11222005

1
Privacy and Security in Library RFID Issues,
Practices, and Architectures

• Presented by
• Bin Ni
• Matthew Baker
• University of South Carolina

2
News

• Wal-mart asks the top 100 suppliers to provide
  RFID tag by the 01/01/2005
• DHL starts developing a global IT infrastructure
  to let it use RFID tags to track more than a
  billion packages a year by 2015.
• State-Department decides to imbed radio frequency
  into passport.

3
Heres Mr. Jones in 2020
4
Outline

• Introduction of RFID
• Library RFID issue
• Several serious vulnerabilities
• New architectures without compromising privacy
• Conclusion

5
RFID (1/3)

• What is Automatic Identification
• - a host of technologies that help machines
  identify objects
• - coupled with automatic data capture
• - increase efficiency, reduce data entry
  errors, and free up staff
• What is RFID
• - Radio Frequency Identification
• - technologies using radio wave to
  automatically identify objects
• How does an RFID system work
• - a tag made up of a microchip with an
  antenna
• - reader sends waves

6
(No Transcript)
7
RFID (2/3)

• History of RFID
• - in the war time used with radar in War
  II
• - recent days warehouse ,library , tracking
  pets and so on
• The type of tags
• - active tags have a battery to run the
  circuitry and broadcast
• - passive tags have no power ,draw power
  from the reader
• Collision
• - reader collision signal from one reader can
  interfere other
• - tag collision more than one chip reflects
  back a signal

8
RFID (3/3)

• RFID Benefits Vs. Barcode
• - No line-of-sight requirement
• - The tag can stand a harsh environment.
• - Long read range
• Some restrictions
• - Tag is powered only when within range of a
  reader
• - RFID has few gates, many of these are taken up
  by logic required for basic operation, no
  physical security
• Even a half cent of tag difference matters

9

• Summary of current RFID types

10
Why RFID

• Read/Write
• - Ability to add information directly to tags
  enables each unique asset to carry its own unique
  history
• Non-contact Reads
• - Ability to read tags at a distance, under a
  variety of environmental conditions, without
  physical manipulation of the asset
• Fast Read
• - Ability to simultaneously read large
  numbers (1000-1750 tags/sec) of items
• Automation
• - Requires less human intervention
• Authenticity
• - Each RFID chip is unique and can not be
  replicated

11
Library RFID issue

• Library RFID applications may be the first major
  deployment of item-level tagging.
• - University of Nevada, Las Vegas Library
  and so on
• - In Taiwan ,first library without staff
• A plan to install radio frequency identification
  tags in items at the San Francisco Public Library
  (SFPL) has been rejected.

12
Library RFID issue

• RFID tags used in libraries operate on the 13.56
  MHz
• Companies
• - Checkpoint and TAGSYS make proprietary tags
• - integrator 3M, TechLogic, VTLS
• standards for RFID
• - ISO 15693
• - ISO 18000-3 Mode 1 Mode 2
• - EPCglobal supply chain not for libary

13
Current Library RFID Arch.

• Libraries make use of a bibliographic database to
  track circulation information about items in a
  collection
• Extra information on the tag, such as shelf
  location, last checked out date, author, and
  title
• Check-in and check-out

14
Current Library RFID Arch.

• RFID tag also acts as a security device.
• Exit sensors are placed at the exit of a library,
  just as the magnetic strip anti-theft devices.
• Security check is achieved in two ways
• - Store the status on the tag
• - Reader query the database for status, which
  introduces latency

15
Attacks

• Static tag data and no access control
• - identifier will never changes throughout
  the lifetime
• Collision-avoidance IDs
• - Many tags use a globally unique and static
  collision ID
• Write locks, race conditions and security bit
  denial of service
• - Some methods must be used to prevent
  adversaries form writing to the tag
• Tag password management

16

• Summary of attacks

17
Static tag data and no access control

• The adversary may determine which library owns
  the book and infer the origin of the person
  carrying the book
• Any static identifier can be used both to track
  and hotlist books
• Tags can be read without access control at two
  library deployment of RFID.

