Presentation is loading. Please wait.

Presentation is loading. Please wait.

RFID Tags: Privacy and Security without Cryptography Ari Juels RFID-Privacy Workshop at MIT 15 November 2003.

Published byNickolas Douglas Modified over 9 years ago

Similar presentations

Presentation on theme: "RFID Tags: Privacy and Security without Cryptography Ari Juels RFID-Privacy Workshop at MIT 15 November 2003."— Presentation transcript:

1 RFID Tags: Privacy and Security without Cryptography Ari Juels ajuels@rsasecurity.com RFID-Privacy Workshop at MIT 15 November 2003

2 What is a Radio-Frequency Identification (RFID) tag? Chip (IC) Antenna In terms of appearance…

3 You may own a few RFID tags… –Contactless physical-access cards –Automated toll payment –Inventory tags At present, an RFID tag simply calls out its (unique) name or static data at a range of up to several meters What is an RFID tag? “74AB8” “5F8KJ3” “ Plastic #3”

4 The capabilities of basic RFID tags No power –Receives power from reader –Range a few meters Little memory –Static 64-to-128-bit identifier in current ultra-cheap generation (five cents / unit) –Hundreds of bits soon Little computational power –A few thousand gates –No cryptographic functions available –Static keys for read/write permission

5 The grand vision: RFID as next-generation barcode Barcode RFID tag Line-of-sight Radio contact Specifies object type Uniquely specifies object Fast, automated scanning Provides pointer to database entry for every object

6 Commercial applications Smoother inventory tracking –Military supply logistics Gulf War I: Placement of double orders to ensure arrival Gulf War II: RFID renders supply chain much more reliable –Procter & Gamble: Elimination of dock bottleneck -- fast loading of pallets onto trucks Product recalls Anti-counterfeiting Maintaining shelf stocks in retail environments –Gillette Mach3 razor blades Parenting logistics –Water park uses RFID bracelets to track children

7 There is an impending explosion in RFID-tag use Wal-Mart requiring top 100 suppliers to deploy RFID at pallet level by 2005 Gillette announced order of 500,000,000 RFID tags Auto-ID Center at MIT –Wal-Mart, Gillette, Procter & Gamble, etc. –Spearheading EPC (electronic product code) data standard for tags –Developing cheap manufacturing techniques –Handing over standards to Uniform Code Council Estimated costs 2005: $0.05 per tag; $100 per reader 2008: $0.01 per tag; several dollars per reader (?) RFID realm sometimes called “Extended Internet”

8 The Consumer-Privacy Problem

9 500 Euros in wallet Serial numbers: 597387,389473… Wig model #4456 (cheap polyester) 30 items of lingerie Das Kapital and Communist- party handbook Replacement hip medical part #459382 RFID tags will be everywhere…

10 Simple approaches to consumer privacy Method 1: Place RFID-tags in protective mesh or foil Problem: makes locomotion difficult… perhaps useful for wallets

11 Method 2: “Kill” RFID tags Problem: RFID tags are much too useful… Simple approaches to consumer privacy

12 Some consumer applications today House pets Prada, Soho NYC –Personalization / accessorization Building access (HID) ExxonMobil Speedpass Benetton –Clothing – anti-forgery, supply-chain

13 Consumer applications tomorrow “Smart” appliances –Refrigerators that automatically create shopping lists –Closets that tell you what clothes you have available, and search the Web for advice on current styles, etc. –Ovens that know how to cook pre-packaged food “Smart” products –Clothing, appliances, CDs, etc. tagged for store returns “Smart” paper –Airline tickets that indicate your location in the airport –Library books –Business cards Recycling –Plastics that sort themselves

14 Another future application: Euro banknotes European Central Bank rumored to plan implanting RFID tags in banknotes by 2005 Uses? –Anti-counterfeiting –Tracking of illicit monetary flows

15 Other possible uses More efficient mugging “Just in case you want to know, she’s carrying 700 Euro…” Fairly easy tracking of people and transactions by anyone! Law-enforcement snooping capabilities made freely available

16 Why might power to track be freely accessible? Simple static identifiers are the most naïve How about encrypting ID? –Creates new static identifier, i.e., “meta-ID” How about a law-enforcement access key? –Tag-specific keys require initial release of identity –Universal keys subject to interception / reverse- engineering Tags readable only at short range, e.g., 1 cm? –Protects privacy, but is RFID cost effective? Anti-counterfeiting?

