RFID Systems and Security and Privacy Implications

Auto-ID Center Massachusetts Institute of Technology www.autoidcenter.org

Sanjay E. Sarma Stephen A. Weis Daniel W. Engels

Auto-ID Center
International industry-sponsored research center MIT, Cambridge University, and University of Adelaide Design, develop, and deploy large-scale field trials including RFID projects

Overview
Radio Frequency Identification (RFID) EPC System Security Benefits and Threats Future

Uses of Automatic-ID Systems

Access control and security Tracking of products in Supply Chain Id of products at Point of Sale Most widely used is the Bar Code System

Potential Application of RFID

Consider supply chain and EAN-UCC bar codes 5 billion bar codes scanned daily Each scanned once only at checkout Use RFID to combine supply chain management applications

Benefits of Supply Chain Management

Automated real-time inventory monitoring Automated Quality Control Automated Check-out Picture your refrigerator telling you that youre out of milk!

Why not yet implemented

Cost too high. Needs to be <$0.10 Lack of standards and protocols Security concerns similar in smart cards and wireless Privacy issues Big Brother

RFID System Components

RFID Tag
Transponder Located on the object

RFID Reader
Transceiver Can read and write data to Tag

Data Processing Subsystem

Transponder
Consist of microchip that stores data and antenna Active transponders have on-tag battery Passive transponders obtain all power from the interrogation signal of reader Active and passive only communicate when interrogate by transceiver

Transceiver
Consist of a RF module, a control unit, and a coupling element to interrogate tags via RF communication Also have secondary interface to communicate with backend systems Reads tags located in hostile environment and are obscured from view

Data Processing Subsystem

Backend System Connected via high-speed network Computers for business logic Database storage

Also as simple as a reader attached to a cash register

RFID
Basic components of RFID system combine in the same manner All objects are physically tagged with transponders Type of tag used varies from application to application Passive tags are most promising

RFID
Transceivers are strategically placed for given application Access Control has readers near entrance Sporting events have readers at the start and finish lines

Transceiver-Transponder Coupling and Communication

Passive tags obtain power from energy in EM field generated by reader Limited resource require it to both get energy and communicate within narrow frequency band regulatory agencies

Inductive Coupling
Uses magnetic field to induce current in coupling element Current charges the on-tag capacitor that provides operating voltage This works only in the near-field of signal up to c/(2f) meters

Inductive Coupling
Operating voltage at distance d is proportional to flux density at d Magnetic field decreases in power proportional to 1/d3 in near field Flux density is max when R d2, where R is radius of readers antenna coil

Far Field energy harvesting

Uses readers far field signal to power tag Far field begins where near field ends Signal incident upon the tag induces voltage at input terminals of the tag, which is detected by RF front-end circuitry and is used to charge capacitor

Passive tag power

Reader uses same signal to communicate with and power tag Any modulation of signal causes power reduction Modulating information spreads the signal referred to as side band. Side band and max power is regulated

Transponder Communication
RFID systems generally use the Industrial-Scientific-Medical bands In near field, communication is achieved via load modulation In far field, backscatter is used. Backscatter is achieved by modulating the radar-cross section of tag antenna

Limitations of Passive Tag communication

Very little power available to digital portion of the IC, limited functionality Length of transactions is limited
Length of power on Duration within communication range

US regulations for 915 MHz limit transaction time to 400 ms Limit of state information

Data Coding and Modulation

Determines bandwidth, integrity, and tag power consumption Limited by the power modulation / demodulation capabilities of the tag Readers are generally low bandwidth, due to government regulations Passive tags can use high bandwidth

Coding
Level Codes
Non-Return-to-Zero Return-to-Zero

Transition Codes
Manchester Miller

Coding Considerations
Code must maintain power to tag as much as possible Code must not consume too much bandwidth Code must permit the detection of collisions

Coding for Readers and Tags

Reader to Tag uses PPM or PWM (lower bandwidth) Tag to Reader uses Manchester or NRZ (higher bandwidth)

Modulation
RF communications typically modulate high frequency carrier signal to transmit baseband code Three classes of digital modulation are ASK, FSK, and PSK. ASK most common in 13.56 MHz load modulation PSK most common in 915 MHz backscatter modulation

