New Directions in Reliability, Security and Privacy in Radio Frequency Identification Systems Leonid Bolotnyy Gabriel Robins lbol@cs.virginia.edu www.cs.virginia.edu/~lb9xk robins@cs.virginia.edu www.cs.virginia.edu/robins Department of Computer Science University of Virginia 1 Talk Outline • Introduction to RFID • Reliable Object Identification – Multi-Tag RFID Systems • Physical Security and Privacy – PUF-Based Algorithms • Inter-Tag Communication – Generalized Yoking-Proofs • Common Themes and Conclusion 2 Talk Outline • Introduction to RFID • Reliable Object Identification – Multi-Tag RFID Systems • Physical Security and Privacy – PUF-Based Algorithms • Inter-Tag Communication – Generalized Yoking-Proofs • Common Themes and Conclusion 3 General RFID System Local Server Tags Reader Tag ID Tag ID 4 Introduction to RFID • Tags types: passive semi-passive active • Frequencies: Low (125KHz), High (13.56MHz), UHF (915MHz) • Coupling methods: signal signal reader antenna Inductive coupling Backscatter coupling 5 RFID History 1935 1960 1973 What’s next? 1999 2006 2004 1999 6 Talk Outline • Introduction to RFID • Reliable Object Identification – Multi-tag RFID Systems • Physical Security and Privacy – PUF-Based Algorithms • Inter-Tag Communication – Generalized Yoking-Proofs • Common Themes and Conclusion 7 Obstacles of Reliable Identification • Bar-codes vs. RFID – line-of-sight – scanning rate • Object detection obstacles – radio noise is ubiquitous – liquids and metals are opaque to RF • milk, water, juice • metal-foil wrappers – – – – – – temperature and humidity objects/readers moving speed object occlusion number of objects grouped together tag variability and receptivity tag aging 8 Case Studies • Defense Logistics Agency trials (2001) – – – – 3% of moving objects did not reach destination 20% of tags recorded at every checkpoint 2% of a tag type detected at 1 checkpoint some tags registered on arrival but not departure • Wal-Mart experiments (2005) – 90% tag detection at case level – 95% detection on conveyor belts – 66% detection inside fully loaded pallets 9 Multi-Tag RFID Use Multiple tags per object to increase reliability of object detection/identification 10 The Power of an Angle • Inductive coupling: distance ~ (power)1/6 • Far-field propagation: distance ~ (power)1/2 • Optimal Tag Placement: B-field β 4 1 power ~ sin2(β) 3 2 61.86 Expected angle (Degrees) 65 58.11 60 55 180 1 2 47.98 50 45 40 35 30 # of Tags 32.7 1 180 1 2 2 2 0 2 0 ( 2 3 2 0 2 0 Max[1 , 2 ]sin( ) d d ) sin( )d d 4 11 Equipment and Setup • Equipment x4 x1 x8 x100’s x1 x100’s • Setup – – – – – empty room 20 solid non-metallic & 20 metallic and liquid objects tags positioned perpendicular to each other tags spaced apart software drivers 12 Experiments • Read all tags in reader’s field • Randomly shuffle objects • Compute average detection rates • Variables – – – – – – – – – reader type antenna type tag type antenna power object type number of objects number of tags per object tags’ orientation tags’ receptivity 13 Linear Antennas Antenna Pair #1, Power = 31.6dBm 1 0.9 Detection Probability 0.8 0.7 0.6 0.5 0.4 1Tag: 58% 2Tags: 79% 3Tags: 89% 4Tags: 93% 0.3 0.2 0.1 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Object Number 14 Circular Antennas Antenna Pair #1, Power = 31.6dBm 1 Detection Probability 0.9 0.8 0.7 0.6 1Tag: 75% 0.5 2Tags: 94% 3Tags: 98% 0.4 4Tags: 100% 0.3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Object Number 15 Linear Antennas vs. Multi-tags Power = 31.6dBm 1 0.9 0.8 Detection Probability 0.7 0.6 0.5 0.4 2 Readers, 2 Tags 84.5% Δ= 5.2% 0.3 1 Reader, Δ=14.4% 0.2 0.1 Δ= 6.9% Δ=19.8% 2 Tags 79.3% 2 Readers, 1 Tag 64.9% 1 Reader, 1 Tag 58.0% 9 12 14 Δ=21.3% 0 1 2 3 4 5 6 7 8 10 11 13 15 16 17 18 19 20 Object Number 16 Importance of Tag Orientation 180-same 180-diff 90-same 90-diff Circular Linear 1 Tag 2 Tags 1 Tag 