Privacy in Library RFID Attacks and Proposals - PowerPoint PPT Presentation

1 / 19
About This Presentation
Title:

Privacy in Library RFID Attacks and Proposals

Description:

... Paul Simon (Checkpoint),Doug Karp(Checkpoint), Rebekah E. Anderson (3M), Jackie ... Miles (Boalt),John Han (SIMS), Ross Stapleton-Gray, Eric Ipsen, Oleg Boyarsky ... – PowerPoint PPT presentation

Number of Views:27
Avg rating:3.0/5.0
Slides: 20
Provided by: david2938
Category:

less

Transcript and Presenter's Notes

Title: Privacy in Library RFID Attacks and Proposals


1
Privacy in Library RFIDAttacks and Proposals
  • David Molnar
  • David Wagner
  • dmolnar, daw_at_eecs.berkeley.edu

2
Privacy in Libraries
  • Must protect what patrons are reading
  • Library only source of info for many
  • FBI Library Awareness Program
  • 1973-1988, official policy to monitor
    suspicious persons reading habits
  • Library privacy laws passed as backlash
  • Even with PATRIOT act, need court order
  • Privacy adversaries not limited to FBI
  • Marketers, Scientologists, pick your favorite

3
RFID Library Overview
  • RFID Radio Frequency IDentification
  • One RFID tag per book
  • Each RFID tag has bar code ID number
  • Unique to each book, may identify library
  • Exit gates read RFID for anti-theft
  • 13.56MHz passive RFID
  • ISO 15693, Checkpoint, TAGSYS C220
  • Read range depends on antenna size
  • Deployed in Oakland, Santa Clara, 130

4
(No Transcript)
5
Pictures courtesy Santa Clara City Library
6
Privacy and Ubiquitous Readers
  • Read range not whole privacy story
  • Even full in-view readers can be problem
  • Scan at airport security, events, etc.
  • Like metal detectors now
  • Not clear what read or how used
  • Readers easy to camouflage
  • RFID reader looks like store anti-theft gate

7
(No Transcript)
8
Library RFID Architecture
Library database
Bar code
  • No authentication between reader and tag
  • Database maps bar code ? (title, status)

9
Attack Book Scanning
  • Can scan me and tell what I am reading?
  • No reader tag authentication
  • Anyone can read tag data
  • Most deployments data limited to bar code
  • Some vendors suggest more
  • Need library database
  • In CA, database protected by law
  • Varies by state

10
Attack Hotlisting and Profiling
  • Hotlisting ? is book on special list?
  • Hotlisting is real FBI and almanacs
  • Profiling bar code prefix identifies library
  • Is library in predominantly minority area?
  • Bar code never changes so hotlisting easy
  • Walk into library, read bar code
  • See the book again, recognize book
  • Does not need library database

11
Attack Book Tracking
  • Bar code never changes
  • Can link different sightings
  • Track book movement
  • Spatial movement
  • Combine w/video for person-to-person
  • This person checked out same book as terrorist
  • Does not need library database

12
Security Bit Denial of Service
  • RFID used for anti-theft
  • Some vendors store security bit on tag
  • Security bit checked out/not checked out
  • Bit re-written each checkout
  • ISO 15693 tags have write, then lock
  • No way to unlock data, no password on lock
  • Adversary can lock security bit data page
  • Cant change security bit ? tag useless

13
Collision Avoidance and Privacy
  • Collision avoidance protocols identify tag
  • Example ISO 15693 mandates MFR ID
  • Read passwords,changing ID,etc. dont help
  • Privacy requires attention to all layers

Mask
Does mask match MFR ID? Respond if yes
14
RFID Limitations
  • RFID powered only when near reader
  • No precomputation, no caching
  • RFID have few gates (lt 5,000 for security)
  • Randomness difficult on RFID
  • Cryptography extremely hard on RFID
  • Best we can do is a few XOR
  • Future generation tags focus on price, not on
    security features

15
Problem Private Authentication
  • Reader does not know tag ID
  • Authentication must preserve privacy
  • Privacy and authentication in tension

16
Solving Private Authentication
  • We have an efficient solution
  • Example parameters
  • 106 tags
  • Tag stores 192 bits
  • Tag sends 168 bits total
  • Only 4 XOR operations for tag
  • 4096 XORs for reader
  • Adversary needs 260 work to break
  • All parameters can be traded off

17
Summary
  • Library RFID is here now
  • All todays technology has privacy flaws
  • Privacy is achievable efficiently
  • Work still ongoing

18
Acknowledgements
  • Many, many people to thank!
  • In no particular order
  • Peter Warfield, Karen Duffy (Santa Clara City
    Library), Karen Saunders (Santa Clara City
    Library), Susan Hildreth (San Francisco Public
    Library), Al Skinner (Checkpoint), Paul Simon
    (Checkpoint),Doug Karp(Checkpoint), Rebekah E.
    Anderson (3M), Jackie Griffin(Berkeley Public
    Library), Elena Engel (BPL), Alicia
    Abramson(BPL)Lee Tien (Electronic Frontier
    Foundation), Dan Moniz (EFF), Laura Quliter
    (Boalt Hall School of Law, UC-Berkeley), Jennifer
    Urban(Boalt), Nathaniel Good (SIMS), Samuelson
    Technology and PolicyLaw Clinic at Boalt Hall
    School of Law, Elizabeth Miles (Boalt),John Han
    (SIMS), Ross Stapleton-Gray, Eric Ipsen, Oleg
    Boyarsky(Library Automation/FlashScan), Laura
    Smart (Library RFIDWeblog/Cal State Pomona),
    Craig K. Harmon (ISO 18000 committee),Justin Chen
    (SVCWireless RFID SIG), Steve Halliday(ISO 18000
    committee), Zulfikar Ramzan (NTT DoCoMo), Craig
    Gentry (NTTDoCoMo), Hoeteck Wee, Matt Piotrowski,
    Jayanth Kumar Kannan, Kris Hildrum, David
    Schultz, and Rupert Scammell(RSA Security).

19
Questions?
Write a Comment
User Comments (0)
About PowerShow.com