Defence Research and Development Canada Recherche et développement pour la défense Canada Canada RFID Security and Privacy Issues and Countermeasures

Defence Research andDevelopment Canada

Recherche et développementpour la défense Canada Canada

RFID Security and Privacy Issues and Countermeasures

Dr. Qinghan Xiao

Defence R&D Canada – Ottawa

November 13, 2009

Defence R&D Canada – Ottawa • R & D pour la défense Canada – Ottawa

Deference R&D Canada

• Defense R&D Canada is an agency of the Canadian Department of National Defense responding to the scientific and technological needs of the Canadian Forces

• The agency is made up of seven research centres located across Canada


Network Information Operations Section

• Attack Detection and Analysis

– Situational awareness of the information technology infrastructure

– Network traffic analysis

• Secure Mobile Networking– Secure Ad-hoc Peer-to-Peer Networking– Secure Wireless LANs

• Information Protection and Assurance– Secure access control capability

– Biometrics

– RFID


Outline

• Overview of Security Risks with RFID– Three areas of concern

• RFID Vulnerabilities– Unauthorized reading/writing, trigger device, etc.

• Type of Attacks– Reverse engineering, eavesdropping, etc.

• Privacy Issues– Tracking and tracing, profile a person’s habits, etc.

• Countermeasures– Authentication, encryption, etc.


Contactless Technologies

RFID Class Description Applications Memory Types Range

Proprietary (125kHz) Basic RFID

Passive

Access, Inventory ROM, EPROM ~ 1 meter

EPC Global/ISO18000

(900MHz – 2.45GHz)

Basic RFID

Passive

Tolling, Inventory

ROM, EPROM ~ 10 meters

ISO/IEC 15693

(13.56MHz)

Smart Label

Passive

Access, Inventory, Electronic Ticketing

ROM, RAM, EEPROM,

FRAM

~ 1 meter

ISO/IEC14443 A/B (13.56MHz)

Microcontroller

Passive

Access, Payment ROM, RAM, EEPROM,

FRAM

~ 10 cm

Active RFID

(303Mhz – 2400MHz)

Microcontroller

Active

Inventory, Tolling

ROM, RAM, EEPROM

~ 100 meters +


Security Risks with RFID

Information Attacks (malicious virus introduction)

Network-Based Risks are related to traditional network security risks need to be addressed by the IA community

Tag cloning risks become important as the government and companies increasingly take the advantage of automatic identification technologies

Attack risks introduced by adopting RFID technology

Networked Reader Attacks

RFID-Induced Network Risks

Monitoring the Air Interface

Data Integrity on the Tag (encryption of data on tags)

Blocking Access to Tags

Permanently Disabling Tags (kill tags)

System Interface (Hospital)

RF Saturation and Jamming

Targeting (Trigger device)

Tracking

RFID Security

Risks


High Level Security Vulnerabilities

1. Unauthorized Reading of Tag Data

2. Unauthorized Writing of Tag Data

3. Insertion of Rogue/Counterfeit Tags

4. Tag Destruction/Disabling

5. Degradation of Tag Data Collection

6. Electromagnetic Interference from RFID Tags

7. Tags Leak Electronic Information

8. RFID Reader as a Platform for Attack

9. RFID Tag used as a Trigger Device

10. Destructive Electromagnetic Emission


RFID Security ‘The Dark Side’

Reference [1]


The Dark Side

RFDUMP — is a tool that allows you to not only read RFID tags within range, but more worryingly, you can actually change and alter the data stored in the RFID tag

Spectrum Interference — not only degrades the read range between a reader and an object, but also corrupts data packets being sent back and forth

RFID Washer — finds RFID tags and “electronically washes” it

RFID Blocking System — is originally developed to protect user privacy. For example, RSA Blocker Tag is a specially designed RFID tag build into shopping bags that launches a denial-of-service attack to prevent RFID readers from reading any tags that might be attached to items in the bag

Tag Hacking Systems — use different methods to defeat RFID based systems

Example 1: RFDUMP has been demonstrated to change the book price, and even upload a hotel room key card data to the price chip on a box of cream cheese from the Future Store in Germany

Example 2: The Johns Hopkins lab has successfully performed a “brute-force” attack on TI’s RFID cipher in only 30 minutes


