Will Loose Lips Sink Chips?
The October 2006 issue of DC-Velocity magazine published a RFID 101 Technology Review column titled Will loose lips sink chips? by John R. Johnson, Executive Editor. Here is our feedback:
We found this article to be a great overview of both the challenges and opportunities for passive RFID in item level tagging. We agree with most of Mr. Johnson’s overview of the market and issues around privacy but would like to point out that there may be more happening in the area of security than Kevin Ashton - VP of Marketing at ThingMagic, who is quoted in the article, may be aware of today. Also, there was a reference to “side channel attacks” in the Data at Risk section that incorrectly describes what a side channel attack is. Finally, the solution described that TI is working on has little to do with RFID or protecting a tag in the field and is really a re-working of a paper they published with Verisign almost two years ago – that they chose not to promote at that time.
In regards to Gen 2 solutions – although there are several approaches being worked on both in the academic and commercial worlds (and recently reviewed in Graz Austria at the RFID Security 06 conference - http://events.iaik.tugraz.at/RFIDSec06/index.htm) there are some solutions available today depending on the functional requirement. SecureRF Corporation has presented our solution as one of the most advanced as we are planning on delivering our first tag in the first quarter of 2007 (not 2008/09 as quoted in the article) and it will be a Gen 2 compliant tag that will provide both authentication and data protection. As a result of these functions, it will be able to prevent rogue readers from accessing data in many cases (a function described as not feasible in the article). Mr. Ashton’s view was very narrow and from a “reader company’s” perspective. We do not boost the cost of tags in any significant way and we are currently filing a patent that will allow us to work with a customer’s currently installed Gen 2 reader network without any firmware upgrades or changes! Although we are protocol agnostic – we have joined EPCglobal and plan on making our first tags Gen 2 UHF/HF compliant.
The attack Mr. Johnson describes in the Data at Risk section is “eavesdropping” and not a side channel attack. Eavesdropping occurs when a legitimate communication session is going on between a tag and a reader and a rogue reader, in the vicinity of this communication, “listens in” and intercepts the data. A “side channel attack” occurs when an individual monitors the “secure” communications and by carefully measuring things like power fluctuations and other timing points – uses the collected data to break the security (a form of crypto analysis). This is a popular attack on smart cards. In Mr. Ashton’s scenario – there is no security to break – and hence no need for a side channel attack.
Finally, the TI solution Mr. Johnson describes does not involve the tag in any way. All of the security features are happening behind the reader on the network and the encrypted and/or signed data is simply stored on the tag. There is little to prevent someone from “cloning” the tag. That is, simply copying the good encrypted/signed data and putting it on cloned tags will make counterfeit items look like the good item. Of course, as in all PKI systems, the reader will need to know which of its millions (billions?) keys to choose to authenticate the tag – and it will need to do this look up and authentication in the 400 MS the FCC gives for the entire session. Current PKI platforms run in quadratic time and are too slow which is why giants like RSA have not presented the industry with a solution at this time. SecureRF has the first solution in the world to run in linear-time which is how we accomplish this feat.
As stated at the beginning, we agree with many of the issues and concerns raised by Mr. Johnson and Mr. Ashton in this article. The industry does need to address this issues rather than simply telling everyone it is just a bunch of numbers on the tags. As time goes on more and more data about the asset the tags are attached to will be included on the tag and the industry will need a better answer.
We found this article to be a great overview of both the challenges and opportunities for passive RFID in item level tagging. We agree with most of Mr. Johnson’s overview of the market and issues around privacy but would like to point out that there may be more happening in the area of security than Kevin Ashton - VP of Marketing at ThingMagic, who is quoted in the article, may be aware of today. Also, there was a reference to “side channel attacks” in the Data at Risk section that incorrectly describes what a side channel attack is. Finally, the solution described that TI is working on has little to do with RFID or protecting a tag in the field and is really a re-working of a paper they published with Verisign almost two years ago – that they chose not to promote at that time.
In regards to Gen 2 solutions – although there are several approaches being worked on both in the academic and commercial worlds (and recently reviewed in Graz Austria at the RFID Security 06 conference - http://events.iaik.tugraz.at/RFIDSec06/index.htm) there are some solutions available today depending on the functional requirement. SecureRF Corporation has presented our solution as one of the most advanced as we are planning on delivering our first tag in the first quarter of 2007 (not 2008/09 as quoted in the article) and it will be a Gen 2 compliant tag that will provide both authentication and data protection. As a result of these functions, it will be able to prevent rogue readers from accessing data in many cases (a function described as not feasible in the article). Mr. Ashton’s view was very narrow and from a “reader company’s” perspective. We do not boost the cost of tags in any significant way and we are currently filing a patent that will allow us to work with a customer’s currently installed Gen 2 reader network without any firmware upgrades or changes! Although we are protocol agnostic – we have joined EPCglobal and plan on making our first tags Gen 2 UHF/HF compliant.
The attack Mr. Johnson describes in the Data at Risk section is “eavesdropping” and not a side channel attack. Eavesdropping occurs when a legitimate communication session is going on between a tag and a reader and a rogue reader, in the vicinity of this communication, “listens in” and intercepts the data. A “side channel attack” occurs when an individual monitors the “secure” communications and by carefully measuring things like power fluctuations and other timing points – uses the collected data to break the security (a form of crypto analysis). This is a popular attack on smart cards. In Mr. Ashton’s scenario – there is no security to break – and hence no need for a side channel attack.
Finally, the TI solution Mr. Johnson describes does not involve the tag in any way. All of the security features are happening behind the reader on the network and the encrypted and/or signed data is simply stored on the tag. There is little to prevent someone from “cloning” the tag. That is, simply copying the good encrypted/signed data and putting it on cloned tags will make counterfeit items look like the good item. Of course, as in all PKI systems, the reader will need to know which of its millions (billions?) keys to choose to authenticate the tag – and it will need to do this look up and authentication in the 400 MS the FCC gives for the entire session. Current PKI platforms run in quadratic time and are too slow which is why giants like RSA have not presented the industry with a solution at this time. SecureRF has the first solution in the world to run in linear-time which is how we accomplish this feat.
As stated at the beginning, we agree with many of the issues and concerns raised by Mr. Johnson and Mr. Ashton in this article. The industry does need to address this issues rather than simply telling everyone it is just a bunch of numbers on the tags. As time goes on more and more data about the asset the tags are attached to will be included on the tag and the industry will need a better answer.
Labels: authentication, encryption, EPCglobal, Gen2, privacy, RFID, RFID tag, security
posted by Joanne Kelleher at SecureRF at
12:24 PM
0 Comments:
Post a Comment
<< Home