17 Early examples of consumer backlash 42% of Google results on “RFID” include word “privacy” CASPIAN (Consumers Against Supermarket Privacy Invasion and Numbering) –Diatribes on RFID at: NoCards.org BoycottGillette.com BoycottBenetton.com –National news coverage: NY Times, Time, etc. Wal-Mart “smart-shelf project” cancelled Benetton RFID plans withdrawn

18 The two messages of this talk 1. Deployed naïvely, embedding of RFID tags in consumer items presents a serious danger to privacy. 2. The danger can be mitigated: It is possible to strike a balance between privacy and convenience.

19 Two Technical Approaches to Enhancing RFID Privacy

20 First approach [Juels ’03]: Minimalist cryptography Standard, e.g., Internet “adversarial” model –System components simultaneously accessible by adversary –Adversary may interact in unlimited way

21 First approach : Minimalist cryptography RFID adversarial model is different: –Adversary with full system access can easily break it Without cryptography, tags cannot survive attack! –In real world, adversary must have physical proximity to tags to interact with them

22 A couple of scenarios Example: Building access –Adversary may make limited queries of tags in parking lot before employees authenticate to door readers Example: Readers scattered around city –Adversary may performed limited scanning of pedestrians

23 Pseudonym rotation Set of cryptographically unlinkable pseudonyms computed externally by trusted verifier Pseudonyms stored on tag Limited storage means at most, e.g., 10 pseudonyms Tag cycles through pseudonyms “74AB8” “MMW91” = ?

24 Are several pseudonyms enough? Strengthen restriction on adversarial queries using “throttling” –Tag enforces pattern of query delays Pseudonym refresh –Valid reader provides new pseudonyms –Pseudonyms must be protected against eavesdropping and tampering using encryption, but tags cannot do standard cryptography! –Pseudonyms encrypted using special interleaving of one- time pads Getting good model is difficult

25 Second Approach [Juels, Rivest, & Szydlo ‘03]: The “Blocker” Tag

26 “Blocker” Tag Blocker simulates all (billions of) possible tag serial numbers!! 1,2,3, …, 2023 pairs of sneakers and… (reading fails)…

27 “Tree-walking” anti-collision protocol for RFID tags 000 001 010 011100 101 110 111 00011011 01 ?

28 In a nutshell “Tree-walking” protocol for identifying tags recursively asks question: –“What is your next bit?” Blocker tag always says both ‘0’ and ‘1’! –Makes it seem like all possible tags are present –Reader cannot figure out which tags are actually present –Number of possible tags is huge (at least a billion billion), so reader stalls

29 Two bottles of Merlot #458790 Blocker tag system should protect privacy but still avoid blocking unpurchased items

30 Consumer privacy + commercial security Blocker tag can be selective: –Privacy zones: Only block certain ranges of RFID-tag serial numbers –Zone mobility: Allow shops to move items into privacy zone upon purchase Example: –Blocker blocks all identifiers with leading ‘1’ bit –Items in supermarket carry leading ‘0’ bit –On checkout, leading bit is flipped from ‘0’ to ‘1’ PIN required, as for “kill” operation

31 Blocking with privacy zones 000 001 010 011100 101 110 111 00011011 01 Transfer to privacy zone on purchase of item Privacy zone

32 Polite blocking We want reader to scan privacy zone when blocker is not present –Aim of blocker is to keep functionality active – when desired by owner But if reader attempts to scan when blocker is present, it will stall! Your humble servant requests that you not scan the privacy zone Polite blocking: Blocker informs reader of its presence

33 More about blocker tags Blocker tag can be cheap –Essentially just a “yes” tag and “no” tag with a little extra logic –Can be embedded in shopping bags, etc. With multiple privacy zones, sophisticated, e.g., graduated policies are possible Standards integration would be quite helpful –AutoID Center (UCC) may support this

34 Application of pseudonyms and blockers Privacy isn’t just a consumer issue! –RFID tags make industrial espionage easier in supply chains Pseudonym management good for supply chains Pseudonym management helps provide anti- cloning Blocker most appropriate for privacy protection for consumers

35 Final remarks Contrast dystopian visions with physical reality of RFID tags: –Manufacturers struggling with reliability, e.g., UHF tags hard to read near human body! RFID tags vs. mobile phones –Infrastructure ownership –Nature of information leakage –Control of on/off –RFID tags like physical cookies Spectrum of RFID devices –$0.05 vs. $1.00 Legislation and technology most effective in concert Privacy is just one of many RFID-related security issues! –As “Extended Internet”, RFID represents extension of traditional security perimeter

Download ppt "RFID Tags: Privacy and Security without Cryptography Ari Juels RFID-Privacy Workshop at MIT 15 November 2003."