Attack Points

Denial of service

Transmission attack

Reverse engineeringPower attack

Deliver virus to compromise middleware and backend systems


Type of Attacks on RFID Tags

Internal Attacks• Direct physical attacks

• Reverse engineering

• Physical modification

• Direct data observation

Information Leakage•Power analysis

•Electromagnetic analysis

Device Malfunction• Operational range and

sensor range

Fault Injection • Voltage manipulation

• Optical fault injection

Software Attacks•Viruses

•Trojan horses

Eavesdropping•Wireless transmission

•Monitoring of reader

Device Destruction•Physical destruction

•EM destruction


RFID Threat Categories

System security is compromised

Make the tags not detectable by reader

Denial of Service

DoSUnauthorised killing of tagJamming/shielding

Gather Mimic

SkimmingEavesdroppingData tampering

EavesdroppingSpoofingCloningMalicious code

? ? ? ?

Tag Reader

Reference [2]


RFID Physical Elements

Logic

Bonding Pads RF Front End Memory

Reference [3]


Reverse Engineering

• Reverse engineering is the process of taking something apart to discover how it works

• Reverse engineering an integrated circuit can be rated as three different levels:

– Level I: A knowledgeable individual with low cost and easily available tools to analyze end user products such as phone cards, debit cards and set top boxes

– Level II: A highly knowledgeable individual (often with inside knowledge) with access to expensive lab equipment

– Level III: A government backed lab with unlimited resources


An Example of Reverse Engineering — Circuit Images

Reference [4]


Reverse Engineer Circuit

Reference [4]


Logic Gates

Reference [3]


Countermeasures

• A FIPS standard refers to chip coatings as an anti-reverse engineering method to prevent attacks

• Various tamper proof techniques have been developed to defend against reverse engineering attacks

– For instance, by adding a tamper-release layer to RFID tags, operations personnel can be alerted if a tag has been tampered with


Information Leakage

• All electronic devices ‘leak’ information through side channels such as power consumption or Electromagnetic emissions

• Monitoring these side channels and performing differential analysis can reveal sensitive information

• Power analysis is a form of side-channel attack that is intended to retrieve information by analyzing changes in the power consumption of a device


Power Analysis

Power consumption signal

Hamming weight

W1 = 7

W2 = 5W3 = 4 W4 = 4

…

…

876543210

• It has been proven that the power emission patterns are different when the card received correct and incorrect password bits or cryptographic keys


Fault Injection

• By introducing a fault, most likely a voltage pulse, it is possible to cause the device to malfunction in an undesirable way

• Faults can cause devices to dump memory contents or jump over security features

• Fault injection is a very powerful attack if correct fault parameters are discovered

• The method can be also used to exploit any number of vulnerabilities


Countermeasures

• The common methods used to defeat power analysis attacks are filtering or adding an element of randomness

– Filtering power signals or delaying the computation randomly can increase the difficulty for the attacker to identify the power consumption patterns

• Another method implemented in some smart card designs is adding an element that simply consumes a random amount of power

– Unfortunately, this approach may cause a problem for RFID systems where minimizing power consumption is a priority


Device Destruction

• Physical destruction or disabling of the device

– Cut antennae from chip, disable in microwave

– Passive RFID tags can be destroyed in a high electric field

– RFID-Zapper is an easy-to-build electronic device that can permanently deactivate passive RFID tags


Software Attacks

• Types of software attack include:

– Virus: can steal data and damage RFID system

– Trojan Horse: can allow someone to take control of the RFID system

• Software attack is not very applicable to a basic RFID tag. but focuses more on systems or higher functioning mobile devices


The World's First Virally-Infected RFID Tag Vrije Universiteit Amsterdam

Reference [5]


Eavesdropping

Forward rangeBackward range

Reader

Eavesdropper


Passive Eavesdropping

• Listen to communication between a tag and reader

• Works when the tag is already being powered by a legitimate reader

• Performed by a third party in either the operating range, backward channel eavesdropping range or the forward channel eaves dropping range


Active Eavesdropping (Scanning)

• Power the tag and analyze the response

• This can be performed at an extended read range


Eavesdropping is Simple but Efficient

• Credit Cards

– Reported cases of personal information sent in the clear

• e-Passports

– Some issues surrounding the entropy of the key

• Travel/Ticketing

– Mifare Classic Crypto-1 reverse engineered

• Access Control

– When using simple IDs or minimal crypto


Countermeasures

• Countermeasures against eavesdropping include establishing a secure channel and/or encrypting the communication between tag and reader

