.edu13

14 What will the fingerprint look like? D. R. Thompsonhttp://rfidsecurity.uark.edu14

15 FAR and FRR False acceptance rate (FAR) Probability that a false identity claim will be accepted Probability that a false identity claim will be accepted Type II error Type II error Like biometrics, most serious type of error Like biometrics, most serious type of error False rejection rate (FRR) Probability that a true identity claim is falsely rejected Probability that a true identity claim is falsely rejected Type I error Type I error D. R. Thompsonhttp://rfidsecurity.uark.edu15

16 Hotelling’s Two-sample T^2 Algorithm D. R. Thompsonhttp://rfidsecurity.uark.edu16

17 Create synthetic tag fingerprints D. R. Thompsonhttp://rfidsecurity.uark.edu17

18 Parameters p = 4 = number of features p = 4 = number of features n1 = n2 = 20 = number of samples n1 = n2 = 20 = number of samples alpha = 0.025 (95% confidence level) alpha = 0.025 (95% confidence level) If T^2 > 13.81, assume fingerprints are different If T^2 > 13.81, assume fingerprints are different D. R. Thompsonhttp://rfidsecurity.uark.edu18

19 Case 1: Compare fingerprint of tag 0 with all other fingerprints at varying noise levels (mean = 0) D. R. Thompsonhttp://rfidsecurity.uark.edu19

20 D. R. Thompsonhttp://rfidsecurity.uark.edu20

21 D. R. Thompsonhttp://rfidsecurity.uark.edu21

22 Case 2: A single tag fingerprint with std. dev. 1.50 compared against itself at noise levels with different means D. R. Thompsonhttp://rfidsecurity.uark.edu22

23 D. R. Thompsonhttp://rfidsecurity.uark.edu23

24 Conclusions Hotelling’s performs well across a large range of standard deviations IF the noise has zero mean Hotelling’s performs well across a large range of standard deviations IF the noise has zero mean Modest computations Modest computations D. R. Thompsonhttp://rfidsecurity.uark.edu24

25 Future Work Apply the algorithm to the measured features instead of the synthetic features Apply the algorithm to the measured features instead of the synthetic features Apply the algorithm across a much larger set of parameters Apply the algorithm across a much larger set of parameters D. R. Thompsonhttp://rfidsecurity.uark.edu25

26 Contact Information Dale R. Thompson, Ph.D., P.E. Associate Professor Computer Science and Computer Engineering Dept. JBHT – CSCE 504 1 University of Arkansas Fayetteville, Arkansas 72701-1201 Phone: +1 (479) 575-5090 FAX: +1 (479) 575-5339 E-mail: d.r.thompson@ieee.org WWW: http://comp.uark.edu/~drt/ D. R. Thompsonhttp://rfidsecurity.uark.edu26

Download ppt "Nurbek Saparkhojayev and Dale R. Thompson, Ph.D., P.E. Computer Science and Computer Engineering Dept. University of Arkansas Matching Electronic Fingerprints."

Similar presentations

Dr. Marc Valliant, VP & CTO

Dr. Marc Valliant, VP & CTO
Lesson Title: RFID Modulation, Encoding, and Data Rates Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: RFID Modulation, Encoding, and Data Rates Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Lesson Title: Threat Modeling Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.

Lesson Title: Threat Modeling Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This.
Lesson Title: Tag Threats, Risks, and Mitigation Dale R. Thompson and Jia Di Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Tag Threats, Risks, and Mitigation Dale R. Thompson and Jia Di Computer Science and Computer Engineering Dept. University of Arkansas
Physical Unclonable Functions and Applications

Physical Unclonable Functions and Applications
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
Physical Unclonable Functions

Physical Unclonable Functions
Chapter 9 Creating and Maintaining Database Presented by Zhiming Liu Instructor: Dr. Bebis.

Chapter 9 Creating and Maintaining Database Presented by Zhiming Liu Instructor: Dr. Bebis.
Department of Labor HSPD-12

Department of Labor HSPD-12
Biometric Authentication Andrea Blanco Binglin Li Brian Connelly.

Biometric Authentication Andrea Blanco Binglin Li Brian Connelly.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Lesson Title: Threats to and by an RFID system Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Threats to and by an RFID system Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Biometrics II CUBS, University at Buffalo

Biometrics II CUBS, University at Buffalo
Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.

Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.
GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.

GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.
PALM VEIN TECHNOLOGY.

PALM VEIN TECHNOLOGY.
Information Security of Embedded Systems 20.1.2010: Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.

Information Security of Embedded Systems : Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.
Lesson Title: Electromagnetics and Antenna Overview Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Electromagnetics and Antenna Overview Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Lesson Title: Singulation Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This material.

Lesson Title: Singulation Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas 1 This material.

Similar presentations

Ads by Google