Similar presentations

Enabling New RFID Communication Opportunities with EPC Network Services Tony Rutkowski Vice President VeriSign Communication Services tel: +1 703.948.4305.

Enabling New RFID Communication Opportunities with EPC Network Services Tony Rutkowski Vice President VeriSign Communication Services tel:
RFID IN UNIVERSITY OF JAMMU RFID is used in libraries primarily to automate the book handling process including checkout, inventory maintenance, and check-in.

RFID IN UNIVERSITY OF JAMMU RFID is used in libraries primarily to automate the book handling process including checkout, inventory maintenance, and check-in.
SMUCSE 7349 RFID Security. SMUCSE 7349 Current Applications Logistics –Military supply logistics Gulf War I: Double orders to ensure arrival Gulf War.

SMUCSE 7349 RFID Security. SMUCSE 7349 Current Applications Logistics –Military supply logistics Gulf War I: Double orders to ensure arrival Gulf War.
Land transportation simply means any form of transportation that takes place onland.

Land transportation simply means any form of transportation that takes place onland.
NFC Devices: Security and Privacy

NFC Devices: Security and Privacy
G53SEC 1 Hardware Security The (slightly) more tactile side of security.

G53SEC 1 Hardware Security The (slightly) more tactile side of security.
RFID – Lessons Learned July 22, 2004 Russ Brown. Agenda vRFID Basics vRFID Vision vRFID Upside vRFID Concerns vRFID Lessons Learned vRFID Future State.

RFID – Lessons Learned July 22, 2004 Russ Brown. Agenda vRFID Basics vRFID Vision vRFID Upside vRFID Concerns vRFID Lessons Learned vRFID Future State.
TPS – UNIQUE HARDWARE (WWW.HOWSTUFFWORKS.COM) Option 1: Transaction Processing Systems.

TPS – UNIQUE HARDWARE ( Option 1: Transaction Processing Systems.
The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy A. Juels, R. L. Rivest, and M. Szydlo 8th ACM Conference on Computer and Communications.

The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy A. Juels, R. L. Rivest, and M. Szydlo 8th ACM Conference on Computer and Communications.
Rafrex LLC - RFID Solutions

Rafrex LLC - RFID Solutions
Security for RFID Department of Information Management, ChaoYang University of Technology. Speaker : Che-Hao Chen ( 陳哲豪 ) Date:2006/01/18.

Security for RFID Department of Information Management, ChaoYang University of Technology. Speaker : Che-Hao Chen ( 陳哲豪 ) Date:2006/01/18.
RFID: Security and Privacy for Five-Cent Computers Ari Juels Principal Research Scientist RSA Laboratories USENIX Security 2004 5¢5¢

RFID: Security and Privacy for Five-Cent Computers Ari Juels Principal Research Scientist RSA Laboratories USENIX Security ¢5¢
High-Power Proxies for Enhancing RFID Privacy and Utility PETs Workshop June 1, 2005 Paul Syverson Naval Research Laboratory Joint work with Ari Juels,

High-Power Proxies for Enhancing RFID Privacy and Utility PETs Workshop June 1, 2005 Paul Syverson Naval Research Laboratory Joint work with Ari Juels,
RFID Security and Privacy A Research Survey Shruti Pathak CS 585 Spring ‘09.

RFID Security and Privacy A Research Survey Shruti Pathak CS 585 Spring ‘09.
RFID Security CMPE 209, Spring 2009 Presented by:- Snehal Patel Hitesh Patel Submitted to:- Prof Richard Sinn.

RFID Security CMPE 209, Spring 2009 Presented by:- Snehal Patel Hitesh Patel Submitted to:- Prof Richard Sinn.
Security in RFID Presented By… NetSecurity-Spring07

Security in RFID Presented By… NetSecurity-Spring07
RFID Chris Harris Carey Mears Rebecca Silvers Alex Carper.

RFID Chris Harris Carey Mears Rebecca Silvers Alex Carper.
AutoID Automatic Identification Technologies at the MIT Media Lab Gregory Chittim – ES 112 – 03S.

AutoID Automatic Identification Technologies at the MIT Media Lab Gregory Chittim – ES 112 – 03S.
#1 Privacy in pervasive computing What can technologists do? David Wagner U.C. Berkeley In collaboration with David Molnar, Andrea Soppera, Ari Juels.

#1 Privacy in pervasive computing What can technologists do? David Wagner U.C. Berkeley In collaboration with David Molnar, Andrea Soppera, Ari Juels.
R adio F requency Id entification Ta’Tyana McElroy Jeffrey Tuma.

R adio F requency Id entification Ta’Tyana McElroy Jeffrey Tuma.

Similar presentations

Ads by Google