• Another approach is to only write the tag with enough information to identify the object

– The identity is used to look up relevant information about the object in a back end database, thus requiring the attacker to have access to both the tag and the database to succeed in the attack


Man-in-the-Middle Attack

Message


Message

Alice Sends Message to Bob

Reference [6]

Alice Bob

Eve


Eve Eavesdropped the Message

Alice Bob

Message

Eve

Eavesdropping


Eve Interrupts the Communication Path and Manipulate the Information

Alice Bob

Message

Eve

EavesdroppingDisturb


Countermeasures

• Several technologies can be implemented to reduce MITM threats

– Encrypting communications

– Sending information through a secure channel

– Providing an authentication protocol


Relay Attack

• Wireless communication

• No link between authenticating object (tag) and service receiver (tag holder)

– Attacker A initiates service

– Attacker A relays queries to tag to attacker B

– Attacker B sends queries to victim’s tag

– Attacker B relays answers back to attacker A

– Attacker A answers queries

Reference [7]

?

!

!

?

?

!


Replay Attack

• Intercept communication between a reader and a tag to capture a valid RFID signal

• At a later time, the recorded signal is re-played into the system when the attacker receives a query from the reader

• Since the data appears valid, it will be accepted by the system


Countermeasures

• The most popular solution is the use of a challenge and response mechanism to prevent replay attacks

• Time-based and counter-based schemes can also be used as countermeasures against replay attacks


Cloning

• Cloning is defined as duplicating the data of one tag to another tag

• Data acquired from a tag, by whatever means, is written to an equivalent tag

• Normally only digital properties (e.g. EPC, transponder ID number, PIN code, secret keys etc.) are considered

• This tag is then used to simulate the identity of the original tag


Countermeasures

• Cloning Resistance is the property of a tag that defines the amount of effort that has to be expended in order to clone the tag. It can consist of a combination of logical obstacles (e.g. breaking of an encrypted message) and physical obstacles (e.g. reading a certain part of the tag memory)

• Tags can be made hard to clone by using read protected memories or factory programmed unique transponder ID numbers


A Prox-card Cloner


Tracking Attack

• Tracking the movement of the people

• Monitoring and profiling people’s belongings

• Used for identification

– Attacker can recognize people based on the RFID tags they are carrying

– Attacker could trace RFID enabled packages


Tracking People via Their Objects

Reference [8]


Countermeasures

• An easy method to disable tracking is to deactivate the RFID tags, which is known as “killing” the tag

• Blocker Tag

– Cover RFID tags with protective mesh or foil

• Clipper Tag

– Allow consumers to tear off the antenna of an RFID tag


Cracking Crypto-enabled RFID

• Reverse engineering: The encryption algorithm can be reverse engineered through flawed authentication attempts by sending RFID devices carefully chosen electronic queries and recording the responses of the devices

• Post-processing: Analyze the response information to get clues as to what is happening inside the microchip, and therefore makes it possible to reconstruct the encryption algorithm

• Key cracking: Once the algorithm is known, the keys can be figured out by brute force attack, i.e. simply trying all possible keys

• Simulation: After obtaining the key (and serial number), it is possible to create a clone tag


Supply Chain vs. Passport RFID

• Supply Chain RFID

– simple

– cheap

– no support for cryptography

– single identifier (kill command-render tag inoperable)

– range read ≥ 1 meter

• Passport RFID

– tamper resistance

– Cryptography

– shorter intended read range


UK ePassport

• The cover of the ePassport looks only slightly different

• This chip will be put on the back of the personal information page

• It will hold the scan of the holder’s facial features embedded in the chip


Is Passport Card Secure?

