AUTHENTICATION ENHANCEMENT OF RFID CARD USING AN
ELECTRONICALLY CLIPPABLE SHIELD AND FINGERPRINT-BIOMETRICS
IKUESAN RICHARD ADEYEMI
A dissertation submitted in partial fulfillment of the
requirements for the award of the degree of
Master of Science (Information Security)
Faculty of Computer Science and Information Systems
Universiti Teknologi Malaysia
JANUARY, 2012
iv
This dissertation is dedicated to my family for their endless support and encouragement,
and particularly, to Philip and Samson Ikuesan.
v
ACKNOWLEDGEMENT
First and foremost, I would like to express my sincere gratitude to my supervisor
Dr. Norafida Binti Ithnin for her unfading support, encouragement, and enlightenment
through-out the period of this study, without whom, much effort would have been in
vain and this project may have not seen fruition.
I would also want to appreciate all my colleagues in information security class,
especially, those under the supervision of Dr. Norafida.
Special appreciation to all members of the Skudai Joy Gospel Chapel, a family
that I will never forget.
Finally, I would like to appreciate all staffs of FSKSM, UTM and the entire
UTM staff at large for the conducive learning environment.
vi
ABSTRACT
Radio frequency identification (RFID) is a technology that employs basic
identifier of an object embedded in a chip, transmitted via radio wave, for identification.
An RFID Card, responds to query irrespective of ‘Who’ holds the card; like a key to a
door. Since an attacker can possess the card, access to such object can therefore be
easily compromised. This security breach is classified as an unauthorized use of card,
and it forms the bedrock for RFID card compromise especially in access control. As an
authentication enhancement mechanism, this study designed and developed a method
termed BIO-THENTIC Card, that integrates three existing mitigation methods which
are physical clip tag, Faraday shield and fingerprint authentication; to prevent and also
protect this weakness. The Bio-Thentic Card was fabricated, tested and assessed in line
with the known threats, and attacks; and it was observed to proffer substantive solution
to unauthorized use of RFID Card.
vii
ABSTRAK
Pengenalpastian frekuensi radio (RFID) adalah teknologi yang menggunakan
pengecam asas objek yang tertanam dalam cip, dihantar melalui gelombang radio, untuk
pengenalan. Kad RFID, respons kepada pertanyaan tanpa mengira Siapa yang
memegang kad seperti kunci pintu. Sejak penyerang boleh memiliki kad tersebut, akses
kepada Oleh itu, objek itu boleh dengan mudah berkompromi. Pelanggaran keselamatan
ini diklasifikasikan sebagai penggunaan tanpa kebenaran kad, dan ia membentuk batu
hampar untuk berkompromi kad RFID terutama dalam kawalan akses. Sebagai
mekanisme peningkatan pengesahan, kajian ini direka dan dibangunkan satu kaedah
yang dipanggil BIO-Kad THENTIC, yang mengintegrasikan tiga kaedah mitigasi yang
sedia ada yang tag klip fizikal, Faraday perisai dan pengesahan cap jari; untuk
mencegah dan juga melindungi kelemahan ini. Kad Bio-Thentic direka, diuji dan dinilai
selaras dengan ancaman yang diketahui, dan serangan; dan diperhatikan untuk
mengajukan penyelesaian substantiative penggunaan tanpa kebenaran Kad RFID.
viii
TABLE OF CONTENT
CHAPTER
1.
TITLE
PAGE
DECLARATION
iii
DEDICATION
iv
ACKNOWLEDGEMENT
v
ABSTRACT
vi
ABSTRAK
vii
LIST OF TABLE
xiii
LIST OF FIGURE
xiv
LIST OF EQUATION
xvii
INTRODUCTION
1.1
Introduction
1
1.2
Problem Background
2
1.3
Problem Statement
3
1.4
Project Aim
4
1.5
Objective
4
1.6
Project Scope
4
1.7
Significance of the Project
5
1.8
Organization of Report
5
ix
2
LITERATURE REVIEW
2.1
2.2
2.3
2.4
2.5
2.6
Introduction
7
2.1.1
7
History of RFID technology
Architecture of the RFID Technology
8
2.2.1
RFID Tag
9
2.2.2
RFID Reader
10
Physical Principle Of RFID Technology
11
2.3.1
Magnetic Field Coupling: Near Field
12
2.3.2
Power Supply To A Passive RFID Tag
14
2.3.3
Antenna Impedance And Matching
15
2.3.4
Operating Frequency of RFID technology
16
2.3.5
Singulation Process
17
Communication Layers of RFID Technology
18
2.4.1
The Physical Layer
18
2.4.2
The Application Layer
19
2.4.3
The Strategic Layer
19
2.4.4
The Network-Transport Layer
20
RFID Application
20
2.5.1
Contactless Payment System
21
2.5.2
Electronic Article Surveillance (EAS) System.
22
2.5.3
Container Identification And Tracking
22
2.5.4
E-Passport And Document Identification
23
2.5.5
ChampionChip And Tag Implantation
24
2.5.6
Substitute For Bar-Code
25
2.5.7
Contactless Smart Card
26
2.5.8
Banknotes
27
2.5.9
Libraries
27
Known Challenges in RFID Technology
28
2.6.1
RFID Tag Cloning Attack
29
2.6.2
Physical Attack
29
2.6.3
Skimming Attack
30
x
2.7
2.6.4
Spoofing Attack
31
2.6.5
Relay Attack
31
2.3.6
Denial of Service (Dos) Attack
33
2.3.7
Clandestine Tracking
34
Counter Measures Against Known Challenges
35
2.7.1
RFID Guardian
35
2.7.2
RFID Blocker Tag
36
2.7.3
Labeling
37
2.7.4
Kill Command
37
2.7.5
RFID Zapper
38
2.7.6
RFID Clipped Tag
38
2.7.7
Faraday Cage
39
2.7.8
Authentication Protocols
39
2.7.9
Anti-Counterfeiting Technology
41
2.7.10
Physical- Layer Identification
41
2.7.11
Fingerprint Biometric Authentication
42
2.7.12
Controllable tag
43
2.8
Physical Layer Security
46
2.9
Summary of Various Mitigations and Their Drawback
44
2.10 Other Types of Mitigation Used for Physical Authentication
53
2.11
2.10.1
Iris Pattern Recognition
53
2.10.2
Body Odor Authentication
54
2.10.3
Facial Recognition
54
2.10.4
Fingerprint Pattern
55
2.10.5
Signature Pattern
55
2.10.6
Hand Geometry
55
2.10.7
Retina Pattern
56
2.10.8
Speech Pattern/Voiceprint
56
Integrating Various Physical Authentication Mitigation
on RFID Card
56
xi
2.12
3
3.1
Introduction
59
3.2
Operational Framework
60
3.3
Review of Existing Mitigation
61
3.3.1
Physical Clipped Tag
62
3.3.2
Faraday Cage
63
3.3.3
Fingerprint Biometric Authentication
65
3.5
Project Methodology
68
3.4.1
Phase 1: Design and Fabrication of Tag
70
3.4.2
Phase 2: Fingerprint Acquisition and Matching
70
3.4.3
Phase 3: Code Development and Testing
70
Summary
71
DESIGN OF BIO-THENTIC RFID CARD
4.1
Introduction
72
4.2
Existing Mitigation Measure Analysis
73
4.3
Proposed Mitigation
74
4.4
Antenna Design
78
4.4.1
Antenna Coil
78
4.4.2
Clipped Joint
82
4.4.3
Biometric Authentication
83
4.4.4
Fingerprint Module Security Mechanism
84
4.4.5
Fingerprint Storage And Matching
85
4.5
4.6
5
58
RESEARCH METHODOLOGY
3.4
4
Summary
Control Unit
86
4.5.1
AVR Atmega-8515 Microcontroller
86
4.5.2
Control Circuitry
88
Summary
91
RESULT AND ANALYSIS
5.1
Introduction
92
xii
5.2
5.3
6
Bio-Thentic Prototype Testing
93
5.2.1
Reader Response
96
5.2.2
Fingerprint Authentication
97
5.2.3
Tag Reading
98
Risk Assessment
98
5.3.1
Tag Manipulation
99
5.3.2
Clip Joint Circumvention
101
5.3.3
Fingerprint Manipulation
101
5.4
Risk Assessment Analysis
103
5.5
Summary
103
CONCLUSION AND RECOMMENDATION
6.1
Introduction
104
6.2
Contribution
105
6.3
Future work
105
6.4
Conclusion
106
REFERENCES
107
APPENDIX A
Program code in Assembly language
117
APPENDIX B
Program Flow Chart
138
xiii
LIST OF TABLES
TABLE NO.
TITLE
PAGE
2.1
Summary of Attacks on RFID Layer
34
2.2
Mitigation against Attack on the Physical Layer
45
2.3
Attacks and Its Mitigation Targeted At the RFID
Physical-Layer
46
2.4
Effectiveness of Mitigation to RFID Challenges
49
2.5
Comparison of Various Authentication Mitigations Based On
Integrative Property with RFID Card
57
4.1
RFID Physical-Layer Attack-Mitigation Analysis
73
4.2
Instruction Command for Fingerprint Storage
85
4.3
Instruction Command for Fingerprint Match
85
4.4
Control Output Indicator
90
5.1
Test Result of Bio-Thentic Card
96
5.2
Results for Authentication Testing
97
5.3
Bio-Thentic Risk Assessment
102
xiv
LIST OF FIGURES
FIGURE NO.
TITLE
PAGE
2.1
Typical RFID Architecture
9
2.2
Example of RFID Tag.
10
2.3
Typical of an RFID Reader
11
2.4
Lines of Magnetic Flux
12
2.5
Magnetic Loops around a Current Carrying Conductor
14
2.6
Power Supply Process for a Near Field Antenna
15
2.7
Tree Singulation Diagram
17
2.8
RFID Technology Communication Layer
18
2.9
Applicability of RFID Technology
20
2.10
A Typical Physical-Layer Security Breach in RFID System
28
2.11
New HMAC-Based Protocol
40
2.12
Authentication and Identification Framework
43
2.13
Samples of Controllable and Visible Tags.
44
xv
3.1
Operational Framework of the Study
60
3.2
A) Schematics Of Clipped Tag B) Garment Hang Tag.
62
3.3
Clipping an Antenna
63
3.4
Operational Process of Faraday Cage.
64
3.5
Examples of Minutiae Types
65
3.6
A)Example Of An OFTIR
3.7
Example of a Live-Scan Fingerprint.
67
3.8
Typical Algorithm for Minutiae Extraction
67
3.9
Flow Chart of Proposed Method
69
4.1
Overview of Proposed Measure
75
4.2
Implementation Flow Chat of the Proposed Method
76
4.3
Communication process of the proposed mitigation
77
4.4
Snapshot of CST 2010 antenna design
79
4.5
FR4 lossy material
80
4.6
S-parameter of the designed antenna
81
4.7
Snapshot showing the clipped joint
82
4.8
Fabricated Antenna Unit
83
4.9
Architecture of Atmega-8515 Microcontroller
84
4.10
Block diagram of the fingerprint module
87
4.11
Pin-out of Atmega-8515 Microcontroller
88
4.12
Schematics of control process
89
B) Image Geometry
66
xvi
5.1
Bio-Thentic Card prototype
93
5.2
Testing Procedure for Authentic User
94
5.3
Generic Testing Procedure
95
5.4
Worse case scenario of Bio-Thentic Card-physical state
100
5.5
Electrical manipulation of the clipped joint
100
xvii
LIST OF EQUATIONS
EQUATION NO.
TITLE
PAGE
2.1
Magnetic field strength
13
2.2
Energy range of RFID Tag
13
2.3
Optimal antenna coupling
13
2.4
Impedance
15
3.1
Gauss Law
64
CHAPTER 1
INTRODUCTION
1.1
Introduction
Radio frequency identifier (RFID) is one among series of wireless technology
gaining faster and wider adoption in our today society.
portability, mobility, and flexibility in use.
Unique to RFID is its
In a bid to make life much easier and
simpler, this uniqueness has triggered its integration into our everyday life.
Traditional way of identifying object/products in the retail industry; bar-code, is
gradually being replace by the RFID. Of more importance to the adoption of RFID
is its ability to be integrated into conveyor system, container, inventory, and transport
tracking system, time sensitive application, self monitoring application such as
expiry date alerts, and anti-counterfeiting of product. In addition, the relatively
cheaper cost of the technology also contributes to such increasing demand.
Ironically, RFID unique properties have generated privacy concern and
increasing security threats and attacks alike; which have attracted scholarly concern
from researchers for the past two decades. Hence, various mitigations have been
proposed to combat these challenges. Owing to the fact that the RFID system
2
constitutes four distinct layers (which are discussed in the following chapter),
mitigations have also been structured to equate layer attacks. While the layers of the
RFID system are been addressed, the physical-layer tends to receive less attention,
and it has led to the success of most attacks. Researchers such as Juels (2006),
Reiback (2005), Yahaya et al. (2010), e. t. c. have proposed measures to combat
these attacks at the -physical-layer with focus on the reader-to-tag and tag-to-reader
communication leaving the physical-layer vulnerable to unauthorized usage.
1.2
Problem Background
The adoption of RFID technology into areas like physical access control have
generated questions such as; ‘how can I know when my Card is being read’, how can
the Card detect the authentic owner of the Card. Series of such question have trailed
the stage of RFID technology.
Yahaya et al. , (2009) proposed a framework upon which a Card can identify
its authentic owner using a “biometric fingerprint match on Card” and a computer
system for authentication. This is also similar to the model proposed by Fons et al. ,
(2006).
Marquardt et al. , (2010) proposed a controllable tag system. They modeled
different types of tag that can be controlled by the user at will. This is also similar to
the clipped tag designed by Moskowitz et. al. ,(2007).
Zanneti et al, (2010) proposed a “physical-layer identification” system of tag
based on the principle of radiometry, which was termed PARADIS. They concluded
that every tag has a unique fingerprint upon which they can be distinguished.
3
In all of the proposed mitigation however, the question of ‘who’ (how
authentic is the authentic holder of the Card) authorizes the Card is yet to be
answered. Zuo, (2010) concluded that the “survivability of the RFID system” should
start from the security of each tag, noting that compromising attacks emanates from
the tag. Langheinrich, (2008) identified “unauthorized tag readout” as the core of
RFID privacy problem stating that authenticating the interrogating parties in RFID
system is a technique for privacy concern.
Therefore, the challenge of authorized Card use and reading constitutes the
bane of the security and privacy issues in the RFID system. Albeit, such challenges
can be protected against by proposing an enhance authentication system particularly,
at the user-end on the physical-layer of the RFID system.
1.3
Problem Statement
Attacks on the physical-layer of the RFID system have received minimum
combative measure leading to the discouraging rate of attacks on it. Some of the
existing measure tend to offer mitigation but failed to consider the authenticity of the
user at the tag end of the system. Considering these limitations, satisfactory answers
to the questions listed below needs to be purveyed in the process of this study:
i.
How authentic is the authentic Cardholder?
ii.
How can an authentic Cardholder dictate Card responds to interrogation?
iii.
How can an authentic Cardholder know when the tag is being read?
iv.
What happens to the confidentiality of the Card when it is stolen?
v.
How will this proposed method be evaluated, with respect to authentic
authorization?
4
1.4
Project Aim
The aim of this study is to improve the security level of the RFID system at
the physical layer as well as ensure confidentiality in the use of RFID Cards by
enhancing authentication of user at the tag end.
1.5
Project Objectives
In order to accomplish the aim of this study; the following objectives must be
achieved:
i. To study and investigate existing mitigation measures on security and
privacy of the RFID system with reference to the physical-layer.
ii. To propose an enhanced authentication mechanism for authenticating user
at the tag-end of the RFID system
iii. To implement the proposed authentication mechanism and evaluate it
effectiveness
1.6
Project Scope
The following defines the scope of this study:
1) This study entails security issues relating to the physical-layer of a
passive and semi-passive tag used in contactless Cards.
5
2) The proposed enhancement method will be based on three existing
mitigation methods, which are clipped tag, Faraday cage and fingerprint
biometric authentication.
3) The designs and fabrication of the system is limited to the physics of the
tag antenna and not on the detail of the RFID tag itself.
1.7
Significance of the dissertation
In this study, various mitigation measures for combating the challenges of the
RFID system will be discussed. Furthermore, detailed analysis will be carried out on
the specific three chosen measures, which will give insight to other researchers. The
challenges of unauthorized tag read, tag use and even tag killing will receive
appropriate mitigation.
1.8
Organization of report
This thesis comprises chapters arranged in the numeric other of 1 to 6. The
detail of each chapter is detailed as follows;
Chapter 1 of this report gives the overview of this study, problem
background, objective, scope, and problem statement of this study.
Chapter 2 of this report covers the history and basic theory of the RFID
technology as well as its importance in various areas of application. Security and
privacy challenges and existing mitigation in the RFID system were also discussed in
detail.
6
Chapter 3 describes the research methodology of this study. In addition, it
also discussed the project methodology for the study.
Chapter 4 of this report covers the design and fabrication process upon
which the proposed methodology was framed.
Chapter 5 of this report discussed the result of the design and fabrication
process. It also discussed result of risk assessment carried out on the fabricated
prototype.
Chapter 6 covered the conclusion and recommendation proffered in this
study.
7
CHAPTER 2
LITERATURE REVIEW
2.1
Introduction
This chapter discussed the nature (with reference to the physical nature),
various application area, and security and privacy challenges in RFID technology.
Review of various proposed mitigation against these known challenges were also
discussed as well as their respective limitation. A concise summary of mitigations to
these challenges was also included in this chapter.
2.1.1
Brief History of RFID Technology
The term RFID is used to describe any system capable of transmitting the
identity of an object from a tag to a reader using radio frequency (RF) waves as
communication medium. This can also include the transfer of stored data with some
encryption function. RF identification can be traced back to Faraday discovery of
8
mutual induction between two conductors during the mid-nineteenth century and
discoveries made around 1900-1940 in radio and radar technology. Radio frequency
transmitting and responding as a means of identification can be traced to the Allied
Fighters and Anti-air craft system during the Second World War. It was used to
distinguish between friendly aircraft and the otherwise hence the name Identification
friend or foe (IFF); where a correct signal transmitted is considered a friend,
otherwise, a foe.
Shortly after the Second World War, launching of the first commercialized
use of the RFID took off in the 1960s (Haver, 2006).
This led to various
developmental works on the technology in the 1970s. The implementation of the
RFID technology started in 1980s (Haver, 2006). From the 1990s to date, various
application area of RFID technology have emerge and yet still, the technology is
considered as ‘yet to achieve’ its possible application area.
2.2
Architecture of The RFID Technology
RFID technology theory of operation is centered on the communication
principle of radio wave. Like every other wireless medium of communication, RFID
technology is composed of the transmitter and the receiver/responder but unique to
RFID is the architecture of the communication units; reader and tag.
The architecture of a typical RFID system is shown in Figure 2. 1. It consists
of the reader, the tag and or the backend database and central control system.
Extensively, an internet infrastructure can be integrated into it.
9
Internet
Infrastructure
Tag
Reader
Backend Database
Control
unit
Figure 2. 1: Typical RFID Architecture.
As shown in Figure 2. 1, the communication channel between the reader and
the tag is a wireless medium. The backend database and the control unit could be
integrated into one cabinet or in separate units. The backend database can be linked
to Internet infrastructure for upstream and downstream activities.
2.2.1
RFID Tag
It is the main composition of the RFID technology; the information for
identification and communication is stored inside the tag. An RFID tag is a chip
capable of transmitting and responding (hence the name transponder) to RF signal.
Its components include an encoding circuitry, memory unit, antenna, communication
control. Depending on the type, it could possess internal power unit or external
(power drawn from the reader) power unit. These characteristics form the basis for
the categorization of the RFID tag; active tag, passive tag, and semi-passive tag. The
passive tag does not have internal power supply hence, draws it power (using the
near field theory through its resonating circuit) from the reader, for data
10
communication and memory circuitry operation. An active RFID tag on the other
hand, possesses internal power supply unit, which supplies power to its internal
memory circuitry and data communication with the reader. The semi-passive tag is a
hybrid tag characterized by the internal power supply for its memory circuitry but
relies on the near field power supply from the reader for communication. RFID tags
are designed in different forms and sizes irrespective of its categorization. Examples
are illustrated in Figure 2. 2.
