Академический Документы
Профессиональный Документы
Культура Документы
Auto-ID Center
International industry-sponsored research center MIT, Cambridge University, and University of Adelaide Design, develop, and deploy large-scale field trials including RFID projects
Overview
Radio Frequency Identification (RFID) EPC System Security Benefits and Threats Future
RFID Reader
Transceiver Can read and write data to Tag
Transponder
Consist of microchip that stores data and antenna Active transponders have on-tag battery Passive transponders obtain all power from the interrogation signal of reader Active and passive only communicate when interrogate by transceiver
Transceiver
Consist of a RF module, a control unit, and a coupling element to interrogate tags via RF communication Also have secondary interface to communicate with backend systems Reads tags located in hostile environment and are obscured from view
RFID
Basic components of RFID system combine in the same manner All objects are physically tagged with transponders Type of tag used varies from application to application Passive tags are most promising
RFID
Transceivers are strategically placed for given application Access Control has readers near entrance Sporting events have readers at the start and finish lines
Inductive Coupling
Uses magnetic field to induce current in coupling element Current charges the on-tag capacitor that provides operating voltage This works only in the near-field of signal up to c/(2f) meters
Inductive Coupling
Operating voltage at distance d is proportional to flux density at d Magnetic field decreases in power proportional to 1/d3 in near field Flux density is max when R d2, where R is radius of readers antenna coil
Transponder Communication
RFID systems generally use the Industrial-Scientific-Medical bands In near field, communication is achieved via load modulation In far field, backscatter is used. Backscatter is achieved by modulating the radar-cross section of tag antenna
US regulations for 915 MHz limit transaction time to 400 ms Limit of state information
Coding
Level Codes
Non-Return-to-Zero Return-to-Zero
Transition Codes
Manchester Miller
Coding Considerations
Code must maintain power to tag as much as possible Code must not consume too much bandwidth Code must permit the detection of collisions
Modulation
RF communications typically modulate high frequency carrier signal to transmit baseband code Three classes of digital modulation are ASK, FSK, and PSK. ASK most common in 13.56 MHz load modulation PSK most common in 915 MHz backscatter modulation
Tag Anti-Collision
Limited power consumption State information may be unreliable Collisions may be difficult to detect due to varying signal strengths Cannot be assumed to hear one another
Algorithm Classification
Probabilistic
Tags respond in randomly generate times Slotted Aloha scheme
Deterministic
Reader sorts through tags based on tag-ID Binary tree-walking scheme
Regulations Effect
US regulations on 13.56 MHz bandwidth offer significantly less bandwidth, so Aloha is more common 915 MHz bandwidth allows higher bandwidth, so deterministic algorithms are generally used
The EPC
Electronic Product Code ID scheme designed to enable unique id of all physical objects Only data stored on tag, since information about object is stored on network EPC acts like a pointer
The ONS
Object Name Service Directory service that maps EPS to IP Based entirely on DNS At the IP address, data is stored in XML and can be accessed via HTTP and SOAP
The ONS
Reduces power and memory requirements on tag Transfer data communication to backend network, saving wireless bandwidth Makes system more robust Reduces size of microchip on tag
Savant
System based on hierarchical control and data management Provides automated control functionality Manages large volumes of data Acts as a gateway for the reader network to the next higher level
Savant
Transfers computationally intensive functionality from tag to powered system Any single point of failure has only local effect Enables entire system to be scalable since reader sub-systems are added seamlessly
RFID Transponder
Most numerous parts of system Most cost-sensitive part Protocols designed for 13.56 MHz and 915 MHz frequencies Implement a password-protected Self Destruct command
Previous Work
Contact-less and constrained computational resource similar to smart cards Analysis of smart card security concerns similar to RFID RFID especially susceptible to fault induction and power analysis attacks
Security Goals
Tags cannot compromise privacy of holders Information should not be leaked to unauthorized readers Should not be possible to build longterm tracking associations Holders should be able to detect and disable tags they carry
Security Goals
Publicly available tag output should be randomized Private tag contents should be protected by access control and encryption Spoofing tags or readers should be difficult
Possible solutions
Erase unique serial numbers at point of sale tracking still possible by associating constellations of tags Public key cryptography too expensive Shared key if one tag is compromised, entire batch is effected
Future Research
Development of low cost crypto primitives hash functions, random number generators, etc. Low cost hardware implementation w/o computational loss Adaptation of symmetric encryption and public key algorithms from active tags into passive tags
Future Research
Developing protocols that make tags resilient to power interruption and fault induction. Power loss graceful recovery of tags Research on smart cards and other embedded systems