• The first video created by Chris Paget demonstrates how to use a low-cost mobile device to read and clone RFID tags embedded in United States passport cards and enhanced drivers' licenses

• The second video is a story by David Reid for BBC World showing how to clone Europe's new “secure” e-passport


Trigger Attack

• Trigger attack can be carried out by sensing the presence of RFID device

• It is not about the identity theft, but the possibility of using RFID as trigger of weapons/explosives

Reference [9]


Protest at Texas Wal-MartPhoto by Bill Bryant


Privacy Diamond

Reference [10]


Tracking and Tracing

Reference [8]


Major Threats to Privacy through RFID

• Unauthorized readout of one’s belongings by others

• Tracking people via their objects over time

• Retrieving social networks

• Individual profiling


A Technical Perspective

Tag interpretation

Immediate response

RFID technology

Reference [11]


Tag interpretation

Data accumulation

Delayed response

Database technology

A Technical Perspective (cont.)


Data mining / data sharing

A Technical Perspective (cont.)

Tag interpretation

Data accumulation

Shared databases

Response may be out of context


A Data Protection Perspective

Tag interpretation

Doesn’t necessarily involve personal

data…

… though it may trigger the creation of personal data…

… and there might be other privacy

implications as well.


A Data Protection Perspective (cont.)

Tag interpretation

Data accumulation

Identifier

Personal data


A Data Protection Perspective (cont.)

Tag interpretation

Data accumulation

Data mining / data sharing

Identifier

Personal data


An “Application” Perspective

Tag interpretation


An “Application” Perspective (cont.)

Tag interpretation


An “Application” Perspective (cont.)

Tag interpretation

…card-carrying communist…

…works at animal testing lab…

…expensive watch…

… ‘gold’ credit card…

Profiling based on combination of tags… … combination of tags

may identify the individual…

… and some tags might say the darndest things.


Countermeasures: Faraday Cage

RFID Shield

Reference [12]

Tin Foil Cloth


Threat-Countermeasure Mapping

Reverse Engineering

Power Analysis

Eavesdropping

Man-in-the-Middle

Cloning

Unauthorized Reading

Unauthorized writing/modification

Jamming Transmitters

Spoofing

Reply

Virus

Tracking

Misuse Kill Command

Blocking tag

Bounds Checking & Parameter Binding

Detaching Tag from Tagged Item

Optical Tamper Sensor

Chip Coating

Randomization

Encryption

Authentication

Recognizing Duplicates

Install Field Detectors

Use Read-only Tags

Frequency Division/Hopping

Shift Data to the Backend

Challenge and Response

Kill Function

Alarm Function for Active Tags

Mechanical Connection

Can be detected, but no countermeasure method


Authentication/Authorization Using Secrets

Who are you?

ID=#5187230

Prove it by encrypting rGenerate randomnumber r

Computex=EK(r) x

Checkx=EK(r)

Reference [4]


Encryption

• E is an encryption function: algorithm for scrambling bits in a way that depends on K

• K is a secret key shared between card and reader (backend database)

x = EK(r)


Encryption as A Solution

• If all of the keys are different, how are they managed?

Reference [13]


Encryption as A Solution (cont.)

• If all of the keys are the same, how is it protected?

Reference [13]


NIST Guidelines on RFID Security

• NIST SP800-98: Guidelines for Securing Radio Frequency Identification Systems

• Goals and Objectives:

– Assist organizations in understanding RFID security risks and what security controls can help mitigate those risks

– Provide real world guidance on how to initiate, design, implement, and operate RFID systems that mitigate risks

– Provide security controls that are currently available on today’s market

– The document does not address the advanced authentication and cryptographic features that are incorporated in many smart card RFID systems

Reference [14]


RFID Guardian

• A mobile battery-powered device that offers personal RFID security and privacy management

• The goals of the project are to:

– Investigate the security and privacy threats faced by RFID systems

– Design and implement real solutions against these threats

– Investigate the associated technological and legal issues


Building Security into RFID

Consumer Device Reader RFID

Hash Function

Shared secretLast date stamp

Response: Hash (RK + SS + DT)

Date stamp as nonce : DTOne-time-pad shield: RK + Hash (DT + SS)Validation: Hash (RK + SS)

Reference [9]


Building Security into RFID (cont.)

• Each RFID holds multiple digital keys (typically 3-5)

• RFID have multiple modes determining response type to a request

• Consumer control new OWNER key (used for Privacy Mode)

• Manufacturer keep Authenticity Key for verifying originality etc.