A
B
C
Figure 2.2: Example of RFID Tag.
Figure 2. 2 shows three different types of tags. Tag labeled ‘A’, ‘B’ and ‘C’
is an example of tags used in contactless Cards, implanted in pets, and embedded in
documents respectively. Tag can take any form and size but it is also a function of
the application requirement. The antenna being the component of communication,
also influence the size by design. The category of tag used (either passive or active)
also influence the size of the tag design; the inclusion or exclusion of battery.
2.2.2
RFID Reader
This is the second composition of the RFID physical layer. It reads data
information contained in the tag. It communicate with the reader by transmitting and
receiving (hence the name transceiver) RF signal; a process called tag querying or
11
interrogation. The reeader communicates with the tags by moduulating a RF carrier
using either a doublee –sideband amplitude shift keying (DSB-AS
SK ), phase reversal
amplitude shift keyiing(PR-ASK), single-sideband amplitude sshift keying (SSDASK) in the format of
o pulse interval coding. A typical reader com
mprises an antenna,
system interface, a crryptographic encoding circuit unit, communiication control unit,
and power supply unnit. A typical internal composition of a reaader is described in
Figure 2. 3.
Figure 2.3: Typical of an RFID Reader.
The communnication channel of the various module connstituting the RFID
reader depicted in Fiigure 2. 3, shows that the link between the ccontrol module and
the computer interfaace is a full duplex routing (can transmit and receive signal
simultaneously), as aggainst the internal communication between thhe HF interface and
the control unit whichh is half duplex.
2.3
Physical Prin
nciple of RFID Technology
The antenna of
o a passive tag is used to harness energy from
m and communicate
to the transceiver. Thhe process in which a passive or semi-passivee tag responds back
12
to a reader is called backscatter,
b
a process of “modulation of the reeflection coefficient
of its antenna” (Hawrrylak et. al. , 2008) back to the reader.
2.3.1
Magnetic Fieeld Coupling: Near Field
The passive RFID
R
tag relies on the near field strength of thhe reader for power.
This near field princiiple is similar to the mutual coupling in a transformer. Mutual
coupling exist whenn electric current passing through a coil iinduces voltage on
another coil within thhe generated magnetic field. “In a near-fieldd RFID system, the
interrogator has an anntenna that acts as the primary coil which gennerates the magnetic
field. Near field RF
FID tag (a tag within close proximity) derivves power from the
induced current due to
t the magnetic field generated by the interrrogator, the primary
coil’’ (Hawrylak et. al. , 2008).
The generated magnetic field consists of lines of
magnetic flux (whichh is dependent on the number of coils) in cloosed circular pattern
(cylindrical in shape) as illustrated in Figure 2. 4.
Figuure 2.4: Lines of Magnetic Flux (Haver, 20006)
This field sett-up by the radiating interrogator can be classified into two
components: inductioon field and radiation field. “The inductionn field is important
only in the immediaate vicinity of the radiating interrogator; thee energy associated
13
with it pulsates back and forth between the radiator and the near--by space. At large
distance, the radiatorr field is dominant; it represents a continuual flow of energy
directly outward from
m the radiator, with a density that varies inversely with the
square of the distancce and dependent on the direction from the source (Silver and
James, 1949). “The magnetic
m
field strength (H) at distance “x” allong the X-axis can
be estimated” (Haverr, 2006) by equation 2. 1.
. . . Equation2. 1
Where:
N= number off coil windings of the tag
R= the antennna radius
x = the distancce from the center of the coil in the x-directioon
I= Electric cuurrent
From equationn 2. 1, “x” can be redefined as the energy rrange of the tag. It
can be calculated usinng the equation 2. 2 below, which is derivedd from equation 2. 1
by making “x” the suubject of the formula.
. . . Equatioon 2. 2
The power received
r
by the passive tag through mutuual coupling varies
inversely proportionaal to “x” i. e. the higher the value of “x”, thhe weaker the field
strength available forr the tag and by extension, the higher the tim
me required for data
transmission. For optimal antenna coupling, equation 2. 2 can be redefined to satisfy
round coil criteria.
= ई × 2
…Equatioon 2. 3
14
Therefore, thee value of “R” given by equation 2. 3 definees the optimal range
for antenna radius. This
T range can thus be seen as a dependent ffactor on the energy
range of the tag.
2.3.2
Power Supply to a Passive RFID Tag
When a connductor is place within the magnetic fieeld set-up by the
interrogator, a degreee of magnetic force is experienced by the coonductor which sets
its electron in constannt motion. The direction of the magnetic field and the current in
the conductor is illusttrated in Figure 2. 5.
Figure 2. 5 Magnetic Loops around a Current Carrying C
Conductor
(Richard, 2008)
The force exxerted on the conductor by the magneticc field is directly
proportional to the lenngth of the conductor. The current flowing inn the conductor due
to the constant electron motion can then be connected to charge a capacitor. This is
depicted in the Figuree 2. 6 below with the conductor represented by the antenna coil
of the tag.
15
Ta
Figure 2. 6: Power Supply Process for a Near Field Antenna (Kllaus Finkenzeller,
2010)
As shown in Figure
F
2. 6, the magnetic field (H) from the R
Reader (Ri) couples
the antenna of the taag (Ta) forms the communication medium. This field in turn
charges the capacitors C1and C2, which serves as power source forr the RFID chip. In
general, the power received
r
by the RFID tag is dependent onn the power of the
transmitting antenna, the distance between the Reader and the tagg, and the efficiency
of the tag antenna.
2.3.3
Antenna Imp
pedance And Matching
As discussed above, the magnetic field set-up by the interrrogator powers the
tag through mutual induction.
Additionally, the power receiived by the tag is
dependent on the effficiency of the tag antenna. In order to atttain this efficiency,
between the interroggator and tag coil, they must be matched or tuned at same
resonating frequency; a process called impedance matching. Thee term impedance is
used to describe thee relationship that exists between voltage and current in an
alternating current at any point in time.
ȡ=
௏॥
ூ॥
. . . Equattion 2. 4
16
From equation 2. 4, it can be deduced that, maximum current (Imax. ) flows
when the impedance tend to minimum (Zmin. ). This happens when the antenna
resonates on pure resistive impedance (when the capacitive reactance is equal to the
inductive reactance). So for optimal matching of the tag antenna, the impedance “Z”
must be minimal.
2.3.4
Operating Frequency of RFID Technology
RFID tag can be classified based on the frequency they operate. Generally,
they are classified into three categories namely; the low frequency (LF), high
frequency (HF), and the ultra high frequency (UHF). The LF class of tags primarily
operates at 125 kHz, and within the range 30 kHz and 300 kHz. The HF RFID tag
(which is the commonly used tag) operates primarily at the 13. 56 MHz, and within
the range of 3 MHz and 30MHz.
This is similar to the “Federal communications commission (FCC) stated
boundary of 13. 56 MHz +/-17 KHz Industrial Scientific and Medical (ISM) use”
(CIRCULAR, 2010). The UHF class of RFID tags range between 300MHz to 3GHz,
albeit, the UHF tags in the Gen-2 protocols operates in ranges of 866MHz and
960MHz but it applicability varies in different countries (Hawrylak et. al. , 2008).
These operating frequencies determine the data rate and the read range of the RFID
system.
Based on frequency range, the operating read range of the passive RFID tag
operates at 30cm, 1m, and 7m for LF, HF and UHF tags respectively. However,
for an active tag, the nominal range could span 100m since it does not require the
reader to power its internal circuitry (LIANG, 2010).
17
2.3.5
Singulation Process
The RFID reader continuously polls for tag. In the process, it creates an
interrogation zone for activating a tag. However, collision occurs when a there are
multiple tags in the zone. The process of distinguishing individual tags in such state
of collision of RFID tags is called singulation process (singling out a particular for
interrogation). Juels et al. , (2006) proposed a tree walking singulation method for
singulation. In their method, the tag identifiers were arranged as leaves of a binary
tree (Dolev et. al. , 2008) as shown in Figure 2. 7.
Figure 2. 7: Tree Singulation Diagram
From Figure 2. 7, each leaf represents a tag ID. With this unique binary tree
ID of tag, take “h” for instance which is 101, can be located. In this way, a reader
can easily select a particular tag through the leave nodes to the individual tag of
interest.
18
2.4
Communication Layers of RFID Technology
RFID communication comprises of four distinct layers; physical layer, the
network and transport layer (also referred to as communication layer), the application
layer, and the strategic layer. A typical schematic of the RFID layers is shown in
Figure 2. 8
Figure 2. 8: RFID Technology Communication Layer (Mitrokotsa et, al. , 2010)
The structural content of each layer is illustrated in Figure 2. 8. It also shows
that the physical layer forms the bedrock on which RFID system is structured. This
thesis is centered on enhancing authentication at the physical layer thus establishing
the first line of defense at the physical layer.
2.4.1
The Physical Layer
The physical layer comprises the RFID device (RFID tag and reader) and the
radio frequency interface.
RFID tags are considerably small in size, and they
communicate through the air interface with the reader. Thus characterized by poor
physical layer security and hence, low restiveness towards physical manipulation.
These attacks could aim at permanent disabling of tag, tag removal, antenna
19
disruption, tag destruction, unauthorized killing of tag, unauthorized use of tag,
unauthorized reading of tag, passive interference, active jamming and relay attacks;
are associated with the physical layer (Mitrokotsa et. al. , 2010). One major concern
at this layer is the ability to distinguish an authentic user from a malicious one;
Authentication.
2.4.2
The Network-Transport Layer
Network-Transport layer describes the communication procedure and
protocol of the RFID technology. The communication process of the RFID is a twoway channeling system (from the reader to the tag and the tag to the reader). Attacks
on this layer could be at the tag end, the reader end or the network of
communication. Such attack includes but not limited to; tag cloning, relay, spoofing,
skimming, eavesdropping and network protocol violation.
2.4.3
The Application Layer
RFID Application layer contains the information inside the tag and the
method of communication and operation. Attacks at this layer are, but not limited to;
unauthorized tag reading, tag data modification, virus/malicious code injection, and
middleware attack.
20
2.4.4
The Strategic Layer
This layer includes the organization lay-out of the design of infrastructures
and application (Mitrokotsa eet. al. , 2010). Attacks in this layer include social
engineering, corporate espionage, privacy, and targeted security breach.
2.5
RFID Application
The influence of RFID technology in applications has grown such that it is
integrated into our every-day life. Figure 2. 9 depicts examples of areas of RFID
application that pertain to our day-to-day business activities, domestic utilization,
and even health care deliveries.
Contactless
payment
system
Logistics
Management
Container
identificartion
contactless
smart cards
substitute
for bar
code
Electronic
Article
Surveilance
System
RFID
TECHNOLOGY
APPLICATION
Tracking
Human and
pet
identification
E-passport and
Document
identification
Anticounterfeiting
Figure 2.9: Applicability of RFID Technology
21
RFID technology is seen as a possible substitute for the traditional bar-code
used in various retailing, domestic, industrial, and educational outlets as pointed out
in Figure 2. 9. Common applications of RFID include E-passport, Electronic Article
Surveillance (EAS) system; contactless smart cards, payment and tolling system,
industrial automation, container identity (e. g. supply chain, wholesale and retail
inventory and material management), asset tracking, automobile ignition system,
ticketing, access control, human and livestock tagging, Library management system,
anti-counterfeiting system e. t. c.
2.5.1
Contactless Payment System
This is the process of paying or transacting using a cashless medium. The
Exxon-Mobil speed pass employs RFID to speed customer through fuel purchase
(Thornton et. al. , 2006). A passive RFID tag is mounted on the vehicle or attached
to the key chain of the consumers which is activated by a reader attached to the pump
of the fueling station. The reader hand-shakes with the tag and reads the encrypted
number. This number is then sent through the linking cable between the reader and
the pump to a satellite receiver of the gas station. This is then sent to a datacenter
where the authorization, verification and accounting are done.
The E-Z pass toll system is similar to the speed pass. When a car enters the
toll zone, the car-mounted tag is activated by the reader antenna in the zone. An
encoded number is then communicated back to the reader which is further
transmitted through a secured channel to a back end database and control system.
22
2.5.2
Electronic Article Surveillance (EAS) System.
One problem in the retail industry is dealing with product leaving the store
without proper payment, be it intentional or not (Rieback at. al. , 2005). The idea
behind the EAS system is the AES system is to limit shop-lifting through the
adoption of RFID system. Passive RFID tag is integrated into items, upon purchase,
the tag is either deactivated or notification is made for verification. This is achieved
with the aid of the reader setting up an interrogation zone. When any item carrying a
tag passes the door/entrance/exit, an alarm or surveillance system is activated. This
is then deactivated upon purchase (Haver, 2006), (Juels, 2006), and (Mickle, et. al. ,
2007).
2.5.3
Container Identification and Tracking
The adoption of RFID system in container identification in industries as an
appropriate monitoring system can improve the industry operation efficiency as well
operational cost (Chiu, 2009). For container shipping application, a typical RFID
device is operated in an ultrahigh frequency or microwave range (e. g. 900MHz or 2.
45GHz in the U. S. A. or 5. 8GHz in Europe). RFID recognition system in container
is applied by mounting the tag on the container/item/pallet, through hanged
read/write or write/read equipment installed in the forklift or handset or a handset
read write equipment to recognize the dynamic information on the tag.
The
information read can be transmitted to a monitor system or control database.
RFID can handle the information management about cargo flow effectively.
Read/write equipment is set on the door of the warehouse. Every cargo unit has
embedded RFID tag and all the information each tag is stored on a central control
computer of the warehouse.
The read/write equipment detects and reports
23
information about every cargo and automobile working and which cargo is
transported (Shi Yong-Dong, 2009).
Through effective transport and inventory
tracking, retailer can improve inventory and timely replacement. Transponders can
monitor commodities and report for validity period, expiration date, and quality
deterioration.
Wal-Mart is making full use of RFID technology gradually
eliminating the use of bar-code to further enhance the efficiency of retail chain
(Haver, 2006).
2.5.4
E-Passport and Document Identification
The report from the 9/11 commission stated that (Kean et.
al. , 2002),
travelling documents are considered as important as to a terrorist as do a weapon.
Documents with RFID chips and a secure network environment to exchange data are
“deemed more secure and less prone to counterfeiting” than conventional nonelectronics document (Monica and Greis, 2009). The data-page of machine-readable
passport is embedded with 44 characters bearing the name of the holder, country and
passport number. The integration of RFID into machine readable document (MRD)
therefore balances the need for electronic data storage with automated document
control (Monica and Greis, 2009). The e-passport contains a contactless RFID chip
and an aerial embedded on one of its pages (Meingastet. al. , 2007) and its cover has
a built-in metallic shield/Faraday cage to prevent unauthorized reading of the tag
inside the passport.
The chip contains an operating system (OS), application
program and a set of data grouping conforming to the international civil aviation
organization (ICAO) logical data structure (Haver, 2006).
Since 1998, Malaysian passport have included a chip containing image of a
thumbprint of the passport holder. In 2003, e-passport contains extracted fingerprint
information only (Juels et. al. , 2005). ICAO standard specifies face recognition as
globally interoperable biometric identification verification for travelling document.
24
Thus, e-passport contains digitized photographic image of the bearer. When flying
through Kuala Lumpur airport, a Malaysian citizen passes through an automated gate
that reads the thumbprint from the chip and compares it to the thumbprint on the
scanner. Over 5,125,000 e-passports are in circulation with RFID tag embedded in
circulation (Juels et. al. , 2005). The decision to implement e-passport in the U. S
affects all member of the U. S visa waiver program. An analogous passport system
utilizing RFID with fingerprint integrated as a biometric data is also implemented in
the European Union (Haver, 2006). By the year 2017, all passports used in the U. S
borders will be electronics (Vollmer, 2006).
2.5.5
ChampionChip and Tag Implantation
The championChip is a device laced to the shoe of an athlete’s when running
in a race such as marathon. This device consists of passive transponder that can only
be read at a short distance (Vollmer, 2006). Electronic product code generation2
RFID tag built into the tires side walls enable race organization to which tire a team
uses during a race and allow the manufacturer, Dunlop, to track its own tires through
supply chain (Swedberg, 2009). RFID reader is stationed at the start and the finished
line to record the time of each tag across the finished line. This eliminates the need
for manual physical record and hence, enhances race time record accuracy
(Swedberg, 2009).
Similarly, RFID application in health care could reduce the number of error
recorded in tagging medical objects, increase the efficiency and effectiveness of
paramedical staffs (AHSAN, et. al. , 2010). In addition, the propensity of data
sharing and confidentiality in the medical field can be greatly improved with the
integration of RFID technology.
25
In view of the above, “Mu-chip” (the smallest passive transponder about 0.
4mm) can be embedded into a paper sheets to track document which can only be
read at a range of a few centimeters due to the size of the antenna. Another smaller
size of RFID tag is the Veri-chip. It is about the size of a grain of rice and it is often
implanted into human being, pets, as well as live stocks (Vollmer, 2006).
Implantation chips can also work in identifying wandering Alzheimer’s patients who
got out without identity or cognizance of their location and destination. On October
14, 2004 (Simson and Holtzman, 2005), an article titled “identity chip planted under
skin approved for use in health care” was on the New York Times and much other
publication. Veri-chip was cloned in less than ten minutes by a Canadian hardware
developer for the purpose of an article in Wired magazine (Organization, 2008).
According to Monahan and Fisher, (2010) 900 hospitals have agreed to participate in
the Veri-Med system, and about 600 people have received implant while the
company has begun direct-to-customer campaign in targeted market such as South
Florida (Kerr, 2007).
Implantation of RFID chips into human being, pets and livestocks, is yet to
gain wider adoption in places like Africa, but with the gradual shift in technological
paradigm, RFID technology may receive wider acceptance with implantation being a
major part due to the level of crime and the urgency in medical data security.
2.5.6
Substitute For Bar-Code
Bar-code has been the common technology for identification in retail outlets
since the 1970s (Thornton et. al. , 2006). Its effectiveness in price at the point of
sale (POS) in commercial centers has generally led to its adoption. RFID technology
on the other hand is seen as a substitute for bar-code due to its relative flexibility,
contactlessness, relatively large distance of operation (not necessarily line of sight),
event tracking ability (even through an errant bag), and mobile-scan-ability; as fast as
26
30mph (Thornton et. al. , 2006). Bar-code uses the Universal Product Code (UPC),
which defines 5digits for both manufacturers and item resulting to a limit of 100,000
items. This allows for 10,000,000,000 products. UPC does not also allow serial
number to be encoded into the bar-code. RFID technology adopts the electronic
product code (EPC), an EPCglobal organization identifier (GID-96) format. The
GID-96 has 96bits (12bytes) of data. This is categorized into four separate fields:
28bits General Manager Number that identifies the company or organization, 24-bits
object class that breaks down products into group, 36-bits serial number that is
unique to an individual object, and an 8-bits header that is used to guarantee the
uniqueness of EPCTM code. “This totally allow for 30,939,155,745,879,204, 468,
201, 375 unique items” (Klaus Finkenzeller, 2010).
As a substitute for bar code therefore, an RFID technology tends to provide
substantially more information such as expiration date e. t. c (Haver, 2006). The
relative cost of RFID tag have prevented the expected immediate substitute for barcode, though companies like Wal-Mart is encouraging their major suppliers to
integrate RFID into their supply chain. Owing to this, the forecasted substitution of
the RFID technology in the retail world is promising.
2.5.7
Contactless Smart Card
The traditional contact-based Card relies on the communication of electrical
contact linking the reader to the circuitry on the Card. RFID technology on the other
hand establishes communication wirelessly using radio frequency between the reader
and the tag. Since no physical contact is required for communication, hence the
name contactless Card. This area of RFID application has gained wider adoption in
physical access control system, and cashless payment processes. Example of such
includes toll payment, e-passport, building access control, and so on. In 1994 and
1995, around 1million of contactless smart Cards were produced per year for public
transport application, the volume rose to 4million per year in 1996 and 1997 (Klaus
27
Finkenzeller, 2010). In building access control, RFID tag can simply be called a key
for access (LIANG, 2010). This can be seen in proximity and vicinity Cards.