2 Tags 0.55 21% 0.37 0.74 12% 0.52 25% -7% 0.33 0.47 0.67 0.52 0.80 0.63 17 Detection in Presence of Metals & Liquids Circular Antenna 1 Detection Probability 0.9 0.8 0.7 0.6 0.5 0.4 0.3 0.2 0.1 Power=31.6dBm, No Liquids/Metals Power=31.6dBm, With Liquids/Metals Power=27.6dBm, No Liquids/Metals Power=27.6dBm, With Liquids/Metals 0 1 2 3 4 Number of Tags • Decrease in solid/non-liquid object detection • Significant at low power • Similar results for linear antennas 18 Varying Number of Objects Experiment 1: 15 solid non-metallic & 15 liquids and metals Experiment 2: 20 solid non-metallic & 20 liquids and metals Effect of the Number of Objects on Detection Probability 0.9 Detection Probability 0.8 15/15 experiment 20/20 experiment 0.7 0.6 0.5 0.4 0.3 Metals & Liquids ∆ : 3%-13% 0.2 0.1 0 1 Tag 2 Tags 3 Tags 1 Tag 2 Tags 3 Tags 1 Tag 2 Tags 3 Tags 1 Tag 2 Tags 3 Tags 1 Antenna 2 Antennas 3 Antennas 4 Antennas 19 Applications of Multi-Tags Reliability Availability Localization Safety 20 More Applications Security Packaging Theft Prevention Tagging Bulk Materials 21 Economics of Multi-Tags Cost 2001 2002 2003 2004 2005 2006 2007 2008 2011 $1.04 $0.81 $0.45 $0.19 $0.13 $0.08 $0.06 $0.05 $0.01 Passive Tag Cost Trend Tag Cost Year $1.00 $0.80 $0.60 $0.40 $0.20 $0.00 2001 2002 2003 2004 2005 2006 2007 2008 2011 Year Historical Cost Prediction Cost • Rapid decrease in passive tag cost • 5 cent tag expected in 2008 • 1 penny tag in a few years 22 Cost Trends Time 23 Multi-Tag Conclusion • Unreliability of object detection – radio noise is ubiquitous – liquids and metals are opaque to RF • milk, water, juice • metal-foil wrappers – – – – – – temperature and humidity objects/readers moving speed object occlusion number of objects grouped together tag variability and receptivity tag aging $1.00 • Many useful applications Historical Cost $0.80 Prediction Cost $0.60 $0.40 $0.20 • Favorable economics $0.00 2001 2002 2003 2004 2005 2006 2007 2008 24 2011 Talk Outline • Introduction to RFID • Reliable Object Identification – Multi-tag RFID Systems • Physical Security and Privacy – PUF-Based Algorithms • Inter-Tag Communication – Generalized Yoking-Proofs • Common Themes and Conclusion 25 Motivation • Digital crypto implementations require 1000’s of gates algorithm MD4 MD5 SHA-256 AES Yuksel # of gates 7350 8400 10868 3400 1701 • Low-cost alternatives – Pseudonyms / one-time pads – Low complexity / power hash function designs – Hardware-based solutions 26 PUF-Based Security • Physical Unclonable Function [Gassend et al 2002] • PUF security is based on – wire delays – gate delays – quantum mechanical fluctuations • PUF characteristics – uniqueness – reliability – unpredictability • PUF assumptions – Infeasible to accurately model PUF – Pair-wise PUF output-collision probability is constant – Physical tampering will modify PUF 27 Individual Privacy in RFID • Privacy A B C Alice was here: A, B, C privacy 28 Hardware Tampering Privacy Models Allow adversary to tamper with tag’s memory Cannot provide privacy without restricting adversary - simple secret overwrite allows tag tracking 1. Restrict memory tampering functions - allow bit flips read-proof tamper-proof 2. Purely physical privacy - no digital secrets 3. Detect privacy compromise - detect PUF modification 29 Private Identification Algorithm Database ID ID p(ID) Request ID1, p(ID1), p2(ID1), …, pk(ID1) ... IDn, pn(IDn), pn2(IDn), …, pnk(IDn) • It is important to have – a reliable PUF – no loops in PUF chains – no identical PUF outputs • Assumptions – no denial of service attacks (e.g., passive adversaries, DoS detection/prevention mechanisms) – physical compromise of tags not possible 30 PUF-Based Ownership Transfer • Ownership Transfer • To maintain privacy we need – ownership privacy – forward privacy • Physical security is especially important • Solutions – – – – public key cryptography (expensive) knowledge of owners sequence short period of privacy trusted authority 31 PUF-Based MAC Algorithms • MAC = (K, τ, υ) • valid signature σ : υ K(M, σ) = 1 • forged signature σ’ : υ K(M’, σ’) = 1, M = M’ • MAC based on PUF – Motivation: “yoking-proofs”, signing sensor data – large keys (PUF is the key) – cannot support arbitrary messages • Assumptions – adversary can adaptively learn poly-many (m, σ) pairs – signature verifiers are off-line – tag can store a counter (to timestamp signatures) 32 Large Message Space Assumption: tag can generate good random numbers (can be PUF-based) Key: PUF σ (m) = c, r1, ..., rn, pc(r1, m), ..., pc(rn, m) Signature verification • requires tag’s presence • password-based or in radio-protected environment (Faraday Cage) • learn pc(ri, m), 1 ≤ i ≤ n • verify that the desired fraction of PUF computations is correct To protect against hardware tampering • authenticate tag before MAC verification • store verification password underneath PUF 33 Small Message Space Assumption: small and known a priori message space message PUF counter Key[p, mi, c] = c, pc(1)(mi), ..., pc(n) (mi) PUF reliability is again crucial σ(m) = c, pc(1)(m), ..., pc(n) (m), ..., c+q-1, pc+q-1(1)(m), pc+q-1(n)(m) sub-signature Verify that the desired number of sub-signatures are valid 34 Attacks on MAC Protocols • Impersonation attacks original clone – manufacture an identical tag – obtain (steal) existing PUFs • Modeling attacks – build a PUF model to predict PUF’s outputs • Side-channel attacks – algorithm timing – power consumption • Hardware-tampering attacks – physically probe wires to learn the PUF – physically read-off/alter keys/passwords 35 Conclusions and Future Work Hardware primitive for RFID security Identification, MAC, Ownership Transfer, and Tag Authentication Algorithms • Properties: – Physical keys – Protect tags from physical attacks – New attack models • Future Work: – – – – Design new PUF Manufacture and test PUF Develop PUF theory New attack models 36 Talk Outline • Introduction to RFID • Reliable Object Identification – Multi-tag RFID Systems • Physical Security and Privacy – PUF-Based Algorithms • Inter-Tag Communication – Generalized Yoking-Proofs • Common Themes and Conclusion 37 Inter-Tag Communication in RFID • Idea: Heterogeneity in ubiquitous computing • Applications: 38 “Yoking-Proofs” • Yoking: joining together / simultaneous presence of multiple tags • Key Observation: Passive tags can communicate with each other through reader • Problem Statement: Generate proof that a group of passive tags were identified nearly-simultaneously • Applications – verify that: – medicine bottle sold together with instructions – tools sold together with safety devices – matching parts were delivered together – several forms of ID were presented 39 Assumptions and Goals • Assumptions – – – – – Tags are passive Tags have limited computational abilities Tags can compute a keyed hash function Tags can maintain some state Verifier is trusted and powerful • Solution Goals – – – – Allow readers to be adversarial Make valid proofs improbable to forge Allow verifier to verify proofs off-line Detect replays of valid proofs • Timer on-board a tag – Capacitor discharge can implement timeout 40 Generalized “Yoking-Proof” Protocol Idea: construct a chain of mutually dependent MACs 1 2 3 5 4 Anonymous Yoking: tags keep their identities private 41 Related Work on “Yoking-Proofs” • Juels [2004] – protocol is limited to two tags – no timely timer update (minor/crucial omission) • Saito and Sakurai [2005] – – – – solution relies on timestamps generated by trusted database violates original problem statement one tag is assumed to be more powerful than the others vulnerable to “future timestamp” attack • Piramuthu [2006] – – – – discusses inapplicable replay-attack problem of Juels’ protocol independently observes