The document discusses several methods for improving security and privacy in RFID systems. It describes RFID tags, readers, and the problems of human tracking and spying on customers that RFID enables. It then evaluates various technical approaches to address these privacy issues, including killing tags, Faraday cages, cryptographic protocols, clipped tags, randomized identifiers, blocker tags, and selective jamming. The document concludes that while the RFID Guardian approach provides the most complete privacy, blocker tags may be the most practical solution given their low cost and compatibility with existing RFID systems.
2. Contents..
Introduction
Introduction
Problem identification
Problem identification
Research methodology
Research methodology
Pros and cons
Pros and cons
Conclusion
Conclusion
3. Introduction..
RFID
Tag RFID Reader
.
RFID is an electronic identification technique.
Used to identify any kind of object through radio frequency.
4. Tag contains a unique identification number or code.
Two types of tags:
– Active tags
– Passive tags
5. RFID reader..
Purpose of the Reader is to identify the EPC-number of
the tag.
Reading of tag depends on the operating frequency.
Methods of transferring power to the tag:
– Magnetic induction
– Electromagnetic wave capture.
Power is typically between 10 microwatt and 1 miliwatt.
6. Problem Identification..
RFID can be used for human tracking.
Shopkeepers can trace customers.
Procter and gamble has been caught spying on its
customers.
Gillette has hidden RFID tags in shaving products.
Tag’s in people’s home will be read by a passing car.
8. RFID Security and Privacy
By Charalampos Zois University of Amsterdam May 2007
Computer cryptographers and programmers have
proposed many countermeasures against these dangers.
Main challenge is to provide significant improvement in
privacy without raising cost.
9. Kill RFID Tag..
If you don’t want RFID Tag, then physically disable it.
Once you remove it, you can never re-activate it.
Faraday Cages ..
Faraday cage is a type of foil or metal.
It is resistant to some radio frequencies.
We cannot place every product in a faraday cage.
10. Cryptographic approaches..
Tags interact with reader by public-key protocol.
Strong public key is too heavy-weight for the tags
Clipped tags…
Separate the RFID code area from the antenna.
Customer gets the visual evidence of deactivation.
Tag reactivates through some electromechnical means.
11. Hash based access control..
Randomized hash based access control..
Generate a random number on tag instead of a fixed
number.
Increases the complexity of RFID tags
12. Blocker Tags..
Blocker tag breaks the communication between the reader
and itself.
Tree-walking singulation algorithm is used.
Economical and easy to implement.
Silent Tree Walking...
Strong eavesdropper can listen into the signal.
We don't broadcast each and every bit of an RFID tag in
the process of tree walking.
13. Tag Identification algorithm..
Matrix multiplication.
Both reader and tag use two matrices of same size.
X=k.M1
Privacy through Trusted Computing…
Use of trusted reader:
– Reader core
– Policy engine
– Consumer agent
14. The RFID Guardian..
Device which controls the communication between RFID
reader and tags.
Portable and battery inside it.
Complete privacy:
– Auditing
– Key management
– Access control
– Authentication
15. RFID Jamming
Guido R. Kok
• Harmful to the one's privacy and personal space
• How to avoid unnecessary detection and information
querying
16. Techniques to prevent Privacy..
• Radio Jamming
• The blocker tag
• Selective blocker tag
• Selective RFID jamming
17. Radio Jamming..
• Signal of high power and of same frequency is generated.
• Mobile jamming device is required.
• All communication at that frequency is blocked.
Blocker tag..
• Simultaneous query of multiple tags can block the RF
reader.
• Use of walking tree protocol.
18. Walking Tree Protocol..
• Tag database is saved in a Binary Tree.
• Bit by bit enquiry of EPC is done.
• In case of collision the “Left Search 1st
technique ” is applied.
• At each point when the RF reader asks for
the next bit. Both ‘1’ and ‘0’ are sent.
• So 2^96 collision, it will block the reader
easily.
20. Selective RFID jamming..
• The jamming signal is used to block the unwanted queries.
• But only the unauthenticated requests are blocked.
• The jammer used is a bit smarter and looks into the ACL
for authentication.
Access control list..
• Holds information about the RF readers, that which
particular one is authorized.
21. Pros and Cons..
RFID security and privacy:
Pros:
More than 12 methods of privacy prevention.
Cryptographic techniques are also explained.
Cons:
Laws and regulations under which RFID systems work are not
explained.
Blocker tag method is not explained in detail.
22. RFID Jamming:
Pros:
Drawbacks of each technique are explained.
Cons:
Laws and regulation regarding the use of RFID are not
mentioned.
Cryptographic Techniques are not mentioned.
23. Conclusion:
Which is the best method to improve security and
privacy?
We think, it is RFID Guardian.
But..
• Blocker tag is the most practical solution.
• it’s economical and suitable for existing RFID
market in the world.