new directions in detection security and privacy for rfid l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
New Directions in Detection, Security and Privacy for RFID PowerPoint Presentation
Download Presentation
New Directions in Detection, Security and Privacy for RFID

Loading in 2 Seconds...

play fullscreen
1 / 37

New Directions in Detection, Security and Privacy for RFID - PowerPoint PPT Presentation


  • 144 Views
  • Uploaded on

New Directions in Detection, Security and Privacy for RFID. Leonid Bolotnyy and Gabriel Robins Department of Computer Science, UVa. Thesis.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'New Directions in Detection, Security and Privacy for RFID' - mei


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
new directions in detection security and privacy for rfid

New Directions in Detection, Security and Privacy for RFID

Leonid Bolotnyy and Gabriel Robins

Department of Computer Science, UVa

thesis
Thesis

Multi-tags, “yoking-proofs”, and physical unclonable functions can improve reliability, security, and privacy in radio frequency identification (RFID) systems.

progress
Progress
  • L. Bolotnyy and G. Robins, Multi-Tag Radio Frequency Identification Systems, IEEE Workshop on Automatic Identification Advanced Technologies (AutoID), pp. 83-88, 2005
  • L. Bolotnyy and G. Robins, Randomized Pseudo-Random Function Tree Walking Algorithm for Secure Radio Frequency Identification, IEEE Workshop on Automatic Identification Advanced Technologies (AutoID), pp. 43-48, 2005
  • L. Bolotnyy and G. Robins, Generalized ‘Yoking-Proofs’ for a Group of RFID Tags, IEEE International Conference on Mobile and Ubiquitous Systems (Mobiquitous), 2006
  • L. Bolotnyy and G. Robins, PUF-Based Security and Privacy in RFID Systems, IEEE International Conference on Pervasive Computing (PerCom), 2007
  • Several additional papers in progress
  • NSF Cyber Trust proposal (submitted January 2007)
  • Deutsche Telekom (largest in EU) offered to patent our multi-tags idea
introduction

passive

semi-passive

active

signal

signal

Reader

antenna

Reader

antenna

Inductive coupling

Backscatter coupling

Introduction
  • RFID
  • Tags types:
  • Frequencies: Low (125KHz), High (13.56MHz), UHF (915MHz)
  • Coupling methods:
history

Radar invented - 1935

  • EAS invented - early 1960’s
  • First RFID patent filed - 1973
  • First RFID book published - 1999
  • Auto-ID Center formed - 1999
  • EPCglobal formed - 2004
  • First RFID game marketed - 2006
History
thesis proposal
Thesis Proposal
  • Improve tag detection
  • Improve security and privacy

Auditing algorithms for RFID

“Yoking-Proofs”

Inter-tag communication

Definition of privacy

PUF-based security

Algorithms

PUF design

why multi tag rfid
Why Multi-Tag RFID?
  • Bar-codes vs. RFID
    • line-of-sight
    • scanning rate
  • Unreliability of tag detection
    • radio noise is ubiquitous
    • liquids and metals are opaque to RF
      • milk, water, juice
      • metal-foil wrappers
    • Wal-Mart experiments (2005)
      • 90% tag detection at case level
      • 95% detection on conveyor belts
      • 66% detection of individual items inside fully loaded pallets
    • Our preliminary experiments support data above
the power of an angle

B-field

  • Optimal Tag Placement:

4

β

3

2

1

The Power of an Angle
  • Inductive coupling: voltage ~ sin(β), distance ~ (power)1/6
  • Far-field propagation: voltage ~ sin2(β), distance ~ (power)1/2
benefits and costs of multi tags
Benefits and Costs of Multi-Tags
  • PROS
    • increases expected induced voltage on tag
    • increases operational range of system
    • increases memory per object
    • improves availability
    • improves reliability
    • improves durability
    • provides potential security enhancement
    • new applications
  • CONS
    • increases system cost
    • modestly complicates manufacturing
    • potentially increases tags’ interrogation time
experimental apparatus and experiments with multi tags
Experimental Apparatus and Experiments with Multi-Tags
  • Equipment
  • Experiments
    • Measure detection of ~20 multi-tagged objects
      • With/without metals and liquids
    • Rotate multi-tagged object mixes
      • 1, 2, 3, & 4 tags per object
    • Vary tag, reader, and antenna types
    • Vary distances, geometry, power
    • Multi-tags vs. multiple readers
preliminary experimental results

2 Readers, 2 Tags 86.6%

1 Reader, 2 Tags 82.6%

1 Reader, 1 Tag 57.8%

2 Readers, 1 Tag 63.9%

Δ= 4.0%

Δ=22.7%

Δ=18.7%

Δ= 6.1%

Δ=24.8%

Preliminary Experimental Results

1

0.9

0.8

0.7

0.6

Average Detection Probability

0.5

0.4

0.3

0.2

0.1

0

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

Object Number

security and privacy in rfid

privacy

Security and Privacy in RFID
  • Privacy

A

B

C

Alice was here: A, B, C

security and privacy in rfid14

σ (m)

m

Security and Privacy in RFID
  • Privacy: difficult to track tags
  • Security
    • Secure Identification

f(r, ID)

f(c)