2.5.8
Banknotes
In a bid to combat criminal challenges in the banking system, “the European
Central Bank (ECB) has proposed to embed small, radio frequency emitting
identification (RFID) tag in Euro banknotes by 2005 as a tracking mechanism for law
enforcement agencies” (Juelsand Pappu, 2006). as well as internal security measures
against counterfeiting. “The ECB opted to issue banknotes up to the relatively high
denominations of 200 and 500 Euro (Juels and Pappu, 2006).
2.5.9
Libraries
The widespread of RFID technology have also infiltrated the library cataloging
and book searching process. “The technology promises to relieve repetition strain
injury, speed patron self checkout, and make possible comprehensive inventory”
(Molnar and Wagner, 2004) and it has seen a considerably wide adoption in Library
systems. Among these libraries includes “Santa Clara City Library, and the Eugene,
Oregon public library have already tagged every book, tape, CD, or other item in
their collections” (Molnar and Wagner, 2004).
28
2.6
Challenges In RFID Technology
The major challenges facing all wireless technology also applies to RFID.
Unique to RFID technology are threats such as tag cloning, tag size, e. tc which is
due to the inherent vulnerabilities of an RFID system in addition to its privacy
concerns. This thesis focuses on the challenges facing the physical layer of the RFID
technology. Figure 2. 10 shows a typical attack on the physical layer.
Figure 2.10: A Typical Physical-Layer Security Breach in RFID System
(Soon and Tieyan, 2008)
From the Figure 2.10 above, the attack on the physical layer can be
categorized into two; attack to compromise system security, and attack to prevent the
tag from being detectable. Attack at the gathering phase such as skimming, active
eavesdropping; can be described as the primary stage of system security
compromise.
29
2.6.1 RFID Tag Cloning Attack
Cloning or counterfeiting of tag is simply forging the data illicitly gathered
from an authentic tag into another tag usually a blank tag. Cloning of tag is one of
the possible end products of skimming attack. Since a RFID technology assumes
any tag with the ‘right’ information is authentic, a cloned tag can therefore act as an
authentic one, since validity of EPC is at face value (Juels et. al. , 2005). In a bid to
reduce cost and size of RFID tag, most of the commercial RFID tag lack security
protocol. This leaves the tag vulnerable to cloning and data tampering (Mohan,
2008). Cloning a tag is a process, and it can be achieved through scanning of tag or
gaining access to appropriate tag database.
If the unique identifiers in a
manufacturers EPC are static (for example if they are sequential), an attacker can
simply device a guess work to fabricate another tag base on the extracted information
of the authentic tag (Juels et. al. , 2005). This is made possible if the tag have
multiple write capacity and no cryptographic security measure (thus, no logical-layer
resistance) to cloning.
Although RFID tag may not contain strong encryption, it offers a simple
symmetric-key cryptography which can go a long way in resisting tag cloning (Juels,
2006). EPC tag include PIN-based protection both on tag disablement (killing),
which can be re-designed to serve as a tamper-proof (such as trusted platform
module) to solve cloning problem. There are various anti-tag cloning protocols
proposed and which tend to effectively prevent cloning attack.
2.6.2
Physical Attack.
Like every other integrated circuit, RFID technology is exposed to physical
attack. A close look at the architecture from the attacker perspective will reveal the
30
delicate location of the antenna and even the RFID tag itself. Depending on the
intention of the attacker, physical attack could range from trying to explore
manufacturer product, to complete destruction of tag.
For instance, placing a tag
inside in microwave oven is a direct way of frying a tag while a simple EMP practice
could damage the internal circuitry and even the tag as well. Combating physical
attack is a rather big challenge as it falls within the tag safety which is a general
concern with technology. Tag tamper proof or shielding can serve as a measure
against some types of physical attack.
2.6.3
Skimming Attack
Skimming means surreptitious reading of tags. If a tag lacks proper security
measures, it will respond to any reader even unauthorized ones. By design of RFID,
transponders are remotely readable.
This opens up RFID to skimming attack.
Skimming attack is done by reading the data of the tag without the authorization of
the tag holder. This attack exploits the promiscuity of an RFID tag. An RFID tag
does not have the intelligence to decide when to function or not, and so, it
continually transmit beacons to any reader available to it. A malicious reader can
then disguise as a genuine reader with the ‘authorized’ identity, to harness data from
the tag. Skimming attack is a major tool for exploiting vulnerabilities in RFID
technology (Meingast et. al. , 2007). Skimming attacks are feared as they may be
part of an RFID bomb (Haver, 2006). Bombers may use this attack to scan for a
particular RFID tag in a targeted vicinity of radius coverage before detonating an
explosive. Skimming attack can be prevented using shared secret (Haver, 2006);
demanding a reader to authenticate itself to a tag before divulging any information
out to the reader.
31
2.6.4
Spoofing Attack
Adversary may be able to create ‘authentic tag by writing ‘correct’ data to a
blank or rewritable RFID tag (Haver, 2006). The attacker masquerades as a reader
and sends a query. It then obtains response from the tag. When the legitimate reader
queries the tag, the attacker will send the obtained response to the reader.
Researchers from the John Hopkins University in collaboration with the RSA
laboratories (Thornton et. al. , 2006) succeeded in unlocking a vehicle immobilizer
system by using reverse engineering of the algorithm, brute-force the key for a tag
and then simulate its software.
The ingenuity of this method is that you are
simulating the exact mechanism of black box. The proposed algorithm (Wang,
2008) can prevent spoofing attack by the authenticating factor NR1¶R, where NR is
the legitimate reader and N’R is the masquerading reader query. This satisfies the
condition of a secured system: system should be secured if everything except the key
is known. Spoofing attack can best be totally prevented using a cryptographic
protocol with sufficiently long randomly generated keys.
2.6.5
Relay Attack
This attack can also be referred to as a Man-in-the-middle (MITM) attack. It
is a technical way of fooling RFID tag and reader, as though they are communicating
with each other. The attacker devices two units; a malicious reader which is called a
Mole and a malicious tag called Proxy and both are connected via a communication
link. The mole is set to interface with the authentic tag while the proxy interfaces
with the reader. The Mole initiates communication with the tag, and then sends the
response to the proxy. The proxy then forwards the response to the authentic reader.
The fooled authentic reader sends back its response to proxy, which forwards it to the
authentic tag through the Mole. The relaying process continues until the desired
output is achieved while illicit information is gathered for malicious use. Hancke,
32
(2006) implemented a practical relay attack against a contactless smart Card using a
self built hardware.
Relay attacks can be performed without the knowledge of the Card holder
and even the reader, this makes it more difficult to detect. In addition to its difficulty
in detection, the proxy and the mole may not follow any standardized protocol of
design. Basic security premises for RFID such; as tag read by any reader is genuine
(Haver, 2006), and the read range of tag for most application is limited (physical
proximity between reader and tag), failed a MITM attack (Peris-Lopez et. al. ,
2010). Simple counter measure to relay attack includes push button, removable
Faraday cage, signal strength of communication, “crypt-analyzing distance-bound
protocol” (Peris-Lopez et.
al. , 2010), and single-bit challenge and single-bit
response distance-bound protocol can be a preventive measure against relay attack.
Some attack adopts complete reader/tag customized hardware system which
may not be standardized thereby possessing the ability to operate beyond specified
frequency. Such can be fabricated to attack application even at a longer range.
Israeli Electronic voting system was intercepted using similar mechanism (Oren and
Wool, 2010).
In same manner, an RFID enabled contactless smart Card was
demonstrated (Mohan, 2008). In this case, relay attack was carried out during the
communication between authorized tag and reader.
Hancke and Kuhn (2005) while describing a possible counter measure against
relay attack argued that the time introduced by the relay system can be a detective
point of an attack. They concluded on the basis that measurement can be done by a
verifier with respect to time sensitivity. Another approach to relay attack is the use
of two-factor authentication architecture (Haver, 2006).
33
2.6.6
Denial of Service (DOS) Attack
A denial of service in RFID service could be described as operating
frequency jamming attack which could be technical or systematic or both; all entails
compromise of availability of resources. A technical DOS could be sending multiple
requests to a reader in order to drain its power. It could also mean, jamming the
operating frequency of communication between the reader and the tag. This type of
attack is aimed at preventing communication between the tag and the reader. The
systematic DOS could be in the form of physical denial of access by damaging or
tampering with the process of communication which could be through the removal of
power supply from the reader, or tampering with the tag itself. Viruses could be
another form of denial of service in physical access control.
RFID being a radio
frequency channel of communication is the vulnerability being exploited. The goal
of this attack is to prevent availability of service of the system. A DOS attack an
also be performed by replying to every request during the singulation process like a
full blocker tag. By doing this, the reader detects a collision and is unable to
singulate a tag (Haver, 2006). Tag destruction is another way of performing a DOS
attack, since a dead tag tell no tale.
Zhou and Huang (2007) suggested two types of DOS attack. They include;
x
Denial of reading: prevent authorized user from reading an RFID tag
x
Denial of authentication: prevent reader from authenticating user/tag
7RQDQG6DßVD(2008), described how HMNB protocol can be used to prevent
desynchronization attack.
This is accomplished through mutual authentication
between the transponder and the reader, which keeps the transponder untraceable.
Chien (2007) proposed an authentication protocol to combat de-synchronization
attack.
The integration of trusted platform module could be used to protect a
physical DOS on reader and or tag.
34
2.6.7
Clandestine Tracking/Inventorying
The word clandestine is used to describe a secret or illicit acquisition of
information usually for the purpose of subversion or deception. In the case of RFID
technology, such an act can be carried out without the necessity of a line-of-sight
inconveniency. This is one of the major privacy concern (Rao, 2007) in RFID
technology.
The EPC network identifies good uniquely but does not provide
explicit protection of good in transit which is being clandestinely tracked (Vartak et.
al. , 2007).
Table 2. 1: Summary of Attacks on RFID Layer
RFID-
Physical
layers
Network-
Application
Strategic
transport
Attack
Physical
Cloning
×
×
Spoofing
×
×
Skimming
×
×
Eavesdropping
×
of ×
×
Denial
Service
Relay
Clandestine
tracking
×
35
Table 2. 1 gives a detailed summary of attacks on the four layers of the RFID
technology. Most of the attacks on RFID system apply two or three of the RFID
system layers, as pointed out in the table. However, attack such as denial of Service
and physical attacks are affects all the layers of RFID system.
2.7
Counter Measures Against Challenges
In this section, detailed discussion on various proposed mitigation measures
against the challenges in the RFID system is given.
2.7.1
RFID Guardian
RFID guardian was proposed by Melanie R. Reiback, Bruno Crispo, and
Andrew S Tunenbaum (Rieback et. al. , 2005). The Guardian addressed issues such
as denial of service, and privacy concerns while still enhancing the prevention of
RFID ubiquity vulnerability exploitation. It is a portable battery powered device that
mediates interaction through selective frequency jamming and spoofing between
RFID reader and a transponder (Wang, 2008) capable of two way communication
(Rieback et. al. , 2005). It is carried by a user and performs all security functions
necessary for secure communication between reader and transponder. It establishes a
privacy zone around the user in which only authenticated readers are allowed access,
by acting like a reader, querying tag and decoding tag response. An RFID guardian
integrates auditing, key management, access control and authentication, some of
which were in new security properties of RFID (Rieback et. al. , 2005). Its main
advantage as compared to other security measures for a transponder is its flexibility
(Haver, 2006). User can influence the security level via guardian user interaction.
36
However, one main disadvantage accrued to RFID guardian is range. Since it
is expected to guard all tag in the user vicinity, its range should be between 1-2m.
This is a violation of ISO 14443 reader range specification of 10cm. Also, the
guardian itself represents a single point of failure; if the guardian fails or
compromises, the user is unprotected and it can also be easily lost or even forgotten
(Haver, 2006). Integrating RFID guardian into a PDA (for instance) could reduce
this weakness but not prevent it. Being a battery powered device, an attack could
target draining of its power by flooding the communication zone with series of
irrelevant communications.
Furthermore, it does not guarantee an unauthorized
reader from knowing the existence of the tag.
2.7.2
RFID Blocker Tag
This was proposed by Juels, Rivest, and Szydlo (Juels et. al. , 2003). It
simulates the full sets of 2k possible RFID-tag serial number. It has the ability to
block the RFID tree-walking singulation algorithm protocol used by the reader to
select a particular tag. It does not involve in any active form of jamming rather, by
participating in the tag-reading process in a super compliant way to perform passive
jamming (Juels et. al. , 2003). The blocker tag simulates the full spectrum of the
possible serial number of the tag thereby obscuring the serial number of other tags.
Blocker tag may be used to establish a save zone around a tag, preventing tag from
being read. In order to make blocker tag more flexible, it is possible to implement a
form of selective blocking (Haver, 2006). Hence a blocker tag helps to protect the
privacy of the user from a malicious hidden reader.
The principal point of weakness of the blocker tag is the lack of flexibility
(Haver, 2006).
Reliance on a blocker tag in a sparsely populated tag and reader
environment does not prevent tracking of the tag and even active jamming. Blocker
37
tag therefore can be said to provide a temporary solution to privacy concerns and
lesser or no security solution to RFID tag in the RFID system.
2.7.3
Labeling
Labeling a tag or content containing RFID tag is one way of informing a user
of the presence of the RFID tag. This is a major awareness ground upon which the
privacy of RFID system is elucidated. This makes it possible for users to make
further steps to protect, prevent and or avoid if necessary its usage. It was accepted
as a basic means of privacy protection and also, labeling is also stated as part of the
RFID bill of right (Haver, 2006).
While it informs the authentic user of its presence, it also announces itself to
a malicious user. Hence it complicates issues for security unravelment. Although, it
works for privacy concerns but aids the exploitation of the vulnerability of the
system by an attacker.
2.7.4
Kill Command
Some RFID tag has built-in kill command (Haver, 2006). Auto-ID center and
EPC global created a kill-command specification for permanent tag inoperability
(Mitrokotsa et. al. , 2010), some of which requires 32-bit password; a Class-1Gen-2
EPC standard tag for instance. It implies that a tag can be destroyed or killed by
sending a special kill-command and including the right coded password.
The
inclusion of the password is to prevent unauthorized killing (Haver, 2006) as well as
enforcing user confidentiality (Kolias et al. , 2009). It also exposes the tag to
unauthorized killing by a malicious adversary.
38
2.7.5
RFID Zapper
This is another method of enhancing the privacy in RFID technology. An
RFID zapper practically creates an electromagnetic impulse (EMP) within the
boundary of its influence (MiniMe, 2006). They (MiniMe, 2006) demonstrated
through the use of a set-up EMP from a low cost disposable camera. Zapper can
destroy the tag without necessarily altering the product carrying the tag (Haver,
2006) as against a microwave oven. Another quick reference to zapper is that it is
portable, hence can enable destruction of tag at the point of purchase of goods.
2.7.6
RFID Clipped Tag
Destroying or killing of tag provides solution to privacy concerns in RFID
since a dead tag tells no tale. This will be could be efficient when combined with
labeling. It however eliminates the possibilities of post point of purchase or sale
service, as well as recycling/ re-use which is one of the dynamics of RFID
technology. To support such post point of sale service, RFID clipped tag was
proposed by Paul A. Moskowitz, Andris Lauris, and Stephen S. Morris (Moskowitz
et. al. , 2007). The clipped tag can be said to be was designed for privacy protection
at the user-end. The concept is based on the principle of making the antenna of the
tag removable/detachable. This will psychologically create a privacy protection as
well eliminate possibilities of distance reading but logically, the tag is still active.
This approach provides privacy protection but limits the utility of the tag (Haver,
2006). Hence it worked efficiently for privacy concerns and still provides room for
post point of sale negotiation it does not provide any security guide or measure.
39
2.7.7
Faraday Cage
Faraday cage is an enclosure designed to exclude electromagnetic field (Wu
and Alamo, 2004). The concept is based on the fact that some material does not
allow radio frequency to pass through them by blocking the signal of absorbing it.
Thus keeping an RFID tag within such enclosure will prevent the tag from being read
(LIANG, 2010). This is also another method of temporarily disabling the tag which
is practicable for Cards used in access control system (for instance, a wallet with
lined metal foil can prevent tag inside it from being read), and contactless Cards in
general.
This method does not ensure the identification of authorized user but prevent
unauthorized tag reading. It could work more efficiently for privacy concerns when
combined with labeling.
2.7.8
Authentication Protocols
Various authentication protocols were proposed to combat skimming attack.
Wang Shang-Ping (2011), proposed an authentication protocol on new HMAC-based
protocol as advancement on the ones proposed by Gao et al. (Gao et. al. , 2008),
Chen et al. (CHEN et. al. , 2006), and Y. C. Lee et al. (Y.-C. Lee, 2009). The new
Hash-based Message Authentication Code (HMAC-BASED) protocol in which H
was assumed to be a one-way hash function (Shang-Ping, 2011) could also be used to
prevent skimming attack. BurrowAbadiNeedham89 (BAN) (Annette, 2007) logic
was adopted for this new HMAC-based protocol shown in Figure 2. 11.
40
Figure 2. 11: New HMAC-Based Protocol (Shang-Ping, 2011)
Challenge stage: as shown in Figure 2. 11, the RFID reader generates a
random Nonce NR, which is sent as query to all tags. Response could be no-tag, onetag or multiple-tag. “Binary search algorithm” (Wang, 2008) is used to select a tag
to communicate with the reader.
T-R Response: the chosen tag generates a random nonce NT and then
compute =HID( O, NT, NR), where ID is the identifier of the tag. Tag sends NT and
to reader.
R-B response: after the reader receives NT and from the tag, it then performs
filtering operation. Other forms of authentication include the two-way handshake
protocol, Ff-Family of protocols by Erik- Oliver et al. e. t. c.
RFID distance bounding protocol proposed by Gerhard P.
Hancke, and
Markus G. Kuhn (Hancke and Kuhn, 2005) can be effective in the defense against
relay attack. According Hancke and Kuhn (2005), relay attack introduces some
delay in the transmission which conventional cryptographic measure employed in
RFID system at the application layer due to much synchronization, and other
mechanism for error-handling, anti-collision, e. t. c. cannot detect. They proposed a
distance-bounding or secure-position protocol integrated into the physical layer of
the communication protocol which can detect relay attack through high resolution
41
timing information on bit arrival. All the available authentication measures are
logical leaving physical authentication vulnerable to attacks.
2.7.9
Anti-Counterfeiting Technology
The unique identifier of RFID systems is susceptible to forgery/cloning attack.
This attack can be mitigated via challenge response authentication protocol
(Mitrokotsa et. al. , 2010). Engineering Researchers at the University of Arkansas
developed an anti-counterfeiting method against RFID tag (Thompson, 2009). In their
research, they discovered that each tag has a minimum power response at multiple
frequencies, constituting its unique physical characteristics.
M.
Babaie, and H
Rahimov (M. Babaie, 2010) proposed a chaos theory for detecting cloned tag. Juels
(2005) demonstrated a resistive technique against cloning of RFID tags through
challenge response authentication.
2.7.10 Physical-Layer Identification Technique
The physical layer communication of the RFID system is the first layer of
communication as depicted in Figure 2. 1 and it stands as the gateway for RFID
technology as well as the first point of call for security defenses and privacy
regulation. Brik et. al. , (2008) designed, implemented, and evaluated a technique
called PARADIS, to identify the source network interface Card of an 802. 11 frame
by analyzing the physical layer of the passive radio-frequency analysis.
Radiometric identification (radio frequency fingerprinting) was the technique
adopted by them for wireless device identification. Experimental result for physical
identification by PARADIS was 99% accurate. Davide et al. (2010) also adopted
42
same principle in their experiment on RFID passive UHF tag identification but
utilizes time domain features and spectral principal component analysis (PCA) for
extraction and matching of the fingerprinting respectively. Using similar principle,
(Danev et. al. , 2009) experimented on physical-layer identification of RFID passive
tags but on HF tags. Results from their experiments showed that RFID cloning
challenge can be solved.