18
Collision-avoidance IDs

• ISO 18000-3 MODE 1 tags
• - a globally unique,64-bit MFR Tag ID
• - operate in two modes slotted or non-slotted
• ISO 18000-3 MODE 2 tags
• - a 32-bit LFST is used
• - a weak PRNG is used ,tags can be identified
• EPC 915 MHz tags
• - three different modes ,controlled by the
  reader
• - no authentication, reader can simply ask the
  tag to use EPC ID

19
Write locks, race conditions and security bit
denial of service

• In deployment with rewritable tags, writing to
  the tag must be prevented.
• - erasing tag data
• - switching two books RFID data
• - changing the security status of tags
• Several current specifications have write
  protection architectures that are problematic in
  the library application.

20
Write locks, race conditions and security bit
denial of service

• EPC 13.56 MHz, ISO 18000-3 MODE 1,
• - write and a lock command, but no
  unlock command
• - Write command is not protect by password
• - Consistent with the supply chain, no need
  to rewrite
• Once locked, memory cant be unlocked
• - security bit needs to be unlocked when check
  in and check out
• - adversary can change the security bit and lock
  the memory
• - irrevocable locking security bit denial of
  service

21
Write locks, race conditions and security bit
denial of service

• There exists unlocked memory on the tag
• - an adversary can write its own globally
  unique identifier and track tags based on this ID
• - RE-DUMP software makes this a one-click
  operation
• In real library deployment with ISO 15693
• - None of the tag data blocks were locked
• - Tag blocks could be locked irrevocably on
  these tags, enabling security bit denial of
  service

22
Tag password management

• Do not seem to use read passwords, but write
  passwords are employed
• If a single password is used, a compromise of any
  tag compromises the entire system
• If different passwords per tag are used, then the
  reader must determine which password should be
  used for which tag.

23
Private RFID Architectures

• Tags can be uniquely identified by their
  collision avoidance behavior
• Impossible to build privacy-preserving protocol
  with current tag architecture
• Solution Tags with Private RFID Architectures

24
Random Transaction IDs

• On checkout reader picks random number r
• Reader pairs random number with tag ID D, stores
  internally and writes r to tag
• On check-in reader reads r, writes D back to tag
• Keeps tag ID secret

25
Persistent State

• s - Secret password, cmd - Command to execute, r
  - Random nonce

26
Private Authentication

• Motivation / Previous Work
• PRF Authentication Scheme
• Tree-Based Private Authentication
• Two-phase Tree Scheme

27
Motivation and Previous Work

• How to share secret auth. key without revealing
  identities to adversary?
• Issue in RFIDs because of need for collision
  avoidance
• Private unable to distinguish tags with
  different secret keys
• Secure tag or reader only accept if sender knows
  secret key

28
Motivation / Previous Work (cont.)

• Weis et al. suggest randomized hash lock protocol
• Tags given secret key and unique ID
• Reader has DB storing these values
• Tag sends message (r,fs(r) XOR ID)
• Reader finds unique pair, authenticates by
  sending back tags ID

29
Basic PRF Private Auth. Scheme
30
Tree-based Authentication

• Tags as leaves in balanced tree (not necessarily
  binary)
• Tag stores lg n secrets corresponding to path
  from root to tag
• Reader must authenticate to tag on every node in
  path to tags leaf
• If reader fails on any level in path, tag rejects
  communication

31
Two-Phase Tree Scheme

• 1st Phase Run tree scheme using previous design
  with a limited number of levels
• Trade off branching factor of tree and size of
  key parameter to balance security and
  misidentification
• 2nd Phase Once tag is identified in first tree,
  must authenticate using second tree

32
Related Work

• Weis et al. look at security assuming passive
  listener can hear reader to tag channel, but not
  tag to reader
• Also focus on hash lock protocols
• Abadi and Fournet address private authentication
  using public-key cypto.
• O, S, and K propose hash chaining for changing
  RFID identities

33
Related Work (cont)

• Ohkubo et al. suggest tags with periodically
  rewritten random numbers
• Juels suggest one-time authenticators for RFID
  tags on check-in / check-out
• Multiple papers on increasing library RFIDs

34
Conclusion

• Current RFID tags do not prevent unauthorized
  reading of tags
• Static identifiers allow for hotlisting and
  tracking
• Because of collision avoidance, true security
  with RFID tags seems impossible
• Does anyone who matters really care?