Tag Anti-Collision
Limited power consumption State information may be unreliable Collisions may be difficult to detect due to varying signal strengths Cannot be assumed to hear one another

Algorithm Classification
Probabilistic
Tags respond in randomly generate times Slotted Aloha scheme

Deterministic
Reader sorts through tags based on tag-ID Binary tree-walking scheme

Algorithm Performance Trade-offs

Speed at which tags can be read Outgoing bandwidth of reader signal Bandwidth of return signal Amount of state that can be reliable stored on tag Tolerance of the algorithm to noise

Algorithm Performance Trade-offs

Cost of tag Cost of reader Ability to tolerate tags with enter and leave during interrogation period Desire to count tags exactly as opposed to sampling Range at which tags can be read

Regulations Effect
US regulations on 13.56 MHz bandwidth offer significantly less bandwidth, so Aloha is more common 915 MHz bandwidth allows higher bandwidth, so deterministic algorithms are generally used

13.56 MHz Advantages

Frequency band available worldwide as an ISM frequency Up to 1 meter reading distance in proximity / vicinity read Robust reader-to-tag communication Excellent immunity to environmental noise and electrical interference

13.56 MHz Benefits

Well-defined transponder interrogation zones Minimal shielding effects from adjacent objects and the human body Damping effects of water relatively small, field penetrates dense materials

915 MHz Benefits

Long range (from a few to several meters, depending on regulatory jurisdiction) High data rates Fast anti-collision and tags per second read rate capabilities

The EPC System

System that enables all objects to be connected to the Internet by adding an RFID tag to the object EPC ONS SAVANT Transponders

The EPC
Electronic Product Code ID scheme designed to enable unique id of all physical objects Only data stored on tag, since information about object is stored on network EPC acts like a pointer

The ONS
Object Name Service Directory service that maps EPS to IP Based entirely on DNS At the IP address, data is stored in XML and can be accessed via HTTP and SOAP

The ONS
Reduces power and memory requirements on tag Transfer data communication to backend network, saving wireless bandwidth Makes system more robust Reduces size of microchip on tag

Savant
System based on hierarchical control and data management Provides automated control functionality Manages large volumes of data Acts as a gateway for the reader network to the next higher level

Savant
Transfers computationally intensive functionality from tag to powered system Any single point of failure has only local effect Enables entire system to be scalable since reader sub-systems are added seamlessly

RFID Transponder
Most numerous parts of system Most cost-sensitive part Protocols designed for 13.56 MHz and 915 MHz frequencies Implement a password-protected Self Destruct command

RFID Security Benefits and Threats

Airline passenger and baggage tracking made practical and less intrusive Authentication systems already in use (key-less car entry) Non-contact and non-line-of-sight Promiscuity of tags

Previous Work
Contact-less and constrained computational resource similar to smart cards Analysis of smart card security concerns similar to RFID RFID especially susceptible to fault induction and power analysis attacks

Security Goals
Tags cannot compromise privacy of holders Information should not be leaked to unauthorized readers Should not be possible to build longterm tracking associations Holders should be able to detect and disable tags they carry

Security Goals
Publicly available tag output should be randomized Private tag contents should be protected by access control and encryption Spoofing tags or readers should be difficult

Low-cost RFID Issues

Inexpensive read-only tags are promiscuous and allow automated monitoring privacy concern Neither tags nor readers are authenticated security concern Full implementation of privacy and security is costly cost concern

Possible solutions
Erase unique serial numbers at point of sale tracking still possible by associating constellations of tags Public key cryptography too expensive Shared key if one tag is compromised, entire batch is effected

Approach to RFID Protection

Use one-way hash function on tag meta-ID When reader knows meta-ID, tag is unlocked and readable After reader is finished, tag is locked Tag has self-destruct mechanism to use if under attack

Future Research
Development of low cost crypto primitives hash functions, random number generators, etc. Low cost hardware implementation w/o computational loss Adaptation of symmetric encryption and public key algorithms from active tags into passive tags

Future Research
Developing protocols that make tags resilient to power interruption and fault induction. Power loss graceful recovery of tags Research on smart cards and other embedded systems