2.7.11 Fingerprint Biometric Authentication On Smart Card
The unique nature of human fingerprint in identification, have gained wide
adoption in authentication procedure. Yahaya et al. , (2009) modeled a framework
for such an authentication procedure, on a smart Card.
In their framework, as
depicted in Figure 2. 12, a fingerprint sensor was used in capturing the fingerprint.
They reduced the captured image into minutiae points, after which, and it was stored
as a template in the Card through a Card reader. The authenticating process involved
a match-on-Card (MOC), through a system-on-Card (SOC).
43
Figure 2. 12 Authenntication and Identification Framework (Yahaaya et. al. , 2009)
As shown in Figure
F
2. 12, the fingerprint sensor serves as the input image for
processing, extractionn and matching. Similarly, Chao Li, and Jin Qi (2010) proposed
two-factor authenticaation system based on combined fingerpriint recognition and
smart RF Card verrification.
From their experiment, they cconcluded that the
optimization does not
n reduce the data precision, and also, “that fingerprint
recognition algorithm
m has good performance on hardware system.
2.7.12 Controllable Tag
Marquardt et al. , (2010) proposed a tag which can be conntrolled by the user.
In their experiment, various designs were sampled. In one saample, the tag was
44
equipped with indicaator (both acoustic and visual effect) to inddicate tag in-use of
otherwise. In order to
t control the activity of the tag, they integratted a switch system
which can be manuaally activated. Additionally, they designedd tag that operates
based on orientation,, daylight and darkness, and proximity depenndant. Example of
their samples is show
wn in Figure 2. 13.
Figure 2. 13: Samplles of Controllable and Visible Tags. (Marquuardt et al. , 2010)
With referencce to Figure 2. 13, four different types of coontrollable tags are
shown. Portion labelled ‘1’ illustrates how a tag can be manuallyy controlled using a
physically switch. In
I addition, an indicator is attached to deteect when the tag is
active. Label ‘2’ is siimilar to ‘1’ but utilizes a manual push buttonn for tag activation.
Similarly, label ‘3’ uses
u
a pressure switch and an indicator.
L
Label ‘4’ utilizes a
finger touch-sensitive contact metal surface for the activation of tag. In similar
manner, Yum et al. , (2010) investigated the integration of a smart Card, and
electrical switch to enhance
e
high level of security and privacy pprotection measure.
Their design, paralleel plate conductors was used to decide the sstate of the switch,
controlled with humaan finger.
This propositiions, provides enhancment for privacy as weell as security in the
RFID technology.
The process of controlling stands as a reaal measure for the
45
enhacing the physical layer of the RFID technology. However, it does not satisfy the
condtion in which a tag can authenticate a user on any bases.
Eavesdropping
Cloning
Relay
Physical-layer
Privacy
Clandestine
×
×
×
×
RFID Zapper
×
×
×
Blocker tag
×
×
×
×
×
Clipper tag
×
×
×
×
Labeling
×
×
×
×
×
×
×
×
×
Faraday cage
×
×
×
Kill command
×
Anti-counterfeiting
×
×
×
×
Authentication
×
×
×
×
×
×
×
×
×
×
×
RFID virus
Skimming
RFID Guardian
Attack
tracking
Mitigation
Spoofing
Authentication
Denial Of Service
Table 2. 2: Mitigation Against Attack on the Physical Layer
protocols
Physical-layer
identification
technique
Biometric
×
×
×
×
×
×
×
×
×
×
×
×
authentication
Controllable tag
From Table 2. 2, physical attacks such as unauthorized use of Card,
unauthorized Card reading (attacks at the physical layer communication); seem to
attract less of preventive/protective measure, while adversaries are exploiting these
vulnerabilities. However in (Zanetti et. al. , 2010), these kinds of attack on physicallayer was extensively studied and solution, was proposed based on experimental
46
validation. While it provides considerably reasonable protection (accuracy of 99%
from the experiment) for the unauthorized user attack, it does not provide protection
against other forms of attack on the physical layer and it also raised more privacy
concern by neglecting the fact, that the confidentiality of a compromised biometric
system is considered flawed for further security application.
If user’s privacy is a major challenge in the RFID technology, then, the
proposition from Zanetti et. al. , (2010) may face more criticism. The Faraday cage
in conjunction with labeling could be said to proffer solution for privacy concerns
but in (Sitli et. al. , 2009), it was pointed out that the privacy protection for the RFID
Card is only safe as long as the Card is within the cage. Similarly, the Faraday cage
can be used by a malicious-user to cause a denial of service attack as well as being
used as aiding equipment for RFID Card theft.
2.8
Physical Layer Security
Due to the mobility nature and size of RFID tag and the reader, building or
devising a security measure to effectively mitigate the rising challenges at the
physical layer, have not received much attention from researchers.
Few
countermeasures as shown in Table 2. 3 have however been in use in a different
perspective, which could be combined to mitigate most of these challenges.
47
Table 2. 3: Attacks and its Mitigation Targeted at the RFID Physical-Layer.
×
×
×
×
×
×
×
×
×
×
×
×
×
×
×
×
×
×
×
tracking
Identification
technique
(Zanetti
et. al. , 2010)
Faraday Cage (Wu
and Alamo, 2004)
Authentication
protocol
(Shang-Ping, 2011)
Clipped
Tag
(Moskowitz et. al. ,
2007)
Anti-counterfeiting
technology
(M. Babaie, 2010)
Labeling
ONLY create awareness for users
Biometric
×
×
×
×
×
×
×
×
×
×
authentication
Yahaya et.
al.
,(2009)
Controllable
Tag
Marquardt et. al. ,
(2010)
Authentication can be described as the process of verifying through
identification, a subject and confirming the subjects’ claimed identity. Users-end
countermeasure such as Faraday cage, blocking, and guarding of the tag does not
provide authentication at the physical layer since it lacks the ability to identify the
user.
Identification
layer
Unauthorized
Physical
Spoofing
×
Clandestine
Skimming
killing of Tag
Relay attack
×
Card use
Tag cloning
Physical-Layer
Unauthorized
Measure
Card reading
Proposed Counter-
Unauthorized
Authentication at Physical-Layer Vulnerabilities
48
From Table 2. 3, there is no preventive measure for unauthorized use of Card.
At the system-end, the physical-layer identification by Zanetti et al. , (2010) provides
authentication at the tag-reader end. They adopted the radiometry (identity of the tag
referred to as tag fingerprint) system which is used to describe the unique identity of
the tag. In addition, the authentication protocol proposed by Shang-Ping, (2010)
provide authentication at the system-end. On the other-hand, clipped tag proposed
by Moskowitz et. al. (2007), as a protective base upon which, skimming and
spoofing attack can be combated but it does not provide measure against
unauthorized removal of tag antenna, hence no authentication measure at physical
layer.
The Anti-counterfeiting technology proposed by M.
Babaie, and H.
Rahimov, (2010) provides mitigation base for preventing the exploitation of the
vulnerabilities in the physical-layer but it does not provide measures against
unauthorized of tag.
Authentication at the physical layer can be achieved with the combination of
the methodology of Zanetti et al. , (2010) and Moskowitz et al. , (2007). This
combination can ensure extended security mitigation service such as mitigation
against spoofing attack, skimming attack, clandestine tracking, unauthorized Card
reading, and practically shield possibility of relay attack. It will also function as a
firewall on the physical layer communication as well as ensure physical
authentication at the tag end of the layer.
2.9
Summary Of Various Mitigation And Their Respective Drawbacks
Concise details of the discussed existing mitigation measure as well as their
advantages are shown in Table 2. 4.
49
Table 2. 4: Effectiveness of Mitigation to RFID Challenges.
Proposed Mitigation
Mitigation
Advantage
Applicability
Drawbacks
Low cost,
Contactless Card,
No
Flexibility,
E-passport,
against
Portability
Portable-
Eavesdropping,
document
No
Against
RFID Guardian
(Melanie
Privacy, Tracking
R. Skimming,
Rieback, 2005)
Spoofing,
Unauthorized
reading
protection
Guarantee
Faraday Cage (Joyce Tracking,
H. Wu, 2004)
protection
Effective
Impractical
Skimming,
(Haver,
Unauthorized
Contactless
reading,
Cards,
Protection is only
2006), available
within
the cage.
portable
documents.
Blocker
Tag
(Ari Tracking,
Juels R. L., 2003, )
Effective
Can cause a DOS
Unauthorized
attack,
no
reading, skimming
protection
guarantee
Labeling
Privacy
Effective
for All
users
RFID Creates awareness
items/object
sensitization and
for
malicious
users also
awareness
Kill command
Privacy,
cloning Effective
All RFID tags
Prevents post POS
tracking,
service,
can
be
skimming,
used to cause a
spoofing
DOS service also.
Clipped Tag (Paul Privacy,
Effective, allows Retail outlets,
No prevention for
A.
POS service
Unauthorized use
Moskowitz, skimming,
2007)
tracking
Anti-counterfeiting
Cloning,
technology
Babaie, 2010)
(M. Eavesdropping
and clipping
Effective
All RFID tags
No
guarantee
against
unauthorized use,
and privacy
50
Skimming,
Authentication
protocols
and spoofing,
Randomization
tracking, viruses,
(Shang-Ping, 2011),
eavesdropping
Physical
–layer Skimming,
identification (Boris spoofing,
Effective,
low Not applicable to No prevention for
cost
some
types
tags
privacy,
and
cloning.
Reader-end
Contactless Card.
identification
No protection for
privacy
Danev, 2009)
and
eavesdropping
RFID Zapper
Skimming,
(MiniMe, 2006)
spoofing, privacy privacy
issue
Biometric
Unauthorized
authentication
Card use,
Effective
for Retail outlets,
For
Effective
for control
user
with
(2009)
authentication
database
Controllable
Tag Unauthorized tag Effective
Marquardt et.
al. , reading,
skimming,
No POS service,
concerns
Yahaya et. al. ,
(2010)
of Unauthorized use,
especially
access A
compromised
system fingerprint is no
backend longer valid.
Contactless Card, No authentication
for retail items
at physical layer,
easy to destroy,
privacy check
privacy,
Applicability as stated in Table 2. 4 refers to areas of application of the
proposed existing mitigation measure. The Faraday cage is not practically applicable
in the retail industry (Haver, 2006). Constructing a Faraday cage for a building,
housing RFID system could suffer setbacks due to cost effectiveness.
The clipped tag by operation, simply prevent unauthorized scan by limiting
the read range of the tag. thus provide protection for user privacy as shown in Table
2. 4, and by extension, clandestine tracking.
If such principle is coopted with
physical barrier, it will counter other attacks such as skimming, unauthorized tag
read and use (Zuo, 2010).
51
Similarly, the faraday shield proposed by Joyce H. Wu, (2004) protects
against privacy, unauthorized reading of tag, and clandestine tracking but also failed
to address issues such as cloning, relay, skimming and even unauthorized tag use.
Langheinrich, (2009) hinted
on the wide application of this measure (such as
pouches and wallet lined with alluminium foil).
Hover, (2006) explained that
Faraday cage at best can only be a partial solution.
Similar to the clipped tag, controllable tag proposed by Marquardt et. al.
,(2010) protects against unauthorized tag read and killing, privacy, and consequently,
skimming and clandestine tracking.
But however failed in protecting against
cloning, spoofing and unauthorized tag use. similar control is applied in mobile
phones (Juels, 2006).
In addition, RFID guardian proposed by Reiback, (2005) protects as well as
unauthorized reading of tag, skimming, and clandestine tracking. The fact that is it a
separate battery powered device raised questions such as; how does it “acquire and
release control and their associated PINs or keys” (Juels, 2006 ), what if the device is
stolen, forgotten or even tampered with (Hover, 2006). Additionally, it failed to
protect the tag against cloning and unauthorized use.
Hover, (2006) therefore
conclude that it will function more effectively if integrated into with other measures.
Furthermore, blocker tag proposed by Juels,(2003) provide protection against
privacy, unauthorized reading and killing of tag, skimmin and clandestine tracking.
It however does not protect against cloning, spoofing, unauthorized use of tag, and
relay attacks. While, it is cheap to manufacture, its operation is a funtion of its
orientation, hence a misalignment could prevent it from operation and by extension,
exposes the blocked tag (Langheinrich, 2009). Moreover, one major challenging
question which has remained unanswered in the above stated measur is their inability
to define ‘who is an authentic’ and what ‘authentication’ is authentic.
52
Physical-layer identification by Zanneti, (2010) as shown in Table 2. 4, was
developed to protect agianst cloning or counterfeiting attacks and by extension, relay
and spoofing attack.
This is similar to the “digital signing model by Texas
instrument and VeriSign Inc. ” (Juels, 2006 ). It does not provide protection against
privacy, clandestine tracking, and unauthorized use of tag.
Anti-counterfeiting technology proposed by Babaie, (2010), Tuyls and Batina
(2006) also provides protection against cloning, relay and skimming attacks but
failed to provide protection for privacy, unauthorized reading, use and killing of tag.
It also does not prevernt against copying of tag data (Jeng et. al. , 2009). Similarly,
Jeng et. al. , (2009) concured to the condition of the physically unclonable function
certificate-Identity-based identification (PUF-cert-IBI) by Tulys and Batina, (2006)
but expressed concern for improvement against excessive use of resources.
Moreover while this protocol address issues “ between the tag and reader radio
frequency communication in the air”, it failed to solve security related issues on tag
memory duplication (Jeng et. al. , 2009) .
Authentication protocol by Shang-Ping, (2011) addressed tag- reader and
reader-tag skimming attack but failed to protect side channel attacks such as relay
attack, timing attack and eavesdropping on communication. It can however function
effectively against these attacks if combined with other physical-protective, and anticounterfeiting measure. This is still hindered by the low computational power of
RFID tag (Langheinrich, 2009). The authentication system by Yahaya et al. , (2009)
using fingerprint biometric on smart Card as shown in Table 2. 4, provides
authentication for user at the Card-Reader end. However, it does so by Reader to
Card authentication, which does not totally depend on the intelligence of the Card.
Biometric system can be integrated with other forms of measure to ensure security of
the RFID system (Govindan et. al. , 2009 ).
In view of the above and the analysis shown in Table 2. 4, it can be said that
various proposed mitigation measure have not taken into consideration the
53
vulnerabilities posed by user-end authentication at the physical-layer of the RFID
technology. Consequentially, unauthorized use of tag has led to practical security
and privacy breach in the RFID system. Hence, this study aims to provide protection
against unauthorized use of RFID Card.
More so, it will also ensure privacy
protection, prevent unauthorized reading of tag. Practically, it can be considered as a
‘fire-wall’ for the physical-layer of the RFID technology.
2.10
Other Types of Mitigation Used For Physical Authentication
Physical authentication in information security broods over the old axiom of
“something you have, something you know, or something you are” (Crosbie, 2005).
For authentication diagnosis, a security system should incorporate at least two
(Haines, 2010). RFID Card falls within the category of “something you have”.
While secret codes such as passwords fall within the category of “something you
know”, biometrics on the other hand, falls within the category of “something you
are”.
There are various types of biometrics, but a few will be discussed in this
section.
2.10.1 Iris Pattern Recognition
Iris recognition was developed by John Daugman and it is considered as the
most accurate of all biometric authentication process (Prashanth et. al, 2009). The
visible portion of the human eyes consists of pupils, iris, lens, cornea and sclera. The
iris is located between the sclera and the pupil. The texture of the iris is unique but
complex (Crosbie, 2005). Its pattern comprises of unique features; arching ligament,
54
furrows, ridges, crypt, rings, corona, freckles and a zigzag collarette (Prashanth et. al,
2009)
Its pattern recognition/capturing are based on video camera technology,
similar to cam-coder. Using a proximity activator sensor, a subjects positioned at an
iris scanner unit can enroll, verify and authenticate their identity (Crosbie, 2005).
This identity can then be used as a token for authentication.
2.10.2 Body Odor Authentication
The human body constantly emits a unique volatile organic compound
(VOC), irrespective of the diet, and environmental presence (Gibbs, 2010) which can
be used to authenticate users. Certain body odor result such as recent activity, and
disease, for instance, can be used in event critical authentication (Gibbs, 2010).
2.10.3 Facial Recognition
Facial recognition is done by capturing the image of the human face in a
visible camera or infrared pattern of facial heat emission using wide assortment of
cameras (Vecca, 2007). Facial recognition is based on location and shapes of facial
attributes, such as the eyes, eyebrows, nose, lips and chin (Anil Jain,2000).
55
2.10.4 Fingerprint Pattern
The human finger possesses unique sets of series of ridges and furrows on the
surface of the finger, which is determined during the fetal period (Scheidat et. al,
2006).
Fingerprint pattern can be acquired through scanning of the finger.
Fingerprint scanning is the acquisition and recognition of the characteristics of the
fingerprint (Lee,and Bhattacharjee 2009).
2.10.5 Signature Pattern
Human hand writing pattern can be unique depending on the level of
consistency.
Signature pattern verification is the process used to recognized
individual handwriting (Anil Jain, 2000). The major feature for verification includes
speed, pressure, timing, shape, size, length, look and depth of the signature. They are
further classified into dynamic and static signature verification process (Anil Jain,
2000).
2.10.6 Hand Geometry
Hand geometry uses measurement of the hand including its shape, length,
overall bone structures, distance between the fingers curve, finger thickness, and
width of the finger (Vecca, 2007). Authentication method could span through the
five fingers and particularly, the thumb and the index (Anil Jain, 2000).
56
2.10.7 Retina Pattern
These are patterns formed by the veins beneath the retina surface of the
human eyes.
The scanning process involves placing the eyes to an intense
illumination (Vecca, 2007). This process, involves the capture, and analyses of
blood vessels on the nerves of the back of the eyeball through the penetration of light
to the pupil. For efficient result, a subject is required to stand at a predefined
position within visual field (Anil Jain, 2000).
2.10.8 Speech Pattern/ Voiceprint
The psychological and behavioral features of the human voice make them
unique (Anil Jain, 2000). The shape of the human tract is responsible for the
uniqueness in voice pattern. Voice recognition analyzes the pitch period, rhythm,
tone, spectral magnitude, frequency, and bandwidth (Vecca, 2007). Template of
voice analyses are referred to as voiceprint and can be verified using a particular
word, phrase, and or group of phrases (Saquib et. al, 2011).
2.11
Integrating Various Physical Authentication Mitigation on RFID Card
Although there are various physical authentication mitigation as discussed in
section 2. 10, however, not all of this authentication system can be integrated into
each other particularly the RFID Card. Table 2. 5 gives a detail analysis on the
various authentication mitigations.
57
Table 2. 5: Comparison of Various Authentication Mitigations Based on Integrative
Prop erty with RFID Card (Anil Jain L. H. , 2000), (Vecca, 2007),
Authentication
Circumvention
applicability
Ease of use
Voiceprint
High
Not feasible
High
Hand geometry
Low
Not feasible
High
Signature
Medium
Applicable but
Medium
Mitigation
time demanding
Iris
Low
Not feasible
Medium
Fingerprint
Medium
Applicable
High
Body odor
Medium
Not feasible
High
Retina
Low
Not feasible
Low
Face
Medium
Not feasible
Medium
From Table 2. 5, signature authentication and fingerprint are both applicable
for integration into RFID Card.
However, the signature authentication is rated
medium in term of ease of use. In practice, the signature authentication system
introduces a delay, and inconveniency, as it will require the authenticator to always
carry along a writing material each time access is required.
Fingerprint on the other hand, is rated applicable and also, high eases of use.
Practically, the fingerprint scanning process introduces mobility for the authenticator.
58
2.12 Summary
In this chapter, the underlying theory of RFID technology, application area,
known security and privacy concerns were presented. Various proposed mitigations
against these challenges were also presented alongside their limitations.
Authentication at the physical layer of RFID technology was further discussed with
focus on the existing mitigation mechanism.