  • Tag Authentication

c

  • Message Authentication
  • Ownership Transfer
  • Auditing
yoking proofs
“Yoking-Proofs”
  • Yoking: joining together / simultaneous presence of multiple tags
  • Key Observation: Passive tags can communicate

with each other through reader

  • Problem Statement: Generate proof that a group of passive tags were identified nearly-simultaneously
  • Applications – verify that:
    • medicine bottle sold together with instructions
    • tools sold together with safety devices
    • matching parts were delivered together
    • several forms of ID were presented
    • a group of people was present at a meeting
assumptions and goals
Assumptions and Goals
  • Assumptions
    • Tags are passive
    • Tags have limited computational abilities
    • Tags can compute a keyed hash function
    • Tags can maintain some state
    • Verifier is trusted and powerful
  • Solution Goals
    • Allow readers to be adversarial
    • Make valid proofs improbable to forge
    • Allow verifier to verify proofs off-line
    • Detect replays of valid proofs
  • Timer on-board a tag
    • FCC regulations: protocol termination < 400ms
    • Capacitor discharge can implement timeout
generalized yoking proof protocol
Generalized “Yoking-Proof” Protocol

Idea: construct a chain of mutually dependent MACs

1

2

3

5

4

Anonymous Yoking: tags keep their identities private

Speedup yoking protocols by splitting chain into arcs

inter tag communication in rfid
Inter-Tag Communication in RFID
  • Idea: heterogeneity in ubiquitous computing
  • “Yoking proofs”
  • Battery-less sensing
  • Tags as mailboxes
  • Tags as proxies
  • Location access control
  • Tags partitioned into groups
    • Group leader in charge of authentication and access control
  • Subordinate reader-tag authentication
puf based security and privacy
PUF-Based Security and Privacy
  • Digital crypto implementations require 1000’s of gates
  • Low-cost alternatives
    • Pseudonyms / one-time pads
    • Low complexity / power hash function designs
    • Hardware-based solutions
  • Definition of privacy that incorporates hardware attacks
  • PUF definition
  • Security is based on:
    • wire delays
    • gate delays
    • quantum mechanical fluctuations
  • PUF characteristics
    • uniqueness
    • reliability
    • unpredictability
puf based algorithms

Identification Sequence: ID, p(ID), …, pk(ID)

  • It is important to have
    • a reliable PUF
    • no loops in PUF chains
    • no identical PUF outputs
    • no impersonation attacks
  • Authentication Pairs: c1, p(c1), c2, p(c2), ..., cn, p(cn)
  • MAC based on PUF
    • Motivation: “yoking-proofs”, signing sensor data
    • large keys
    • cannot support arbitrary messages
  • Verify that at least the desired fraction of challenge-response pairs is correct
  • Large message set
  • Small message set
PUF-Based Algorithms
puf based ownership transfer
PUF-Based Ownership Transfer
  • Ownership Transfer
  • To maintain privacy we need
    • ownership privacy
    • forward privacy
  • Physical security is especially important
  • Solutions
    • public key cryptography
    • knowledge of owners sequence
    • trusted authority
    • short period of privacy
comparison of puf with digital hash functions

algorithm

# of gates

MD4

MD5

SHA-256

AES

Yuksel

PUF

7350

8400

10868

3400

1701

545

Comparison of PUF With Digital Hash Functions
  • Reference PUF: 545 gates for 64-bit input
    • 6 to 8 gates for each input bit
    • 33 gates to measure the delay
  • Low gate count of PUF has a cost
    • probabilistic outputs
    • difficult to characterize analytically
    • non-unique computation
    • extra storage
  • Different attack target for adversaries
    • model building rather than key discovery
  • Physical security
    • hard to break tag and remain undetected
puf design
PUF Design
  • Attacks on PUF
    • impersonation
    • modeling
    • hardware tampering
    • side-channel
  • Weaknesses of existing PUF

reliability

  • New PUF design
    • no oscillating circuit
    • sub-threshold voltage
  • Compare different non-linear delay approaches
conclusion and research plan
Conclusion and Research Plan
  • Contributions
    • Multi-Tags
      • tag objects with multiple tags to improve detection
    • Security and Privacy
      • Yoking proofs
      • Inter-tag communication
      • Hardware-based security
        • PUFs
  • Plan for the next 5 months
    • finish multi-tag experiments
    • define privacy w.r.t. physical attacks
    • design / evaluate improved PUF circuits
    • publish more papers
slide25