• Using group keys to narrow in on context – dynamically customised

• Each key can be verified transparently without leaking identifiers


Advantages

• Full virtualisation of both verifier and RFID

– RFID can operate without leaking information

• Consumer get control at purchase

• Strong anti-counterfeit even post-purchase

• Can maintain business confidentiality

• Solving “RFID as trigger” problem


Evaluating Security Risks

• To assess the risk of security threats, the Open Web Application Security Project (OWASP) identifies other factors to security threat levels that include:

– Damage Potential

– Reproducibility

– Exploitability

– Affected users and

– Discoverability (DREAD)

• Although the DREAD model is targeted towards software security threats, it can be applicable for RFID security.

Reference [2]


The DREAD Model

For instance, the definition of RFID DREAD model is:

• Damage Potential: How much damage will be caused if a threat occurs?

• Reproducibility: How easy is it to reproduce the threat exploit?

• Exploitability: What is needed to exploit this threat?

• Affected Users: How many users will be adversely affected?

• Discoverability: How easy is it to discover this threat?


Risk Evaluation Algorithm

• The risk evaluation algorithm of DREAD model is defined as:

RiskDREAD = (D + R + E + A + D) / 5

and is used to compute a risk value, which is an average of all five categories


A Few Concluding Points

• RFID is a technology, not a specific device

• Security and privacy are subtle and application dependent

• Security challenge often a function not of on-board security features

• Security and privacy are important issues in RFID applications

– 2002-2004:

About 35 papers

Mostly on privacy

– 2005-2009:

About 350 papers

Ad-hoc privacy, Tag-Reader communication, Lightweight authentication protocol, etc.


References

[1] Mark Norton, “RFID Security Issues”, Wireless/RFID Conference, Feb. 27-March 1, 2006.

[2] Jin Soon Tan, Tieyan Li, “RFID Security”, The Synthesis Journal 2008, Pages. 33-48, published by Information Technology Standards Committee (ITSC), Singapore. Nov. 2008.

[3] G. MacGillivray and C. Sheehan, “RFID security”, Semiconductor Insights, RFID Security Issues Briefing to CANOSCOM, July 27, 2006.

[4] David Evans, “What Every Computer Scientist Should Know About Security”, University of Virginia. 2008.

[5] M.R. Rieback, B. Crispo, and A.S. Tanenbaum, “Is Your Cat Infected with a Computer Virus?,” Proc. 4th Ann. IEEE Int’l Conf. Pervasive Computing and Comm., IEEE CS Press, 2006, pp. 169–179.


References (cont.)

[6] Ernst Haselsteiner and Klemens Breitfuss, “Security in Near Field Communication: Strengths and Weaknesses”, RFIDSec 06, July 13, 2006.

[7] Peter van Rossum, “Mifare Classic Troubles”, Invited Talks at the RFIDSec09, June 30 - July 2, 2009, Leuven.

[8] Sarah Spiekermann, “A Privacy Impact Assement for RFID - A Proposal”, RFIDSec09, June 30 - July 2, 2009, Leuven.

[9] K. Mahaffey, “RFID Passport Shield Failure Demo – Flexilis”, http://www.youtube.com/watch?v=-XXaqraF7pI.

[10] Stephan J. Engberg, “The Changing Security Paradigm from Central Command & Control to Distributed Dependability & Empowerment”, at EU From RFID to the Internet of Things, Mar 6, 2006.


References (cont.)

[11] “RFID and Privacy”, Lorentz Center, 26-28 March 2008.

[12] David Evans, “Feasible Privacy for Lightweight RFID Systems”, SPAR Seminar, Johns Hopkins University, 17 October 2007

[13] Simson Garfinkel, “RFID Security and Privacy”, October 5, 2005, http://www.oecd.org/dataoecd/18/53/35473108.pdf.

[14] Ajit Jillavenkatesa, “NIST, RFID Standards and Interoperability”, GRIFS Forum Meeting, June 30, 2009.

Thank you very much for your attention.

Mike Meranda, President of EPCglobal US: “You learn by doing, even though the technology is not perfect.”


Common RFID Attacks - Summary

• No clock, weak randomness

– replay attacks

• Low computational capacity

– cryptanalytic attacks

• Attacker controls tag

– side-channel attacks

• Wireless

– relay attacks

• Used for identification

– tracing attacks

Documents

Defence Research and Development Canada Recherche et développement pour la défense Canada Canada RFID Security and Privacy Issues and Countermeasures