59
CHAPTER 3
METHODOLOGY
3.1
Introduction
This chapter introduces and discussed the methodology that will be used to
achieve the research objective of this study. The organization of this chapter is as
follows: the operational framework of the study; literature review; study of three
mitigation measures; project methodology; summary.
In the project methodology, three mitigation measures were combined. The
project methodology was broken down into three phases. Each phase is discussed in
detail.
60
3.2
Operational Framework
This section covers the systematic process involved in this study. With
reference to Figure 3. 1, the operational framework is divided into three phases.
Start
PHASE 1: Study of existing mitigation
Review
Study of the
clipped tag method
Study of the Faraday
shield method
Study of the fingerprint
biometric authentication
method
PHASE 2: Analysis of selected measure
Project Methodology
Propose an enhanced authentication
measure by combining previous methods
Implementation of proposed method
PHASE 3: Proposed mitigation
measure
End
Figure 3. 1: Operational Framework
Phase 1 and phase 2 of the operational framework shown in Figure 3. 1 are
discussed in detail in the proceeding sections. However, phase 3 is discussed in brief
in this chapter but the detail discussion is in the proceeding chapter.
61
3.3
Review of Existing Mitigation
Researchers have devised various mitigations against the myriad fold of
challenges and emerging threats to RFID system. In a way to address privacy
concerns in the RFID system, Juels et al. , (2003) proposed blocker tag, a tag capable
of overloading the anti-collision protocol of the reader. Blocker tag also protect
against skimming attack, unauthorized tag killing as well as unauthorized tag
reading.
Wu and Alamo, (2004) proposed an electromagnetic shield called Faraday
cage which is can be used to shield electromagnetic wave. This cage protects Card
against unauthorized reading by creating a firewall over the communication link.
Similarly, it also protects against skimming, and relay attack.
Reiback et al. , (2005) proposed portable device called RFID guardian which
is a capable of selective frequency jamming. Thus, the device can protect against
unauthorized reading, skimming attack, as well as ensuring privacy. Furthermore,
Moskowitz et al. , (2007) proposed a physical clipped tag using perforated tear-off
antennas. In similar plight, the use of two tags was proposed by Inoue and Yasuura,
(2009); one tag holds the unique serial number which will be peeled off. This
measure protects against long range unauthorized Card reading, and ensures privacy.
Hancke and Kuhn, (2005) proposed distance bounding protocol for protecting
against relay attacks. In addition, Davide et al. , (2010) among other researchers,
proposed an identification technique capable of mitigating cloning and spoofing
attack. , Yahaya et al. , (2009) proposed fingerprint biometric authentication system
between the Card and the reader on which the fingerprint was stored on the tag.
They presented a modeled framework on smart Card against unauthorized Card use.
Marquardt et al. , (2010) proposed varieties of controllable Cards. This protect
against skimming attack, unauthorized tag reading consequential to clandestine
62
tracking, as well as ensuring privacy. More-so, Shang-Ping, (2011) among many
other propositions, proposed an authentication protocol to protect against skimming
attack.
In order to protect against unauthorized use of Card at the tag-end, measures
such as fingerprint biometric authentication proposed by Yahaya et al. , (2009) can
integrated into the physical clipped tag proposed by Moskowitz et. al. , (2007). The
read range limitation in the clipped tag can be prevented with the use of a shield
around the clip.
3.3.1
Physical Clipped Tag
It was originally suggested by “IBM as an additional consumer privacy
mechanism” as a way to guarantee user’s control over the tag through transformation
of long-range transponder to reduced proximity transponder. Moskowitz et al. ,
(2007) concluded that a more efficient and simplistic technology for enhancing
privacy is the use of a clipped tag. Figure 3. 1 shows the schematics of the clipped
tag.
A
Figure 3. 2:
B
A) Schematics of clipped tag
B) Garment hang tag.
63
The perforation notch shown in the schematics of Figure 3. 2 a) and the tear
line in Figure 3. 2 b) indicates point of tear initiation. Once the notch is remove
(which is actually a segment of the antenna), the transmission ability of the tag is
transformed. Figure 3. 3 illustrates the possibility of implementing this technique.
Clipping the tag therefore incapacitate mutual coupling of tag antenna. However, the
tag can still be read within a closed proximity.
B
A
Figure 3. 3: Clipping an Antenna
The figure labeled ‘A’ in Figure 3. 3, illustrates an unclipped tag while figure
‘B’ illustrates a tag that has been clipped through the detachment of scratch-off
material. This method provides a more enhance privacy technology in the RFID
system.
3.3.2
Faraday Cage.
Wu and Alamo, (2004) concluded the RFID system can be protected using
the faraday shield. Michael Faraday (1836) observed that charges that reside on
the surface of a conductor do not have influence on the interior or anything
enclosed within the conductor. It was further explained by Gauss, who stated that
64
“the electric flux (݊E) through a closed surface S, is equal to the amount of charge
enclosed. Equation 3. 1 gives the mathematical expression of Gauss law.
…equation 3. 1
‘݊E’ is the electric flux, ‘S’ is a closed surface ‘
’ is the electric field, ‘
’ is a surface element, ‘q’ is the sum of all the charges that lie inside the closed
surface S.
Thus, a faraday cage is referred to an enclosure or system capable of
preventing the inflow or outflow of electromagnetic wave. Figure 3. 4 illustrates the
operation process of the faraday cage.
A
B
Figure 3. 4: Operational Process of Faraday Cage. (Rubin, 2011)
In Figure 3. 4, Figure ‘A’ represents an externally created electric field with
polarity from positive to negative. Applying ‘A’ to the surface of the conductor
causes a rearrangement (as depicted in ‘B’) of the electrical charges inside the cage
which is in opposite direction (and same magnitude) to the original field. Figure 3. 4
‘A’ can be referred to as the interrogatory wave from the reader, while ‘B’ represents
the counter effect experienced by the wave due to the cage effect. Adopting this
measure in RFID system provides flexible control for user over the communication
process at the tag-end
65
3.3.3
Fingerprint Biometric Authentication
Fingerprint comprises series of ridges and furrows on the surface of the
finger. The pattern of the ridges and furrows determines the uniqueness of the print.
Minutiae are also one of the principal compositions of the fingerprint. “Minutiae
points are local ridges characteristics that occur either at a ridge bifurcation or ridge
ending”. Figure 3. 5 shows different examples of minutiae (dark lines are the ridges
while the white are furrows).
2
1
6
5
4
3
7
8
9
10
11
12
13
14
15
16
Figure 3. 5: Examples of Minutiae Types
As shown in Figure 3. 5, the dark lines and white lines on the fingerprint can
form unique shapes which are distinguishable by the use of a fingerprint device.
1) Beginning Or Ending
2) Single Bifurcation
3) Double Bifurcation
66
4) Triple Bifurcation type 1
5)-Triple Bifurcation type 2
6)-Triple
Bifurcation type 3
7) Hook
8)-Single Whorl
9)- Double Whorl
10) Single Bridge
11)-Twin Bridge
12) Interval
13) Point
14)-Through Line
15)-Crossing
16) Side Contact
Fingerprint could be classified into:
x
An inked fingerprint; obtaining fingerprint images from an impression
of finger surface on intermediate medium such as cloth and paper.
x
A latent fingerprint; prints obtained from fingerprint contact surface,
after the oozing out of sweat, moisture and or grease from other part of the
body on the surface of the finger.
x
Live-scan fingerprint; obtaining fingerprint through the impression of
the finger surface on device (also referred to as scanner) without rolling.
Inked and latent fingerprint are beyond the scope of this study, hence will not
be discussed further. There are different types of scanner for acquiring live-scan, but
only two will be mentioned in this study; optical frustrated total internal reflection
(OFTIR), and sensing of differential capacitance. The OFTIR consist of a surface
glass prism, a charge coupled device (CCD) camera and a light source as depicted in
Figure 3. 6.
Figure 3. 6: a)Example of an OFTIR
b) Image Geometry
67
As shown in Figure 3. 6 a), a finger is placed on the scanner (on a glass
prism), the ridges make contact with the prismwhile the valleys does not. The laser
light illuminates the glass at a certain angle as shown in Figure 3. 6 b), and but
scattered due to the ridge contact on the surface. “The incident light corresponding
to valleys experinces total internal reflection. The CCD camera then captures the
reflected light from the glass resulting in a corresponding fingerprint image” (Anil
Jain, 2001). Sample of a live- scan fingerprint is shown in Figure 3. 7.
Figure 3. 7: Example of a Live-Scan Fingerprint.
The acquired image Figure 3. 7 for instance is further processed through minutiae
extraction as illustrated in Figure 3. 8.
Figure 3. 8: Typical Algorithm for Minutiae Extraction
68
As shown from Figure 3. 8, the orientations of the local ridges are estimated
from the input image from selected regions of interest. It is further redefined to
remove (to the bearest minimum), small speckles and holes. “It s then thinned to
obtain eight connected single-pixel-wide ridges” (Anil Jain, 2001), after which,
minutiae points are heuristically obtained. Usually, the ridges pixels with three-ridge
pixel neighbors are classified as ridge bifurcation while those with one-ride pixel
neighbor are ridge ending.
3.4.
Project Methodology
With reference to Table 2. 9, we can conclude that the existing mitigation
methods for combating security and privacy issues at the physical-layer of the RFID
system particularly at the tag-end have not provided any solution towards
authenticating user. A malicious user with the Card can therefore gain access to a
confidential object, or even clone the tag.
Consequently, a possible mitigation to user’s authentication at the tag-end of
an RFID system will be proposed.
As a part of the proposed method, Figure 3. 9
gives the flow chat of the project methodology of this study.
69
Stage 1: Design and Fabrication of antenna Tag
Design of a
controllable
Faraday shield
Identification and
fabrication of
clippable tag
Stage 2: Fingerprint acquisition and matching
Fingerprint Module
Features extraction
processing and
template formation
Acquiring
Fingerprint and
process image
Fingerprint
matching process
Stage 3: Code development and Testing
Develop a system control
algorithm
Validation
Figure 3. 9: Flow Chart of Project Methodology
As shown in Figure 3. 9, this project methodology comprises three stages.
Each of the three stages is discussed in the proceeding sections.
70
3.4.1. Stage 1: Design and Fabrication of Tag
This stage comprises two phases; to identify and fabricate a clippable tag, and
to construct a controllable Faraday shield around the clipped tag. In this stage, clip
tag will be used to design the controllable tag. The notch of the clip tag will be
designed such that it can be controlled using digital logics. As discussed in section 3.
3. 1 of this chapter, a clipped tag still responds to interrogation within its proximity.
Consequentially, a controllable shield will be designed around the tag. This stage
proposes a totally user controllable tag.
3.4.2. Stage 2: Fingerprint Acquisition and Matching
This stage involves two phases. The first is the process of acquiring and
extracting key features of fingerprint, while the second is process of matching the
fingerprint. For this task, the system on Card (SOC) method proposed by Yahaya et
al. , (2009) as illustrated in Figure 2. 11, will be applied taking into consideration a
1:1 matching process and encryption of template before matching.
3.4.3. Stage 3: Code Development and Testing
This stage involves the development of a fingerprint authentication code and its
respective circuitry that will control the system under study. Detail of this stage is
discussed in the proceeding chapters.
71
3.5.Summary.
In this chapter, the operational framework of this study was discussed. It
embodies three phases. Two of the phases were discussed in detail while the third
one was briefly discussed. Brief explanation of the project methodology was given
while the details will be covered in the proceeding chapters.
72
CHAPTER 4
DESIGN OF BIO-THENTIC RFID CARD
4.1
Introduction
This chapter entails discussion on existing measures to security and privacy
challenges in the physical-layer of RFID technology as well as the proposition of the
enhancement method. In view of that, phase 3 of the operational framework in
chapter 3 is also discussed in this chapter. The design processes of the prototype of
this proposed enhancement method is also discussed in detail.
Additionally, the detailed analysis of the design procedure of this study is
also presented. The design process procedure was segmented into the antenna design
unit, the biometric authentication unit, and the control unit. A concise summary of
the procedures is given at the end of the chapter
73
4.2
Existing Mitigation Measure Analysis
Various existing measure on security and privacy challenges in RFID system
were studied. Summary of the analysis of the measures is given in Table 4. 1.
Reference was channeled towards attacks on the physical-layer and its respective
proposed mitigation.
Skimming
Spoofing
Clandestine
Relay
Privacy
Ö
×
Ö
×
Ö
Faraday Cage (Joyce H. Wu, ×
×
×
Ö
Ö
Ö
×
×
Ö
Ö
Ö
Ö
Ö
Ö
Ö
Ö
Ö
×
×
×
×
×
×
identification ×
×
×
×
×
×
Ö
×
Ö
Ö
Ö
Ö
Ö
×
Clipped
Tag
killing
Unauthorized
(Paul
tracking
Cloning
Ö
Mitigation
reading
A. Ö
Attacks
Unauthorized
Unauthorized use
Table 4. 1: RFID Physical-Layer Attack-Mitigation Analysis
Moskowitz, 2007)
2004)
Controllable Tag (Marquardt et. al. ,2010)
Biometric authentication
(Yahaya et. al. ,2009)
Anti-counterfeiting
technology (Babaie, 2010)
Physical-layer
technique (Davide Zanetti,
2010)
Authentication protocol
Ö
(Shang-Ping, 2011)
Labeling
Creates user awareness
RFID Guardian
Ö
×
×
Ö
Ö
74
(Melanie R. Rieback, 2005)
RFID Blocker Tag ( Juels et. ×
×
×
Ö
Ö
al. , 2003)
indicated that the mitigation measure is applied to such threat
× indicates that the measure does not apply to that threat
Ö indicates the measure can be combined with other measures
As shown in Table 4.
1, there is only one mitigation measure against
unauthorized use of Card attack. In addition, controllable and clipped tag measure
can be enhanced to combat this type of attack. Labeling of tag does not protect
against security but enhances privacy through alerting user of the presence of RFID
tag.
4.3
Proposed Mitigation
With reference to the discussion in the preceding section of this chapter,
Figure 4.1 gives an overview of the various proposed mitigation against security and
privacy challenges in the RFID technology specifically, with reference to the
physical-layer.
RFID SYSTEM
75
STRATEGIC LAYER
APPLICATION
COMMUNICATION
PHYSICAL
Labeling
Kill command
Anti
counterfeiting
technology
Clipped tag
Blocker tag
Fingerprint
Biometric
authentication
Physical layer
identification
RFID Guardian
Faraday cage
RFID zapper
Controllable tag
SECURITY AND PRIVACY
EXISTING MITIGATION
Mitigation
Fingerprint
Biometric
authentication
Faraday Cage
Proposed Mitigation
Clipped tag
Limitations
Figure 4.1: Overview of Proposed Mitigation
As shown in Figure 4.1, the proposed mitigation of this study is the hybrid of
three existing mitigations; physical clip tag, Faraday cage and fingerprint biometric
authentication system. Worthy to note is that, this measure focuses on the Card
security and privacy; hence, the biometric data is not used during communication but
initiates the Card for communication.
This is to prevent the possibilities of compromising the fingerprint either in
communication, application or strategic layer.
The architectural composition of the
proposed mitigation for this study is shown in Figure 4. 2.
76
Determine the number
of turns, dimension and
positioning of the coil,
Not suitable for a
13. 56MHz
Study of antenna
design system
No
Determine the antenna
orientation and the height
of the dielectric substrate
Simulation (using CST
software)
Design clip joint
and simulate
Yes
Design a digital
controllable Faraday
Yes
No
Yes
Fabrication and
real time
verification Unit
Sensor
Acquire the
fingerprint
Feature extraction
unit
Template
No match
Match
CONTROL
UNIT
Matching unit
Figure 4.2: Implementation Flow Chat
As shown in Figure 4. 2, the implementation process will involves three basic
steps. The first step involves the process of simulating the tag using computer
simulation software (CST).
The second step covers the process of acquiring,
processing and matching of the fingerprint. The final stage involves the fabrication
77
and real time validation unit, and the control unit. Figure 4. 3 shows a concise
depiction of the proposed mitigation as well as indicating the communication
channel.
Control module
Fingerprint module
Input
Fingerprint
match unit
Communication line-2
Controller
Communication line-3
Communication line-1
RFID Tag
Clipped tag and
digitally controlled
Faraday shield
Figure 4. 3: Communication Process of the Proposed Mitigation
The communication lines 1, 2 and 3 are the channels of interaction between
the different modules as shown in the Figure 4. 3. Communication line-1 is the input
command line from the controller to the fingerprint module.
fingerprint module on when to accept ‘Input’.
It instructs the
The communication principle
involved in this communication line is polling command.
The controller unit continuously polls the fingerprint module for input
fingerprint. Communication line-2 is the reply-to-request of polling command. It
sends the result of any scanned input fingerprint as feedback, which is further used to
dictate the communication line-3. The communication line-3 is the command line
78
for
the
digitalization
of
the
Faraday
shield,
and
consequently,
Card
activation/deactivation. The detail of these processes is discussed in proceeding
section.
4.4
Antenna Design
The antenna design was patterned after a previously implemented loop
antenna for smart cards with small dimension, and effective structure (Jussi
Nummela et. al. , 2007).
4.4.1
Antenna coil
In order to design the coil, a computer simulation technology (CST)
microwave studio 2010, software was adopted. The designed antenna has a regular
loop structure consisting of stripped copper lines. The loop has external dimension
of 54x33mm, copper line loop of width 0. 5mm, and 7 turns of coil with spacing of
1mm, and 0. 035mm thickness as shown in Figure 4. 4
79
Figure 4. 4: Snapshot of CST 2010 Antenna Design.
The simulation result shown in Fig. 4. 4 does not exhibit a pure inductive
property. This is verified from the s-parameter (signal to noise ratio in dB) graph
generated by the simulation as shown in Figure 4. 4. The result was however good
enough for the purpose of this study, and in line with the scope of this study.
The printed circuit board (PCB) is made of FR4-lossy dielectric material,
with thickness of 1. 6mm, and dimension of 60x40mm, relative permeability of 1,
and a relative electric permittivity of 4. 55 as shown in Figure 4. 5.
80
Figure 4. 5: FR4 Lossy Material
The design of the FR4-lossy was in line with the dimension of the desired
antenna board as shown in Figure 4. 5.
magnitude of the antenna in dbi.
Figure 4. 6 shows the S-parameter
81
Figure 4.6: S-parameter of the designed antenna
The simulation result shown in Figure 4.6 proves that a 54x33mm loop coil
with 7 turns at 0.035mm coil spacing, can be used to design a 13.555MHz RFID
Card antenna; with S1,1 value of -2. 730712dBi at 50ohms impedance matching, in
open air boundary conditions in the X-axis, Y-axis and Z-axis respectively.
82
4.4.2
Clipped jointt
The clipped jooint was introduced as the gap between both ends of the antenna
coil as shown in Figgure 4. 7. During the simulation, transient solver of the CST
software was used to adopt.
Transient solver
analysis.
Figure 4. 7: Snapshot showing the clipped jjoint
The two ends of the antenna coil serves as the joint betweeen the tag circuitry
and the clip as shownn in Figure 4. 7. Figure 4. 8 shows the fabrricated Card; where
‘A’ shows the fabriccated unit with the clip joint unconnected, w
while the ‘B’ shows
the connected clip joiint.
83
As shown in the Figure 4. 8-‘B’, the clip joint was designed to respond to
electrical pulse. The electrical conductivity (control signal) was introduced using a
printed circuit board (PCB) miniature relay of 1A, 5V d. c, and internal coil
resistance of 166ohms.
A
B
Tag
Miniature
Relay
Connected
to control
unit
Figure 4. 8: Fabricated Antenna Unit
The coupled miniature relay as shown in Figure 4. 8 ‘B’ creates a form of
closed loop of electrical system. This closed-loop created, functions in a way to
counter any electrical signal from the outer surrounding. This process is referred to
as a Faraday shield. As a result of this shield, interrogation of the tag is not feasible.
4.4.3 Biometric authentication
SN-FPR-UART
authentication process.
fingerprint
reader
was
adopted
for
the
biometric
Figure 4. 9 shows the block diagram of the hardware
composition of the module.