Bolotnyy and Robins, Multi-Tag Radio Frequency Identification Systems,IEEE Workshop on Automatic Identification Advanced Technologies (AutoID), pp. 83-88, 2005

  • Bolotnyy and Robins, Randomized Tree Walking Algorithm for Secure RFID, IEEE Workshop on Automatic Identification Advanced Technologies (AutoID), pp. 43-48, 2005
  • Bolotnyy and Robins, Generalized ‘Yoking-Proofs’ for a Group of RFID Tags, IEEE International Conference on Mobile and Ubiquitous Systems (Mobiquitous), 2006
  • Bolotnyy and Robins, PUF-Based Security and Privacy in RFID Systems, IEEE International Conference on Pervasive Computing (PerCom), 2007
related work on multi tags
Related Work on Multi-Tags
  • Two-antennas per tag to determine location
  • Four tags per object to determine movement direction
  • Multiple tags to increase reliability (for visually impaired)
  • Random placement of two tags on playing cards
  • Splitting tag ID into Class ID and Pure ID
  • Up to three tags to determine object-person interaction
types of multi tags

Redundant Tags

  • Complimentary Tags
  • Dual-Tags
    • Own Memory Only
    • Shared Memory Only
    • Own and Shared Memory
  • Triple-Tags
  • n-Tags
Types of Multi-Tags
effects of multi tags on anti collision algorithms
Effects of Multi-Tags on Anti-Collision Algorithms

Algorithm

Redundant Tags

Dual-Tags

*If Dual-Tags communicate to form a single response

**Assuming an object is tagged with two tags

related work on yoking proofs
Related Work on “Yoking-Proofs”
  • Juels [2004]
    • protocol is limited to two tags
    • no timely timer update (minor/crucial omission)
  • Saito and Sakurai [2005]
    • solution relies on timestamps generated by trusted database
    • violates original problem statement
    • one tag is assumed to be more powerful than the others
    • vulnerable to “future timestamp” attack
  • Piramuthu [2006]
    • discusses inapplicable replay-attack problem of Juels’ protocol
    • independently observes the problem with Saito/Sakurai protocol
    • proposed fix only works for a pair of tags
    • violates original problem statement
speeding up the yoking protocol
Speeding Up The Yoking Protocol

Idea: split cycle into several sequences of dependent MACs

starting / closing tags

Requires

  • multiple readers or multiple antennas
  • anti-collision protocol
related work on puf
Related Work on PUF
  • Optical PUF [Ravikanth 2001]
  • Silicon PUF [Gassend et al 2002]
    • design, implementation, simulation, manufacturing
    • authentication algorithm
    • controlled PUF
  • PUF in RFID
    • off-line reader authentication using public key cryptography [Tuyls et al 2006]
puf based authentication

GetID

probv(n)

ID

GetResponse(c1)

n

n

i

μi(1-μ)n-i

probv = 1 -∑

p(c1)

i=t+1

.

.

.

probf(n)

GetResponse(cn)

p(cn)

n

n

j

τj(1- τ)n-j

probf = 1 -∑

j=t+1

α < probv ≤ 1 and probf ≤ β ≤ 1

0 ≤ t ≤ n-1

PUF-Based Authentication

Reader

Tag

puf based identification algorithm
PUF-Based Identification Algorithm
  • Tag stores its identifier: ID
  • Database stores: ID, p(ID), …, pk(ID)
  • Upon reader’s query, the tag
    • responds with p(ID)
    • updates its ID with p(ID)
  • It is important to have
    • a reliable PUF
    • no loops in PUF chains
    • no identical PUF outputs
  • Assumptions
    • passive adversaries (otherwise, denial of service possible)
    • physical compromise of tags not possible
    • reliable PUF
puf based mac algorithms

valid signature σ: υ (M, σ) = 1

K

  • forged signature σ’ : υ (M’, σ’) = 1, M = M’

K

  • Large message set

σ (m) =c, r1, ..., rn, pc(r1, m), ..., pc(rn, m)

  • Small message set

σ (m) =c, pc(1)(m), ..., pc(n)(m), ..., c+q-1, pc+q-1(1)(m), pc+q-1(n)(m)

PUF-Based MAC Algorithms
  • MAC = (K, τ, υ)
  • Need to protect against replay attacks
  • MAC based on PUF
    • large keys
    • cannot support arbitrary messages
    • Motivational example: buyer/seller
using puf to detect and restore privacy of compromised system

s1,2

s2,4

s2,5

s3,8

s3,9

s3,10

Using PUF to Detect and Restore Privacy of Compromised System

s1,0

s1,1

s2,0

s2,1

s2,2

s2,3

s3,0

s3,1

s3,2

s3,3

s3,4

s3,5

s3,6

s3,7

  • Detect potential tag compromise
  • Update secrets of affected tags