RFID Security & Privacy at both
Physical and System Levels
- Presentation to IoT-GSI
26th August 2011
Robert H. Deng & Yingjiu Li
School of Information Systems
Singapore Management University
2016/5/30
1
RFID Security & Privacy at
Physical Level
2016/5/30
2
Radio Frequency IDentification (RFID)
Radio signal
(contactless)
Authenticate / Identify
Tags (transponders)
Attached to objects,
“call out” identifying data
on a special radio frequency
2016/5/30
Read / Update
Reader (transceivers)
Database
Read data off tags
without direct contact
Match tag IDs to
physical objects
3
RFID Security Issues
• Tag Authentication
– Only valid tags are accepted by a valid reader
• Reader Authentication
– Only valid readers are accepted by valid tags
– Not always required but mandatory in some applications (e.g.,
e-tickets)
• Availability
– Infeasible to manipulate honest tags such that honest readers
do not accept them
2016/5/30
4
RFID Privacy Issues
 Privacy requirements
• Privacy issues
• Adversaries identify tags
• Adversaries track tags
Tags
2016/5/30
• Anonymity: Confidentiality of the tag
identity
• Untraceability: Unlinkability of the tag’s
transactions
Radio signal
(contactless)
Reader
5
RFID Privacy Preserving
Authentication Protocol Design
Tag T
Reader R
c
r
f
(optional)
 Security requirements
 One way or mutual authentication
 Privacy requirements
• Anonymity: Confidentiality of the tag identity
• Untraceability: Unlinkability of the tag’s transactions
2016/5/30
6
Cryptographic Protocols for RFID
Privacy
• Numerous lightweight RFID protocols for lowcost tags have been proposed
• They use simple operations (XOR, bit inner
product, CRC, etc)
• Most of them have been broken (T. van
Deursen and S. Radomirovic: Attacks on RFID
Protocols, ePrint Archive: Report 2008/310)
2016/5/30
7
Recent Progress: RFID Privacy Models
• Ind-privacy: indistinguishability of two tags
(Jules & Weis, PerCom 2007)
– Ideal model, but not easy to work with
• Unp-privacy: unpredictability of protocol messages
(Ha, Moon, Zhou & Ha, ESORICS 2008), (Ma, Li, Deng, Li, CCS09)
─ Only works with symmetric key based protocols
• ZK-privacy model: Zero knowledge model
(Deng, Li, Yung, Zhao, Esorics 2010)
— Output of real world experiment and output of simulated
world experiment are indistinguishable
— Works with both symmetric key and public key protocols
2016/5/30
8
RFID Security & Privacy at
System Level
2016/5/30
9
An IoT Architecture for Sharing RFID
Information
Query/ Answer
Query/ Answer
User
Query/ Answer
Publish/ Update
Internet
Publish/ Update
Information
service
Information
service
RFID readers
RFID readers
RFID tags
RFID tags
Enterprise information system
2016/5/30
Discovery
service
Enterprise information system
Security and Privacy
• Security: Identification/authentication of involving
parties
– Users, discovery services, information services
• Privacy: Only authorized parties can access
RFID data as needed
– Query, read, write, update, delete
• Solution: Access control
– Policy management, enforcement, implementation
2016/5/30
11
Access Control Requirements
• Cross domain
– RFID data to be shared are managed by different
parties (IS and DS)
• Unknown users
– Query issuer may not have prior business relationship
or be known to data holders
• Visibility
– Access to RFID data is based on supply chain
information
• Compatibility
– Access control can be easily enforced in web services
and database systems
2016/5/30
12
Existing Access Control Models
•
•
•
•
Discretionary access control (DAC)
Mandatory access control (MAC)
Role based access control (RBAC)
Attribute based access control (ABAC)
Access
Subject
2016/5/30
Object
13
Comparison
Cross
Domain
Unknown
users
Visibility
Compatibility
DAC
√
Χ
Χ
Χ
MAC
Χ
Χ
Χ
Χ
RBAC
Χ
Χ
Χ
Χ
ABAC
√
√
√
√
2016/5/30
14
Current Effort
• Data Discovery Requirements Document (EPCglobal
draft, 2009)
– Description of requirements on RFID discovery services,
including data confidentiality, integrity and access control
• A framework of components for access control in
data discovery services (BRIDGE final report, 2009)
– Focus on networked services for inter-company operation
of supply chains
• Our current work
– Design secure discovery services and implement the whole
system in Singapore
2016/5/30
15