84
Figure 4. 9: Block diagram of the fingerprint module (Cytron T, 2011)
As shown in the Figure 4. 7, the fingerprint module functions communicate
directly to peripherals. The data format for the communication is 8-bits data bit, 1bit stop bit, and no parity bit at a baud rate of either 19200BPS. Additionally, it also
uses an optical fingerprint scanning process.
4.4.4
Fingerprint Module Security Mechanism
SN-FPR-UART fingerprint reader has an accuracy of 0. 0001% of false
acceptance rate (FAR) and 0. 01% of false acceptance rate (FAR), with an enrolling
time of 1s per time and matching time of 1s. It supports both 1:1 and 1: N
fingerprint verification system.
extracted and stored.
Only Eigen value of fingerprint template are
85
4.4.5
Fingerprint Storage and Matching
The storage process of the Eigen value of fingerprint template involves a
three consecutive enrolment using the enrolment command in Table 4. 2.
Table 4. 2: instruction command for fingerprint storage
First
Byte
1
3
4
5
6
7
8
0XF5 0x01
ID-LB
ID-HB
SEC-LEVEL
0X00
CHK
0XF5
Reply
0XF5 0x01
0X00
0X00
SEC-LEVEL
0X00
CHK
0XF5
Byte
1
3
4
5
6
7
8
0XF5 0x02
ID-LB
ID-HB
SEC-LEVEL
0X00
CHK
0XF5
Reply
0XF5 0x02
0X00
0X00
SEC-LEVEL
0X00
CHK
0XF5
Byte
1
3
4
5
6
7
8
0XF5 0x03
ID-LB
ID-HB
SEC-LEVEL
0X00
CHK
0XF5
0XF5 0x03
0X00
0X00
SEC-LEVEL
0X00
CHK
0XF5
enrolment Cmd
Second
enrolment Cmd
Third
enrolment Cmd
Reply
2
2
2
As shown in Table 4. 2, the storage process requires the enrolment of the
fingerprint three times using different commands. The byte-7 is the check sum byte
used for detecting errors in the frames/command. ID-LB, ID-HB and SEC-LEVEL
represents the low byte of the storage number, high byte of the storage number, and
security level respectively. The matching process is a stream of 8-bytes of data as
shown in Table 4. 3.
Table 4. 3: Instruction format for fingerprint Matching
Byte
1
2
3
4
5
6
7
8
Cmd
0XF5
0x0C
0x00
0x00
SEC-LEVEL
0X00
CHK
0XF5
Reply
0XF5
0x0C
ID-LB
ID-HB
SEC-LEVEL
0X00
CHK
0XF5
86
Table 4.3shows the matching process for a 1:N matching. For a 1 ratio 1
matching, the second byte (0X0C) in Table 4. 3 will be replaced with 0X0B.
4.5
Control Unit
The control unit constitutes basically of a single computer on-chip
microcontroller.
AVR- Atmega-8515 microcontroller was adopted.
The
communication process between the fingerprint module and the antenna coil (RFID
cabinet) is linked using the universal synchronous asynchronous receiver and
transmitter (USART) unit of the microcontroller.
4.5.1
AVR Atmega-8515 Microcontroller
The Atmega-8515 microcontroller is a 40-pin PDIP low power 8-bits
microcontroller with advance reduced instruction set computing (RISC) architecture
comprising a 32x8 general purpose working register, a data throughput at 16MHz
and a programmable serial USART. Figure 4. 10 shows the block diagram of the
Atmega-8515 microcontroller.
87
Figure 4.
4 10: Architecture of Atmega-8515 Microconntroller
The Atmega-8515 microcontroller has four programmablle input and output
ports, which are connnected to the controller structure through a poort driver/buffer and
a port digital interfacce as shown in Figure 4. 10. Port D is interffaced directly to the
USART unit, which is linked through an 8-bits data bus to the aarithmetic and logic
unit (ALU) via the status
s
register. Figure 4. 11 shows the pin-oout of the Atmega8515 microcontroller chip.
88
Figure 4. 11: Pin-Out of Atmega-8515 Microcontroller.
The USART unit interface directly with the RXD (pin 14/PD0) and TXD (pin
15/PD1) pin of the microcontroller as shown in Figure 4. 11. Ports A, B, C and D
are each 8-pin input and output interfaces.
4.5.2
Control Circuitry
The control circuitry comprises a programmed microcontroller (using
assembly language), and a miniature relay. Figure 4. 12 shows the design of the
circuitry.
Refer to appendix A for the communication code. Four different
fingerprint templates were stored in the fingerprint module library. Each of the
templates, labeled A, B, C, D, were assigned expected output as shown in Table 4. 4
and the corresponding responding output was used to either control the triggering of
the miniature PCB relay (A & B), power-on a green , yellow, or blue LED.
Any
other fingerprint that does not match with the stored fingerprint library is classified
as a malicious user, and hence assigned with the template label ‘E’.
The
89
microcontroller continuously polls the fingerprint for any input. Refer to Appendix B
for the flow chart of the process. If there is any finger placed on the scanner, the
fingerprint module extracts the Eigen value, and then compares it with the already
stored template. If there is match, a corresponding output is triggered, and otherwise,
a red LED indicates an unknown user.
In order to trigger the RFID Card, two separate fingerprints of the
authenticator was sampled. The controller ensures that the two fingerprints must be
matched before triggering the Card. The triggered Card remains active for duration
of 2. 46ms and 2seconds (since the RFID HF tag operates within the range of 13.
56MHz)
Figure 4. 12: Schematics of Control Process
As shown in Figure 4. 12, the circuitry was designed such that a dual contact
process (PD3 and PD4 pins) are required for tag activation through the miniature
relay contactor mechanism.
The relay (normally open-NO-) is programmed to
90
energize (operation period), for a period.
When the time of contact is lapsed, the
relay is de-energized to its normal state (idle state).
An authentic fingerprint
initiates the operation state.
The fingerprint input is connected via the USART port (RXD and TXD) pin
of the Atmega8515. The LED indicators are connected to the PD7, PD6, PD5 and
PD4 pins of the microcontroller as shown in Figure 4. 12.
Table 4. 4 shows the
analysis of the connection and the desired output.
Table 4. 4: Control Output Indication
Template
Atmega-8515
Control
label
Pin-out
Effect
A and B
PORTB, 6:4
Miniature relay
Authorized
PORTD 7
And Green-LED
permission, access granted
PORTD, 6
Yellow-LED
Authorized
C
Indication
user
user
with
without
access
access
permission, access denied
D
PORTD, 5
Blue-LED
Unauthorized user, access denied
E
PORTD, 4
Red-LED
Unauthorized user, access denied (and
further warning may be indicated
As shown in Table 4. 4, the combination of template labeled ‘A & B’ is the
expected authorized and full access permission user. ‘C’ is an authorized user but
does not have access to the object under investigation (in this case the Card-Reader
interrogation).
‘D’ on the other hand, represents unauthorized.
Label ‘E’ is
classified as a malicious user. This could attract other forms of warning, but for the
sake of this project, it is tagged with e Red LED indicator.
91
4.6 Summary
This chapter entails the detail procedure for the implementation of the design
of the prototype of the Bio-Thentic Card. It also presented the various functionalities
involved in the design procedures as well as the hardware and software involved.
92
CHAPTER 5
RESULT AND ANALYSIS
5.1
Introduction
This chapter presents the results of the designed and fabricated proposed
methodology; to enhance the authentication of the RFID Card. In addition, it also
illustrates how various known attacks on the RFID Card can be prevented, and hence
combated.
The first section detailed the result of the design and fabricated output, while
subsequent sections described the diverse processes of exploiting the inherent
vulnerabilities in the RFID Card. A concise summary of the detailed result is given
at the last section.
93
5.2
Bio-Thentic Card Prototype testing
After the design of the Bio-Thentic Card, it was subjected to various range
and authentication test. Figure 5.1 shows the Bio-Thentic Card prototype.
FINGERPRINT
MODULE
Communication link to the
controller
Front View
Back view
Figure 5.1: Bio-Thentic Card Prototype.
For testing purpose, the card was uncased/un-laminated as shown in Figure
5.1.
The front view shows the connection between the fingerprint module,
communication link to the controller, and the Card, while the back shows the
connection between the fingerprint module and the controller. Figure 5.2 shows the
testing procedure for the authentic cardholder. This is predicated upon the fact that
the fingerprint templates of the authentic cardholder have been stored in the
fingerprint module.
94
STEPS
INDICATOR
Power ON the control
module
Place the LEFT-INDEX finger
on the fingerprint Module,
for one second.
Place the LEFT-THUMB
finger on the fingerprint
Module, for one second.
Place the Bio-Thentic Card
closer to the RFID Reader
The Bio-Thentic Card
responds to interrogation
One time Beep sound, Blue light
on the fingerprint module,
Power-ON LED activated
One time Beep Sound, Blinking
blue light on the fingerprint
module
One time Beep sound, once blink
of the blue light on the
fingerprint module, green LED
df
The Card is activated for
duration, based on the level of
user’s responsiveness, 3-seconds
in this case.
Figure 5.2: Testing Procedure for Authentic User
As shown in Figure 5.2, the communication process is initiated after the
following procedures are certified.
1. The control unit of the card in powered ON. This is done by connecting a
5V power supply to the control unit.
2. The authentic Cardholder then places his left-index (the left-thumb finger
can also be the placed first) finger on the fingerprint module for one
seconds.
3. Afterwards, the authentic cardholder then places his left-thumb (the leftindex finger can also be placed as the second input finger) finger on the
fingerprint module for one seconds.
4. The Card is then placed closer to the RFID reader, for interrogation.
95
Figure 5.3 shows the generic procedure for testing both authentic and unauthentic cardholder. This test is predicated on the fact that the fingerprint template
of the cardholder is stored in the fingerprint module, as well as two three other
fingerprint template representing various level of un-authentic cardholder.
POWER-ON THE
CONTROL UNIT
Place the left-index
finger on the
fingerprint module
Place other finger on
the fingerprint module
Place the card closer to
the RFID reader
Place the left-thumb
finger on the
fingerprint module
No interrogation
responds from the
RFID reader, and a
corresponding level of
authority is activated.
Place the card closer to
the RFID reader
When finger = Right-index, Yellow-LED activated:
Card responds to
interrogation and
indicator ON.
When finger = Right-thumb, Blue-LED activated:
When finger = unknown, Red-LED activated on the
Card for a duration of two seconds.
Figure 5.3: Generic Testing Procedure
As illustrated in Figure 5.3, any fingerprint placed on the fingerprint module, which
does not match the left-index and left-thumb of the authentic cardholder’s template,
will result in “NO-interrogation” from the reader. Additionally, the following Light
emitting diodes (LED) are also activated:
96
1. Yellow LED is activated on the card when the detected fingerprint
matches with the Right-index finger of the authentic cardholder.
2. Blue LED is activated on the card when the detected fingerprint matches
the with the Right-thumb of the authentic cardholder.
3. Red LED is activated on the card when the detected fingerprint does not
match either the Right index, Right-thumb, Left-index, Left-thumb finger
of the authentic cardholder.
5.2.1 Response to Reader
An RFID Reader was employed to demonstrate the possible response of the
Card to a Reader. The Card without the fingerprint authentication unit was brought
at 5cm, 3cm, 2cm, and 1cm proximity (arbitrarily chosen but within the nominal read
range of the HF passive tag), to the powered Reader. No-response to interrogation
from the Reader was received. The authentic fingerprint authentication process was
then applied within same proximity range as the former, and response was received.
Table 5.1 shows the result of the test.
Table 5. 1: Test Result of Bio-Thentic Card
Proximity Range
Without Fingerprint
With fingerprint
Authentication
Authentication
5cm
No response
Response received
3cm
No response
Response received
2cm
No response
Response received
1cm
No response
Response received
97
Without the fingerprint authentication, the Card is shielded from
communication as depicted in the result of Table 5.2.
Hence, no Reader can
communicate without the authorization by the authentic Card user.
5.2.2
Fingerprint Authentication
Two distinctive fingers of the authentic card holder is required to activate the
automation circuitry of the card. For the sake of testing, prints from the left thumb
and left index fingers were used as the authentication elements. Table 5.2 gives the
result of the authentication testing. The left index and left thumb were labeled as ‘A’
and ‘B’ respectively. Prints from the right index and right thumb labeled ‘C’ and ‘D’
respectively, were used as additional fingerprints and were stored in the library of the
fingerprint module. Prints other than ‘A’, ‘B’, ‘C’, and ‘D’ were considered as print
‘E’, connoting that the User ‘E’ does not fall within the category of expected user.
Table 5. 2: Result for Authentication Testing
Template
Interrogation Range
5cm
3cm
2cm
1cm
A&
Tag activated
Tag activated Tag activated
Tag activated
B
Green LED
Green LED
Green LED
Green LED
C
Yellow LED
Yellow LED
Yellow LED
Yellow LED
D
Blue LED
Blue LED
Blue LED
Blue LED
E
Red LED
Red LED
Red LED
Red LED
Templates labeled ‘A & B’ activated the Card for interrogation and a GreenLED
indicated the activation process for each of the selected interrogation range as
98
shown in Table 5. 2. Thus prints matching ‘A’ and ‘B’ were considered as classified
user and possess the adequate clearance level to use the card.
Prints matching label ‘C’ and ‘D’, were placed on the fingerprint module, but
a no-tag- response was received while a corresponding Yellow-LED and Blue-LED
were activated respectively.
Hence, the prints ‘C’ and ‘D’ were considered as
classified user, but do not possess adequate clearance level to use the card.
Prints matching label ‘E’ were placed on the fingerprint module at different
range as shown in Table 5.2, but a no-tag-response were received in all instance and
a Red-LED activated. In essence, such user are considered as unclassified user and
also, lacks the authority to use the card.
This test clearly demonstrated that only an authentic user/subject can use the
Card, and such subject must use two different fingerprints. Additionally, it classifies
users into different categories, and a corresponding level of awareness is activated
based on the classification.
5.2.3
Tag Reading
The Card was activated for duration of 3seconds (additional slack time is
added to compensate for user’s responsiveness) during which, it responded to the
interrogation from the Reader. As shown in Table 5.2, only the templates labeled ‘A
& B’ could authenticate the Card. The communication process between the Reader
and the Card takes an approximate of 73μ seconds at 13.56MHz frequency. This
short operational time can be used as measure against clandestine tracking as well as
relay attacks.
99
5.3
Risk Assessment
In order to ascertain the probability of attack being successful, various known
attacks were tested on the prototype. Unauthorized tag Read, and unauthorized tag
use were the focus of this assessment. Malicious users to gain ‘authorized’ access to
these Card. could use attacks such as tag manipulation, clipped circumvention, and
fingerprint manipulation.
5.3.1
Tag Manipulation
Owing to the architectural vulnerabilities of the RFID card system in which
the tag can be read without the knowledge of the Cardholder even when such is
unauthorized; a practical re-positioning of reader was conducted. An RFID reader
was placed within various proximity of the RFID Card, but there was no response.
This obeys the principle of the Faraday shield and clipped tag process as detailed in
the chapter 3.
Afterwards, the Card was authorized by its authorized user at
proximities of 5cm, 3cm, and. At these various range, the Reader responded to the
Card
5.3.2
Clip joint circumvention
For the sake of testing, the Card was un-laminated, showing its internal
circuitry as well as the antenna coil as shown in Figure 5.4. This was done with the
view that an unauthorized user can successfully disassemble (completely remove the
card envelop/lamination) the Card.
Bridged using
connector cable
100
Figure 5.4: Worse Case Scenario of Bio-Thentic Card-Physical State
As shown in Figure 5.4, the clipped joint of the Card is connected to the tag
via the relay circuitry of the Card. A conductor was placed between the joints of the
microcontroller illustrated in Figure 5.4.
The Card remained inactive.
Further
manipulation was then initiated. At this stage, the clipped joints were connected to a
Connected to a
power supply unit
DC power supply unit of 5V as illustrated in Figure 5.5
Figure 5.5: Electrical manipulation of the clipped joint
The power supply unit was adjusted to the operating voltage range at the
miniature relay contact joint as shown in Figure 5.5. At proximities of 5cm, 3cm,
and 1cm respectively, the Card responded to interrogation and became active.
Hence, the attack was successful.
101
5.3.3
Fingerprint manipulation
When an authentic cardholder authorizes a communication, a residue of the
last fingerprint is retained on the surface of the fingerprint module as illustrated in
figure 5.6. There are various means of forging print from such residue such as
molding a silicone, gelatin, plastic clay, OHP film, and candle wax finger, but in this
study, an OHP film system was adopted for forging the authentic fingerprint image.
An OHP film was placed on the fingerprint module surface in alignment with
the residual print on the surface of the fingerprint module (with the understanding
that residual print belongs to the authentic cardholder). The control circuitry was
powered-ON, and the film was mapped to the size of the print. Afterwards, the
forged-film was placed carefully on the surface of the fingerprint module, to
impersonate as the authentic fingerprint. This process was carried out on different
diameter of films.
The Bio-Thentic Card however did not respond to interrogation, maintaining
its idle state. The activation process of the card requires matching of both the leftindex and left-thumb fingers. Hence, even if a forged finger could successfully
deceive a live fingerprint scanner, it will still be practically infeasible to fool the
fingerprint module based on residual image extraction.
5.4
Risk Assessment Analysis
This prototype was designed such that two fingerprints (different finger
template) of the authorized user were required to activate the Card for interrogation.
This was considered as a secured practice to ensure against the possibilities of
102
manipulating the fingerprint scanner surface. Table 5.3 gives a detail analysis on the
evaluation with respect to physical layer vulnerabilities of RFID Card.
Table 5. 3: Bio-Thentic Risk Assessment Test
Skimming
Spoofing
Unauthorized
x
Relay attack
cloning
Card-use
Tracking
Bio-Thentic Card
Unauthorized
Mitigation
Privacy
Vulnerabilities
Card-read
Physical-layer
As shown in Table 5. 3, with a Bio-Thentic Card system; unauthorized use of
Card can be effectively mitigated and other known physical-layer attacks, as well as
reduce the probability of attack occurrence.
The privacy of the Cardholder is kept safe. This is based on the understanding
that the Card cannot respond to any interrogation except on the consent of the
authentic Cardholder, and for a short period. Similarly, tracking the card or the
Cardholder through the Card is practically infeasible since the Card is considered
dead, until activated by the authentic Cardholder.
Furthermore, the use of Bio-Thentic Card prevents any form of unauthorized
reading of tag as well as card promiscuity to any reader which forms the basis for
skimming and spoofing attack. Hence, a surreptitious reader will not be able to
gather information about the card.
In addition, the use of Bio-Thentic Card requires that only the authentic
cardholder can activate the card for interrogation. In essence, the card cannot be used
103
by an unauthorized user, as well as, for an unauthorized purpose. Hence this Card
prevents unauthorized tag use, while it also addresses other issues such as
unauthorized tag read, and relay attacks.
However, the Bio-Thentic Card does not guarantee against cloning attack.
Though cloning of RFID tag is practically infeasible (Davide et al., 2010), a careful
fabrication of the Bio-Thentic card can induce a tamper proof capability in the Card.
Such tamper proof capability can be use to prevent against cloning attack.
5.5
Limitation of this prototype
The clip joint of this card can be manipulated as shown in the electrical short
circuiting process in Figure 5.5, given a very high level of precision and a relative
knowledge of the internal circuitry of the card. Hence it may subject to high technical
proficiency attack, in which state, access control may be practically undeniable.
This limitation can however be prevented if the Bio-Thentic card can be
fabricated in a way that any disassembling attempt will destroy the card antenna, and
as well as the RFID chip.
5.6 Summary
In this chapter, results from the design and fabrication processes of the BioThentic Card were discussed. It also included a practical demonstration of known
attacks as a part of risk assessment of the prototype.
104
CHAPTER 6
CONCLUSION AND RECOMMENDATION
6.1
Introduction
RFID Card is one of the most convenient practices for access control. It
however poses some inherent security challenges that have led to diverse
compromise of the triad-confidentiality, Integrity, and availability (CIA)- of
information security.
