Академический Документы
Профессиональный Документы
Культура Документы
And
Privacy risk
• Introduction of RFID
• Classification of RFID tag
• How does RFID works?
• Application of RFID
• Security of RFID system
• Overview of security and privacy threats
• Types of attacks, their introduction and countermeasures
• problem to be solved
• Conclusion
• References
INTRODUCTION OF RFID
• Active tags - Active tags require a power source. In the latter case, a
tag’s lifetime is limited by the stored energy. One example of an active
tag is the transponder attached to an aircraft that identifies its
national origin.
• Passive tags - Passive RFID is of interest because the tags don’t
require batteries or maintenance. The tags also have an indefinite
operational life and are small enough to fit into a practical adhesive
label.
Active RFID Passive RFID
Tag Power source Internal to tag Energy transfer from the reader
via RF
Tag battery YES NO
RFID based systems are subject to generic attacks that threaten system
security and user privacy.
Some of them are as followed:
• Eavesdropping
• People tracking
• Spoofing attack
• Tag content changes
• Relay attack
• Password decoding
• Reply attack
• Tag cloning
1. Eavesdropping
• As transmit power of the reader are much larger than the label, so
listening to the reader is much easier than the label .
• Hackers secretly monitor data via air inter face i.e. the communication
channel between the reader and tag.
• Eavesdropping is passive, that means attacker does not emit any
signal so it is highly difficult to detect.
Countermeasures to prevent eavesdropping
attack
Encrypt the data
limit the distance between the tag and reader by using the standard
with the smallest communication range sufficient for a given
application.
2. Spoofing Attack
• In tag cloning, attacker can reverse engineering to duplicate RFID tag have the
same functionality.
• The RFID tag used for identifying has a unique ID number, if the ID information
disclosure, the label can easily be copied.
• Attackers can use duplicates to access a restricted area, abuse private
data, or make an electronic transaction on the victim’s behalf.
Countermeasure –
Tag authentication prevent cloning.
Use of challenge-response protocol.
Developers can also reduce risk by moving sensitive information to a protected database in the
system’s back end.
6. People Tracking
• Security threats to RFID systems directly affect and constrain the rapid
development of RFID technology.
• This comprehensive and systematic analysis of security threats for
RFID systems and forms of attack, gave the appropriate security
solutions.
REFERENCES
[1] Hong Li, YongHui Chen and ZhangQing He “The Survey of RFID
Attacks and Defenses”, IEEE 2012
[2] Pawel Rotter, “A Framework for Assessing RFID System Security and
Privacy Risks”, PERVASIVE computing, IEEE CS journal April-June 2008
[3]www.googleimages.com