As a way to address some of the challenges in the RFID Card, this study
developed a Bio-Thentic Card to prevent unauthorized use of Card. The Bio-Thentic
card comprises clipped tag, Faraday shield, and biometric authentication.
The proceeding sections gives contribution of this study to the security of
RFID Card. In addition to that, recommendations for future works were also given.
This chapter ends with Conclusion on the Bio-Thentic card.
105
6.2
Contribution
The Bio-Thentic Card is the combination of three existing mitigation
mechanism which are Faraday shield, Clipped-tag system, and Fingerprint biometric
system; for combating unauthorized tag read, unauthorized tag interrogation and
unauthorized access controlling system respectively. This is the first time such
integration is used, and in this way.
The Bio-Thentic Card system effectively mitigated known attacks on RFID
Card. It also reduced the vulnerability rate of the RFID Card.
6.3
Future Work and Recommendation
This prototype does not satisfy a real-time application requirement due to its
portability.
Additionally, it also does not effectively prevent an expert clip-tag
circumventor. The following consideration can be given future research direction.
x
A combination of Bio-Thentic Card and computerized unit to further
authenticate the Card based on a uniquely generated disparate fingerprint
identity of the authentic user.
This can effectively prevent clip-tag
circumventors.
x
A combination of Bio-Thentic Card and RF sensor to further enhance
authenticate the Card. With the Bio-Thentic unit being the input to the
RF sensor and consequently, being the authenticator of the RFID tag.
106
6.4
Conclusion
Following the results from the Bio-Thentic Card test and risk assessment in
sections 5. 2, and 5. 3 of chapter 5 respectively; this prototype can therefore be said
to combat known security challenges in the physical-layer of the RFID Card such as
unauthorized use of tag, unauthorized tag read. However, there are still opportunities
for improvement.
107
REFERENCES
Aikaterini Mitrokotsa, M. R. (2010). Classification of RFID Attacks. Information
Systems Frontiers , 12 (5), 491-505.
Aikaterini Mitrokotsa, M. R. (2010). Classifying RFID attacks and defenses.
Assocaition of Computing Machinery , 491-505.
ALBERT B. JENG, L. -C. C. -E. (2009). SURVEY AND REMEDY OF THE
TECHNOLOGIES USED FOR RFID TAGS AGAINST
COUNTERFEITING. International Conference on Machine Learning and
Cybernetics, (pp. 2975-2980). Baoding: IEEE.
Anil Jain, a. S. (2001). Automatic Fingerprint Identification and Imaging System.
In a. R. Henry C. Lee, Advances in Fingerprint Technology (pp. 285-336).
Washington, D. C. : CRC Press.
Anil Jain, L. H. (February,2000). Biometric Identification. Communication of the
ACM , Vol. 43, No. 2, 91-98.
Ari Juels, a. R. (2003). Squealing Euros: Privacy Protection in RFID-Enabled. In
R. Wright, & R. Wright (Ed. ), Financial Cryptography (Vol. 2742, pp.
103-121). Springer Berlin / Heidelberg.
Ari Juels, D. M. (2005). Security and Privacy Issues in E-passports. IEEE,
International Conference on Security and Privacy for Emerging Areas in
Communications Networks , 0-7695-2369-2/05.
Ari Juels, R. L. (2003,). The Blocker Tag: Selective Blocking of RFID Tags for
Consumer Privacy. Proceedings of the 10th ACM conference on Computer
and communications security (pp. 103-111). Was hington, DC,: ACM.
108
Ari Juels, R. L. (2003,). The Blocker Tag: Selective Blocking of RFID Tags for
Consumer Privacy. Proceedings of the 10th ACM conference on Computer
and communications security (pp. 103-111). Was hington, DC,: ACM.
Bhaskar, S. M. (2008). Is RFID Technology Secure and Private? In a. M. SYED
AHSON, RFID HANDBOOK Applications, Technology,Security, and
Privacy (pp. 469-484). Boca Raton, FL : CRC Press Taylor & Francis
Group.
Bhaskar, S. M. (2008). Is RFID Technology Secure and Private? In a. M. SYED
AHSON, RFID HANDBOOK: Applications, Technology, Security, and
Privacy (pp. 469-484). Boca Raton, FL : Taylor & Francis Group, LLC.
Bing-Zhong jing, P. P. (2010). Anti-spoofing system for RFID access control
combining with face recognition. International Conference on Machine
Learning and Cybernetics, Qingdao (pp. 978-1-4244-6527-9/10/). Quigdao:
IEEE.
Bleeker, A. (2007, September 18). A semantics for BAN logic. Retrieved June 2-15,
2011, from http://dimacs. rutgers. edu/Workshops/Security/program2/bleeke
Boris Danev, T. S. -B. (2009). physical-layer identification of RFID device.
USENIX Security Symposium , (pp. 199-214).
Brianne Christine Vollmer, B. (2006). BIOMETRICS, RFID TECHNOLOGY, AND
THE EPASSPORT: ARE AMERICANS RISKING PERSONAL SECURITY IN
THE FACE OF TERRORISM? Washington DC: Georgetown University.
C. R. Prashanth, S. P. (2009, January 9-10). Iris Feature Extraction using
Directional Filter Bank for Personal Identification. Association of Computing
Machinery , 1-8.
Chao Li, a. J. (2010). A Two-Factor Authentication Design of Fingerprint
Recognition System Based on DSP and RF Card. IEEE (pp. 441-445).
IEEE.
109
Chien Eao Lee, a. N. (2009). Fingerprint Image Processing and Minutiae
Extraction for Fuzzy Vault. MoMM (pp. 36-43). Kuala Lumpur, Malaysia:
ACM.
Chien, H. -Y. (2007). SASI: A New Ultralightweight RFID Authentication Protocol
Providing Strong Authentication and Strong Integrity. IEEE
TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING , 4, 337340.
Chiu, T. L. (2009). A Study of the SMART container monitoring system in the
ocean shipping industry. ISL, (pp. 351-358). Istanbul, Turkey.
CIRCULAR, D. (2010, June 21). Manual of Regulations and Procedures for
Federal Radio Frequency. Retrieved July 03, 2011, from DEFENSE
INFORMATION SYSTEMS AGENCY: http://www. disa.
mil/pubs/circulars/pdf/dc3001001. pdf
Constantinos Kolias, V. K. (2009). A Secure and Efficient Authentication Protocol
for Passive RFID Tags. IEEE ISWCS , 36-40.
Constantinos Kolias, V. K. (2009). A Secure and Efficient Authentication Protocol
for Passive RFID Tags. IEEE ISWCS , 36-40.
Corps, U. M. (1999). Antenna Handbook (Vols. MCRP 3-40. 3C). Washington,
D. C: DEPARTMENT OF THE NAVY.
Crosbie, M. (2005, November). Biometrics for Enterprice Security. Network
Security , pp. 4-8.
Cytron, T. (2011, November 24). SN-FRP-UART. Johor Bahru, Malaysia.
Dale R. Thompson, E. r. (2009, November 19). 'Fingerprinting' RFID Tags:
Researchers Develop Anti-Counterfeiting Technology. Retrieved June 2-15,
2011, from PHYSORG. COM: http://www. physorg. com/news177842859.
html
David Molnar, a. D. (2004). Privacy and Security in Library RFID: Issues,
Practices, and Architectures. CCS , 210-219.
110
Davide Maltoni, D. M. (2009). Handbook on Fingerprint recognition. London:
Springer-Verlag London Limited 2009.
Davide zanetti, B. d. (2010). Physical-layer identification of UHF tags. MobiCom
'10: Proceedings of the sixteenth annual international conference on Mobile
computing and networking (pp. 978-1-4503-0181). Illinois,USA: ACM.
Dong-Lang Wu, W. W. -Z. (2010). ACCESS CONTROL BY RFID AND FACE
RECOGNITION ON NEURAL NETWORK. Machine Learning and
Cybernetics (ICMLC), 2010 International Conference (pp. 675-680). IEEE.
Feng Gao, J. T. (2008). An Algorithm to Produce Temporally and Spatially
Continuous MODIS-LAI Time series. Geoscience and Remote Sensing
Letters, (pp. 60-64). IEEE.
Feng Gao, J. T. (2008). An Algorithm to Produce Temporally and Spatially
Continuous MODIS-LAI Time series. Geoscience and Remote Sensing
Letters, (pp. 60-64). IEEE.
Finkenzeller, K. (2010). RFID HANDBOOK: FUNDAMENTALS AND
APPLICATIONS IN CONTACTLESS SMART CARDS, RADIO FREQUENCY
IDENTIFICATION AND NEAR-FIELD COMMUNICATION. (T. b. uller,
Ed. ) Chichester, West Sussex: John Wiley & Sons, Ltd.
Finkenziller, k. (2003). RFID handbook; Fundamental and application in
contactless smart cards and identification. England: John Wiley & Sons Ltd,
The Atrium, Southern Gate, Chichester.
FitzPatrick Richard. (2008). MAXWELL’S EQUATIONS AND THEPRINCIPLES
OF ELECTROMAGNETISM. New Delhi: Infinity Science Press LLC.
Frank Thornton, B. H. (2006). RFID Security. (J. Kleinschmidt, Ed. ) Rockland:
Syngress Publishing, Inc. .
Geetha Govindan, S. K. (2009). Real time Security Management using RFID,
Biometric and Smart Messages. ASID 2009. 3rd International Conference
(pp. 282 - 285). IEEE.
111
Gerhard P. Hancke, M. G. (2005). An RFID Distance Bounding Protocol.
SecureComm 2005. First International Conference (pp. 1-7). Athens,
Greece: IEEE.
Gibbs, M. D. (2010). Biometrics: Body odor Authentication Perception and
Acceptance. SIGCAS Computers and Society , 16-23.
Haines, B. (2010). Radio Frequency Identification Attacks. Boston, , USA: Seven
Deadliest Wireless Technologies Attacks, Syngress.
Hanan Sitli, h. H. -A. (2009). Technical Solutions for Privacy Protection in RFID.
European Journal of Scientific Research , 500-508.
Hancke, G. P. (2006). Practical Attacks on Proximity Identification Systems (Short
Paper). Security and Privacy, 2006 IEEE Symposium (pp. 1081-6011/06).
IEEE.
Hongliang Wang. (2008). RFID Guardian Back-end Security Protocol.
Amsterdam, Netherland: Vrije Universiteit Amsterdam.
Joyce H. Wu, a. J. (2004). An Equivalent Circuit Model for a Faraday Cage
Substrate Crosstalk Isolation Structure. Radio Frequency Integrated Circuits
(RFIC) Symposium , pp. 0-7803-8333.
Juels, A. (2006). RFID Security and Privacy: A Research Survey. IEEE JOURNAL
ON SELECTED AREAS IN COMMUNICATIONS , 381-394.
Juels, A. (2005). Strengthening EPC Tags Against Cloning. Proceedings of the 4th
ACM workshop on Wireless security (pp. 67-75). ACM.
Jussi Nummela, L. U. (2007). 13,56 MHz RFID Antenna for Cell Phone Integrated
Reader. IEEE , 1088-1091.
Kamran AHSAN, H. S. (2010). RFID Applications: An Introductory and
Exploratory Study. IJCSI International Journal of Computer Science Issues ,
1-7.
Kerr, I. (2007, October). The internet of people? Reflections on the Future
Regulation of Human-Implantable Radio Frequency Identification. Retrieved
112
June 2-15, 2011, from Bruce Sterling, “Go Ahead, Chip Me,” Wired
Magazine, October 2007, http://: tp://www. idtrail. org
Langheinrich, M. (2009). A survey of RFID privacy approaches. Personal and
Ubiquitous Computing , 13 (6), 413-421.
LIANG, B. (2010). Security and Performance Analysis for RFID Protocols.
Singapore: Singapore Management University.
M. Babaie, a. H. (2010). Efficient Detecting of RFID Tag CloningAttacks using
Chaos Theory. International Conference on Communication Engineering
(pp. 116-121). UNiversity of Sistan and Baluchestan.
Marci Meingast, J. K. (2007). Security and Privacy Risks of Embedded RFID in
Everyday Things: the e-Passport and Beyond. JOURNAL OF
COMMUNICATIONS, VOL. 2, NO. 7, (pp. 36-48). ACADEMY
PUBLISHER.
Marlin H. Mickle, j. T. (2007, October 12). Intellectual Property and Ubiquitous
RFID. Recent Patents on Electrical Engineering , pp. 59-67.
Melanie R. Rieback, B. C. (2005, July). RFID Guardian: A Battery-Powered
Mobile Device for RFID Privacy Management. Australasian Conference on
Information Security and Privacy(ACISP). , 62-69.
MiniMe, a. M. (2006, June 2). rfid-zapper. Retrieved June 2-15, 2011, from RFIDZapper(EN): http://itp. nyu. edu/everybit/blog/media/
Monica Nogueira, a. N. (2009). Uses of RFID Technology in U. S. Identification
Documents. Institute of Homeland Security Solution.
Mr. Tan Jin Soon, a. D. (2008). RFID security. Synthesis journal , 033-038.
Nicolai Marquardt, A. S. (2010). Visible and Controllable RFID Tags. '10:
Proceedings of the 28th of the international conference extended abstracts on
Human factors in computing systems (pp. 3057-3062). Atlanta, GA, USA:
ACM.
113
Nimish Vartak, A. P. (2007). Protecting the privacy of Passive RFID tags.
maryland, Baltimore, U. S. A.
Organization, f. E. -o. (2008, June 17-18). http://www. oecd.
org/dataoecd/19/420892347. pdf; organization for economic co-operation
and development:RFID OECD policy Guidance. Retrieved June 2-15, 2011,
from http://www. oecd. org
Paul A. Moskowitz, A. L. (2007). A Privacy-Enhancing Radio Frequency
Identification Tag: Implementation of the Clipped Tag. Pervasive Computing
and Communications Workshops, 2007. PerCom Workshops '07. Fifth
Annual IEEE International Conference (pp. 348-351). IEEE.
Paul A. Moskowitz, A. L. (2007). A Privacy-Enhancing Radio Frequency
Identification Tag: Implementation of the Clipped Tag. Pervasive Computing
and Communications Workshops, 2007. PerCom Workshops '07. Fifth
Annual IEEE International Conference (pp. 348-351). IEEE.
Paul A. Moskowitz, A. L. (2007). A Privacy-Enhancing Radio Frequency
Identification Tag:Implementation of the Clipped Tag. IEEE International
Conference , 0-7695-2788-4/07 .
Pedro Peris-Lopez, J. C. -C. (2010). Shedding Light on RFID Distance Bounding
Protocols and Terrorist Fraud Attacks. arXiv , 1-31.
Peter J. Hawrylak, M. M. (2008). RFID Tags. In Y. Z. Lu Yan, THE INTERNET
OF THINGS (pp. 14-45). London: Taylor & Francis Group, LLC.
Rao, S. (2007). A Secure Architecture for the Use of RFID at Home. GRASP
Symposium (pp. 191-192). Wichita: Wichita State University.
Rubin, J. (2011, June 28). Michael Faraday: The Invention of Faraday Cage.
Retrieved June 28, 2011, from Following the path of Discovery: http://www.
juliantrubin. com/bigten/faradaycageexperiments. html
Samuel Silver, and Hubert M. James. (1949). Microwave Antenna Theory and
Design (First edition ed. ). (S. Silver, Ed. ) New York. Toronto. London, U.
k, U. S. A: McGraw-Hill Book Company.
114
Shang-Ping, W. (2011). An Authentication Protocol for RFID Tag and Its
Simulation. Journal of Network , 446-453.
Shi Yong-Dong, P. y. -Y. -M. (2009). the RFID Application in Logistics and
Supply Chain Management. Research Journal of Applied Sciences , 57-61.
Shlomi Dolev, M. K. (2008). Low Overhead RFID Security. In a. M. SYED
AHSON, RFID HANDBOOK: Applications, Technology, Security, and
Privacy (pp. 589-602). Boca Raton: CRC Press, Taylor & Francis Group,
LLC.
Simson Garfinkel, a. H. (2005, June 2). UNDERSTANDING RFID
TECHNOLOGY.
Swedberg, C. (2009). British Touring car Championship track tires. RFID journal .
Thomas H. kean, L. H. -v. (2002). THE 9/11 COMMISSION REPORT.
Tobias Scheidat, A. E. (2006). Parameter Optimization for Biometric Fing
Recognition using Genetic Algorithms. MM & Sec (pp. 130-134). Geneva,
Switzerland: ACM.
7RQYDQ'HXUVHQDQG6DßVD5DGRPLURYLF(2008). Security of RFID Protocols – A
Case Study. STM, 2008 , 1-11.
Torin Monahan, a. J. (2010). Implanting inequality: Empirical evidence of social
and ethical risks of implantable radio-frequency identification (RFID)
devices. International Journal of Technology Assessment in Health Care. ,
370-376.
Torstein, H. (2006). Security and Privacy in RFID Applications. NTNU.
Vecca, J. (2007). Biometric technologies and Verification systems. (K. Pamela
Chester, Ed. ) Burlington, MA 01803, USA, USA: Elsevier Inc.
Vladimir Brik, S. B.
Vladmir brik, S. B. (2008). Wireless Device Identification with Radiometric
Signature. MobiCom '08: Proceedings of the 14th ACM international
115
conference on Mobile computing and networking (pp. 978-1-60558-096).
ACM.
Wang, H. (2008). RFID Guardian Back-end Security Protocol. Amsterdam: Vrije
Universiteit, Amsterdam, The Netherlands.
Y. -C. Lee, Y. -C. H. -S. -C. (2009). A New Ultralightweight RFID protocol with
Mutual Authentication. Information Engineering, 2009. ICIE '09. WASE
International Conference (pp. 58-61). IEEE.
Y. -C. Lee, Y. -C. H. -S. -C. (2009). A New Ultralightweight RFID protocol with
Mutual Authentication. Information Engineering, 2009. ICIE '09. WASE
International Conference (pp. 58-61). IEEE.
Yossef Oren, a. A. (2010). RFID-Based Electronic Voting: What Could Possibly
Go Wrong? RFID, 2010 IEEE International Conference (pp. 118-125).
IEEE.
Yuhanim Hani Binti Yahaya, M. R. (2009). Fingerprint Biometrics Authentication
on Smart Card. ICCEE '09. Second International Conference on Computer
and Electrical Engineering (pp. 671-673). IEEE.
Yum, J. , Yoo, B. , Park, K. , & Jang, J. (2010). Smart card with an integrated
electrical switch for secure operation. IEEE.
YUNG-CHIN CHEN, W. -L. W. -S. (2006). Low-Cost RFID Authentication
Protocol for Anti-Counterfeiting and Privacy Protection. Asian Journal of
health and Information Science , 189-203.
Zhibin Zhou, a. D. (2007). RFID Keeper: An RFID Data Access Control
Mechanism. Global Telecommunications Conference (pp. 4570-4574).
IEEE.
Zia Saquib, N. S. (2011). Voiceprint Recognition Systems for Remote
Authentication-A Survey. International Journal of Hybrid Information
Technology , Vol. 4, No. 2,, 79-98.
116
Zuo, Y. (2010). Survivable RFID Systems: Issues, Challenges, and Techniques.
Systems, Man, and Cybernetics, Part C: Applications and Reviews, IEEE
Transactions (pp. 406-418). IEEE.
117
APPENDIX A
PROGRAM CODE IN ASSEMBLY LANGUAGE
; Program code for fingerprint Storage and Matching
; Designed by Ikuesan Richard Adeyemi
; Assembler used: AVR studio 4
; Microcontroller used: Atmega 8515
. include"m8515def. inc"
. DEF TEMP =R16 ;general scratch space
. DEF TEMP2=R17
. DEF WORKER=R23
. DEF STORE1=R18
. DEF STORE2=R19
. DEF STORE3=R20
. DEF STORE4=R21
. DEF STORE5=R22
. EQU MODE_0= 4
. EQU MODE_1= 5
. EQU MODE_2= 6
. EQU MODE_3= 7
. EQU BAUD_RATE_HIGH=0
. EQU BAUD_RATE_LOW=25 ; BAUD RATE OF 19200. . .
. ORG 0x000
RJMP START;Reset Handler
. ORG 0X001
RETI
; IRQ0 Handler
RETI
; IRQ1 Handler
. ORG 0X002
. ORG 0X003
118
RETI
; Timer1 Capture Handler
RETI
; Timer1 Compare A Handler
RETI
; Timer1 Compare B Handler
RETI
; Timer1 Overflow Handler
RETI
; Timer0 Overflow Handler
RETI
; SPI Transfer Complete Handler
RETI
; USART RX Complete Handler
RETI
; UDR0 Empty Handler
RETI
; USART TX Complete Handler
RETI
; Analog Comparator Handler
RETI
; IRQ2 Handler
RETI
; Timer0 Compare Handler
RETI
; EEPROM Ready Handler
RETI
; Store Program memory Ready
. ORG 0X004
. ORG 0X005
. org 0x006
. ORG 0X007
. ORG 0X008
. ORG 0X009
. ORG 0X00A
. ORG 0X00B
. ORG 0X00C
. ORG 0X00D
. ORG 0X00E
. ORG 0X00F
. ORG 0X010
START:
LDI TEMP,255
OUT DDRA,TEMP
OUT DDRB,TEMP
OUT DDRD, TEMP
OUT DDRC, TEMP
119
LDI TEMP,HIGH(RAMEND)
OUT SPH,TEMP
LDI TEMP,LOW(RAMEND)
OUT SPL,TEMP
UART_INIT:
CLI
LDI TEMP2, BAUD_RATE_HIGH
LDI TEMP, BAUD_RATE_LOW
OUT UBRRH, TEMP2
OUT UBRRL, TEMP
LDI TEMP, (1<<RXEN)|(1<<TXEN);|(1<<RXCIE)
OUT UCSRB, TEMP
LDI
(1<<URSEL)|(0<<UMSEL)|(0<<USBS)|(1<<UCSZ1)|(1<<UCSZ0)
OUT UCSRC, TEMP
SEI
RCALL DELAY
POLLING_UNIT:
NOP
NOP
INC R22
CPI R22,5
BRGE RELAX
SEARCHING:
LDI ZH, HIGH(INPUT_MODE*2)
LDI ZL, LOW(INPUT_MODE*2)
CLR WORKER
WUNMI:
LPM TEMP, Z
RCALL USART_TRANSMIT
RCALL DELAY
LDI TEMP2,(1<<TXC)
OUT UCSRA, TEMP2
ADIW Z, 1
TEMP,
120
INC WORKER
CPI WORKER,8
BRNE WUNMI
LDI R21, 8
POSES_FIRSTLY:
RCALL USART_RECEIVE
OUT PORTA, TEMP
DEC R21
CPI R21, 0X03
BREQ CHECKER_FIRSTLY
GOT_FIRSTLY:
CPI R21, 0X00
BRNE POSES_FIRSTLY
RJMP ERROR_CHECK_FIRSTLY
CHECKER_FIRSTLY:
MOV R0, TEMP
RJMP GOT_FIRSTLY
ERROR_CHECK_FIRSTLY:
MOV TEMP, R0
CPI TEMP, 0X00
BREQ OK_FIRSTLY
RJMP ERROR_FIRSTLY
OK_FIRSTLY:
LDI TEMP, 0B11110000
OUT PORTC, TEMP
RCALL LONG_DELAY
RCALL LONG_DELAY
RJMP POLLING_UNIT2
ERROR_FIRSTLY:
LDI TEMP, 0B10101010
OUT PORTC, TEMP
RCALL LONG_DELAY
RCALL LONG_DELAY
RJMP POLLING_UNIT
121
RELAX:
SLEEP
;. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
POLLING_UNIT2:
SBI PORTB, 7
NOP
NOP
RCALL LONG_DELAY
RCALL LONG_DELAY
CBI PORTB, 7
FINISHED:
NOP
NOP
LDI TEMP, 0XFF
OUT PORTA, TEMP
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
LDI TEMP, 0X00
OUT PORTA, TEMP
RJMP MATCHING
RJMP FINISHED
;??????????????????????
;???????????????????????????????????
; BEGINNING OF THE MATCH PROCESS
;???????????????????????????????????
MATCHING:
LDI TEMP, 0X00
OUT PORTA, TEMP
;
OUT PORTB, TEMP
OUT PORTC, TEMP
122
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
NOP
LDI ZH, HIGH(MATCHED_FINGERPRINT*2)
LDI ZL, LOW(MATCHED_FINGERPRINT*2)
CLR WORKER
MATCH_UP:
LPM TEMP, Z
RCALL USART_TRANSMIT
RCALL DELAY
LDI TEMP2,(1<<TXC)
OUT UCSRA, TEMP2
ADIW Z, 1
INC WORKER
CPI WORKER, 8
BRNE MATCH_UP
LDI R21, 8
POSES_MATCH:
RCALL USART_RECEIVE
OUT PORTC, TEMP
DEC R21
CPI R21, 0X04
BREQ CHECK_MATCHING
GOT_MATCHING:
CPI R21, 0X00
BRNE POSES_MATCH
RJMP ERROR_CHECK_MATCHING
CHECK_MATCHING:
MOV R0, TEMP
RJMP GOT_MATCHING
ERROR_CHECK_MATCHING:
MOV TEMP, R0
CPI TEMP, 0X02
;library location for the left thumb print
123
BREQ RIGHT_THUMB
CPI TEMP, 0X03
;library location for the left thumb print
BREQ LEFT_THUMB
CPI TEMP, 0X04
;library location for the right index print
BREQ RIGHT_INDEX
CPI TEMP, 0X05
;library location for the left index finger
BREQ LEFT_INDEX
RJMP ERROR_MATCHING
RIGHT_THUMB:
SBI PORTD, MODE_2
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
CBI PORTD, MODE_2
RCALL LONG_DELAY
RJMP FINISHED
LEFT_THUMB:
SBI PORTB, 0
SBIS PORTB, 1
RJMP FINISHED
RJMP ACTIVATE
RIGHT_INDEX:
SBI PORTD, MODE_1
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
CBI PORTD, MODE_1
RCALL LONG_DELAY
124
RJMP FINISHED
LEFT_INDEX:
SBI PORTB, 1
SBIS PORTB, 0
RJMP FINISHED
RJMP ACTIVATE
ACTIVATE:
SBI PORTB, 4
CBI PORTB, 6
SBI PORTD, MODE_3
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
CBI PORTD, MODE_3
LDI TEMP, 0X00
OUT PORTB, TEMP
RJMP FINISHED
ERROR_MATCHING:
SBI PORTD, 4
RCALL LONG_DELAY
RCALL LONG_DELAY
RCALL LONG_DELAY
CBI PORTD, 4
RJMP FINISHED
;. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
;. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
;. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
125
;USART RECEIVE AND TRANSMIT STAGE
;. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
USART_TRANSMIT:
SBIS UCSRA, UDRE
RJMP USART_TRANSMIT
OUT UDR, TEMP
RET
USART_RECEIVE:
SBIS UCSRA, RXC
RJMP USART_RECEIVE
IN TEMP, UDR
RET
;. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
;END OF USART STAGE
;. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
;****Time Delay Subroutine *********************************
LONG_DELAY:
RCALL DELAY
RCALL DELAY
RCALL DELAY
RET
DELAY:
CLR R19
CLR R20
BODY:
INC R19
CPI R19,250
BRNE BODY
INC R20
CPI R20,20
BRNE BODY
RET
;***Settling time delay for port to stabilise****************************
Short_delay:
126
ldi temp,255
tagain: dec temp
brne tagain
ret
;*****Look up table for fingerprint template*****************************
INPUT_MODE:
. DB 0XF5, 0X2D, 0X00, 0X01, 0X00, 0X00, 0X2C, 0XF5
MATCHED_FINGERPRINT:
. DB 0XF5, 0X0C, 0X00, 0X00, 0X00, 0X00, 0X0C, 0XF5
;?????????????????????????????????????????????????????????????????????
; This section of the code is used to enter the first fingerprint template which is stored
; in location 0x05 of the fingerprint module used for this study; in this case, it is the
;left index. Used for the storage process of fingerprints
. include"m8515def. inc"
. DEF TEMP =R16 ;general scratch space
. DEF TEMP2=R17
. DEF WORKER=R23
. DEF STORE1=R18
. DEF STORE2=R19
. DEF STORE3=R20
. DEF STORE4=R21
. DEF STORE5=R22
. EQU MODE_1= 6
. EQU MODE_0= 5
. EQU MODE_2= 7
. EQU BAUD_RATE_HIGH=0
. EQU BAUD_RATE_LOW=25 ; BAUD RATE OF 19200. . .
. ORG 0x000
RJMP START;Reset Handler
. ORG 0X001
RETI
; IRQ0 Handler
RETI
; IRQ1 Handler
. ORG 0X002
127
. ORG 0X003
RETI
; Timer1 Capture Handler
RETI
; Timer1 Compare A Handler
RETI
; Timer1 Compare B Handler
RETI
; Timer1 Overflow Handler
RETI
; Timer0 Overflow Handler
RETI
; SPI Transfer Complete Handler
RETI
; USART RX Complete Handler
RETI
; UDR0 Empty Handler
RETI
; USART TX Complete Handler
RETI
; Analog Comparator Handler
RETI
; IRQ2 Handler
RETI
; Timer0 Compare Handler
RETI
; EEPROM Ready Handler
RETI
; Store Program memory Ready
. ORG 0X004
. ORG 0X005
. org 0x006
. ORG 0X007
. ORG 0X008
. ORG 0X009
. ORG 0X00A
. ORG 0X00B
. ORG 0X00C
. ORG 0X00D
. ORG 0X00E
. ORG 0X00F
. ORG 0X010
START:
LDI TEMP,255
OUT DDRA,TEMP
OUT DDRB,TEMP
128
OUT DDRD, TEMP
OUT DDRC, TEMP
LDI TEMP,HIGH(RAMEND)
OUT SPH,TEMP
LDI TEMP,LOW(RAMEND)
OUT SPL,TEMP
UART_INIT:
CLI
LDI TEMP2, BAUD_RATE_HIGH
LDI TEMP, BAUD_RATE_LOW
OUT UBRRH, TEMP2
OUT UBRRL, TEMP
LDI TEMP, (1<<RXEN)|(1<<TXEN);|(1<<RXCIE)
OUT UCSRB, TEMP
LDI
(1<<URSEL)|(0<<UMSEL)|(0<<USBS)|(1<<UCSZ1)|(1<<UCSZ0)
OUT UCSRC, TEMP
SEI
RCALL DELAY
POLLING_UNIT:
NOP
NOP
INC R22
CPI R22,5
BRGE RELAX
SEARCHING:
LDI ZH, HIGH(INPUT_MODE*2)
LDI ZL, LOW(INPUT_MODE*2)
CLR WORKER
WUNMI:
LPM TEMP, Z
RCALL USART_TRANSMIT
RCALL DELAY
LDI TEMP2,(1<<TXC)
TEMP,
129
OUT UCSRA, TEMP2
ADIW Z, 1
INC WORKER
CPI WORKER,8
BRNE WUNMI
LDI R21, 8
POSES_FIRSTLY:
RCALL USART_RECEIVE
OUT PORTA, TEMP
DEC R21
CPI R21, 0X03
BREQ CHECKER_FIRSTLY
GOT_FIRSTLY:
CPI R21, 0X00
BRNE POSES_FIRSTLY
RJMP ERROR_CHECK_FIRSTLY
CHECKER_FIRSTLY:
MOV R0, TEMP
RJMP GOT_FIRSTLY
ERROR_CHECK_FIRSTLY:
MOV TEMP, R0
CPI TEMP, 0X00
BREQ OK_FIRSTLY
RJMP ERROR_FIRSTLY
OK_FIRSTLY:
LDI TEMP, 0B11110000
OUT PORTC, TEMP
RCALL LONG_DELAY
RCALL LONG_DELAY
RJMP POLLING_UNIT2
ERROR_FIRSTLY:
LDI TEMP, 0B10101010
OUT PORTC, TEMP
RCALL LONG_DELAY
130
RCALL LONG_DELAY
RJMP POLLING_UNIT
RELAX:
SLEEP
POLLING_UNIT2:
SBI PORTD, 7
NOP
NOP
RCALL LONG_DELAY
CBI PORTD, 7
ENTRY:
;FIRST STAGE
LDI ZH, HIGH(FIRST_FINGERPRINT*2)
LDI ZL, LOW(FIRST_FINGERPRINT*2)
CLR WORKER
DOES:
LPM TEMP, Z
RCALL USART_TRANSMIT
RCALL DELAY
LDI TEMP2,(1<<TXC)
OUT UCSRA, TEMP2
ADIW Z, 1
INC WORKER
CPI WORKER, 8
BRNE DOES
RESPONDS_FIRST:
LDI R21, 8
;
LDI R22, 8
POSES_FIRST:
RCALL USART_RECEIVE
OUT PORTB, TEMP
DEC R21
CPI R21, 0X03
131
BREQ CHECKER_FIRST
GOT:
CPI R21, 0X00
BRNE POSES_FIRST
RJMP ERROR_CHECK
CHECKER_FIRST:
MOV R0, TEMP
RJMP GOT
ERROR_CHECK:
MOV TEMP, R0
CPI TEMP, 0X00
BREQ OK_FIRST
CPI TEMP, 0X07
BREQ OK_ALREADY
RJMP ERROR
OK_ALREADY:
LDI TEMP, 0B11001100
OUT PORTC, TEMP
RCALL LONG_DELAY
RCALL LONG_DELAY
LDI TEMP, 0X00
OUT PORTC, TEMP
RCALL DELAY
RJMP SECONDLY
OK_FIRST:
LDI TEMP, 0B11111111
OUT PORTC, TEMP
RCALL LONG_DELAY
RCALL LONG_DELAY
LDI TEMP, 0
OUT PORTC, TEMP
RCALL DELAY
RJMP SECONDLY
ERROR:
132
RJMP POLLING_UNIT2
;SECOND STAGE
;. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
SECONDLY:
NOP
LDI ZH, HIGH(SECOND_FINGERPRINT*2)
LDI ZL, LOW(SECOND_FINGERPRINT*2)
CLR WORKER
DO_IT:
LPM TEMP, Z
RCALL USART_TRANSMIT
RCALL DELAY
LDI TEMP2,(1<<TXC)
OUT UCSRA, TEMP2
ADIW Z, 1
INC WORKER
CPI WORKER, 8
BRNE DO_IT
LDI R21, 8
POSES_SECONDLY:
RCALL USART_RECEIVE
OUT PORTC, TEMP
DEC R21
CPI R21, 0X03
BREQ CHECKER_SECONDLY
GOT_SECONDLY:
CPI R21, 0X00
BRNE POSES_SECONDLY
RJMP ERROR_CHECK_SECONDLY
CHECKER_SECONDLY:
MOV R0, TEMP
RJMP GOT_SECONDLY
ERROR_CHECK_SECONDLY:
MOV TEMP, R0
133
CPI TEMP, 0X00
BREQ OK_SECONDLY
CPI TEMP, 0X07
BREQ OK_ALREADY_SECOND
RJMP ERROR_SECONDLY
OK_ALREADY_SECOND:
LDI TEMP, 0B11001100
OUT PORTC, TEMP
RCALL LONG_DELAY
RCALL LONG_DELAY
LDI TEMP, 0X00
OUT PORTC, TEMP
RCALL DELAY
RJMP THIRDLY
OK_SECONDLY:
LDI TEMP, 0B11110000
OUT PORTC, TEMP
RCALL LONG_DELAY
LDI TEMP, 0
OUT PORTC, TEMP
RCALL DELAY
RJMP THIRDLY
ERROR_SECONDLY:
RJMP POLLING_UNIT2
;THIRD STAGE
;. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
THIRDLY:
NOP
LDI ZH, HIGH(THIRD_FINGERPRINT*2)
LDI ZL, LOW(THIRD_FINGERPRINT*2)
CLR WORKER
DO_IT_AGAIN:
LPM TEMP, Z
RCALL USART_TRANSMIT
134
RCALL DELAY
LDI TEMP2,(1<<TXC)
OUT UCSRA, TEMP2
ADIW Z, 1
INC WORKER
CPI WORKER, 8
BRNE DO_IT_AGAIN
LDI R21, 8
POSES_THIRDLY:
RCALL USART_RECEIVE
OUT PORTA, TEMP
DEC R21
CPI R21, 0X03
BREQ CHECKER_THIRDLY
GOT_THIRDLY:
SBI PORTD, MODE_2
CPI R21, 0X00
BRNE POSES_THIRDLY
RJMP ERROR_CHECK_THIRDLY
CHECKER_THIRDLY:
MOV R0, TEMP
RJMP GOT_THIRDLY
ERROR_CHECK_THIRDLY:
MOV TEMP, R0
CPI TEMP, 0X00
BREQ OK_THIRDLY
CPI TEMP, 0X07
BREQ OK_ALREADY_THIRDLY
RJMP ERROR_THIRDLY
OK_ALREADY_THIRDLY:
SBI PORTD, MODE_1
LDI TEMP, 0B11001100
OUT PORTC, TEMP
135
RCALL LONG_DELAY
RCALL LONG_DELAY
LDI TEMP, 0X00
OUT PORTC, TEMP
RCALL DELAY
RJMP FINISHED
OK_THIRDLY:
LDI TEMP, 0B10101010
OUT PORTC, TEMP
RCALL LONG_DELAY
RCALL LONG_DELAY
LDI TEMP, 0
OUT PORTC, TEMP
RCALL DELAY
RJMP FINISHED
ERROR_THIRDLY:
SBI PORTD, 7
RCALL LONG_DELAY
RCALL LONG_DELAY
CBI PORTD, 7
RJMP POLLING_UNIT2
FINISHED:
NOP
NOP
CBI PORTD, MODE_2
CBI PORTD, MODE_1
CBI PORTD, MODE_0
LDI TEMP, 0XFF
OUT PORTA, TEMP
LDI TEMP, 0X00
OUT PORTC, TEMP
OUT PORTB, TEMP
RCALL LONG_DELAY
LDI TEMP, 0X00
136
OUT PORTA, TEMP
RCALL LONG_DELAY
RCALL LONG_DELAY
RJMP FINISHED
;USART RECEIVE AND TRANSMIT STAGE
USART_TRANSMIT:
SBIS UCSRA, UDRE
RJMP USART_TRANSMIT
OUT UDR, TEMP
RET
USART_RECEIVE:
SBIS UCSRA, RXC
RJMP USART_RECEIVE
IN TEMP, UDR
RET
;. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
;END OF USART STAGE
;. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
;****Time Delay Subroutine *********************************
LONG_DELAY:
RCALL DELAY
RCALL DELAY
RET
DELAY:
CLR R19
CLR R20
BODY:
INC R19
CPI R19,250
BRNE BODY
INC R20
CPI R20,10
137
BRNE BODY
RET
;***Settling time delay for port to stabilise****************************
Short_delay:
ldi temp,255
tagain: dec temp
brne tagain
ret
;*****Look up table for fingerprint template*****************************
INPUT_MODE:
. DB 0XF5, 0X2D, 0X00, 0X01, 0X00, 0X00, 0X2C, 0XF5
FIRST_FINGERPRINT:
. DB 0XF5, 0X01, 0X00, 0X05, 0X03, 0X00, 0X07, 0XF5
SECOND_FINGERPRINT:
. DB 0XF5, 0X02, 0X00, 0X05, 0X03, 0X00, 0X04, 0XF5
THIRD_FINGERPRINT:
. DB 0XF5, 0X03, 0X00, 0X05, 0X03, 0X00, 0X05, 0XF5
138
APPENDIX B
PROGRAM FLOW CHART
start
Reset
Initialization
Any live print
on scanner?
NO
YES
Left-Index
Delay
Right-index
Delay
YES
Type: A,
B, or C
NO
L-thumb
Activated?
YES
FingerPrint
type
Activate
A
Activate
B
NO
L-Index
Activated?
Activate
C
YES
Activate card
circuitry
Activated card
circuitry
Delay
Deactivate card
circuitry
139