the problem with Saito/Sakurai protocol proposed fix only works for a pair of tags 42 violates original problem statement Talk Outline • Introduction to RFID • Reliable Object Identification – Multi-tag RFID Systems • Physical Security and Privacy – PUF-Based Algorithms • Inter-Tag Communication – Generalized Yoking-Proofs • Common Themes and Conclusion 43 Common Themes PUF-Based Security and Privacy Multi-Tags RFID Generalized “Yoking-Proofs” 44 Conclusion and Future Research • Contributions • Future Research – – – – – – – More multi-tag tests Object localization using multi-tags Split tag functionality between tags Prevent adversarial merchandize inventorization PUF design More examples of inter-tag communication Applications of RFID 45 Publications • L. Bolotnyy and G. Robins, Multi-tag Radio Frequency Identification Systems, IEEE Workshop on Automatic Identification Advanced Technologies (Auto-ID), Oct. 2005. • L. Bolotnyy and G. Robins, Randomized Pseudo-Random Function Tree Walking Algorithm for Secure RadioFrequency Identification, IEEE Workshop on Automatic Identification Advanced Technologies (Auto-ID), Oct. 2005. • L. Bolotnyy and G. Robins, Generalized “Yoking Proofs” for a Group of Radio Frequency Identification Tags, International Conference on Mobile and Ubiquitous Systems (Mobiquitous), San Jose, CA, July 2006. • L. Bolotnyy and G. Robins, Physically Unclonable Function -Based Security and Privacy in RFID Systems, IEEE International Conference on Pervasive Computing and Communications (PerCom), New York, March 2007. • L. Bolotnyy, S. Krize, and G. Robins, The Practicality of Multi-Tag RFID Systems, International Workshop on RFID Technology - Concepts, Applications, Challenges (IWRT), Madeira, Portugal, June 2007. • L. Bolotnyy and G. Robins, The Case for Multi-Tag RFID Systems, International Conference on Wireless Algorithms, Systems and Applications (WASA), Chicago, Aug. 2007. • L. Bolotnyy and G. Robins, Multi-Tag RFID Systems, International Journal of Internet and Protocol Technology, Special issue on RFID: Technologies, Applications, and Trends, 2(3/4), 2007. • 1 conference and 1 journal paper in submission • 2 invited book chapters in preparation Security in RFID and Sensor Networks, to be published by Auerbach Publications, CRC Press, Taylor&Francis Group 46 More Successes • Deutsche Telekom (largest in EU) offered to patent our multi-tags idea. • Received $450,000 NSF Cyber Trust grant, 2007 (PI: Gabriel Robins). • Technical Program Committee member: International Workshop on RFID Technology - Concepts, Applications, Challenges (IWRT), Barcelona, Spain, June 2008. • Our papers and presentation slides used in lecture-based undergraduate/graduate courses (e.g., Rice University, George Washington University). 47 48 Thank You! Dissertation Committee: Gabriel Robins (advisor), Dave Evans, Paul Reynolds, Nina Mishra, and Ben Calhoun Stephen Wilson, Blaise Gassend, Daihyun Lim, Karsten Nohl, Patrick Graydon, and Scott Krize Questions? lbol@cs.virginia.edu www.cs.virginia.edu/~lb9xk 49 BACK UP SLIDES NOT USED DURING PRESENTATION 50 Types of Multi-Tags • Redundant Tags • Complimentary Tags • Dual-Tags – Own Memory Only – Shared Memory Only – Own and Shared Memory • Triple-Tags • n-Tags 51 Controlling Variables 1. Radio noise 2. Tag variability 3. Reader variability 4. Reader power level 5. Distance to objects & type, # of antennas 52 Circular Antennas vs. Multi-Tags Power = 31.6dBm 1 0.9 Detection Probability 0.8 0.7 0.6 2 Readers, 2 Tags 99.4% Δ= 5.2% 0.5 1 Reader, Δ=3.2% 0.4 Δ= 15.1% Δ=8.4% 2 Tags 94.2% 2 Readers, 1 Tag 91.0% 1 Reader, 75.9% 1 Tag Δ=18.3% 0.3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Object Number 53 Power 1 Tag 2 Tags 3 Tags 4 Tags Circular Antennas 1 1 0.9 0.9 Detection Probability Detection Probability Linear Antennas 0.8 0.7 0.6 0.5 0.4 0.3 0.2 0.1 0.8 0.7 0.6 0.5 0.4 0.3 0.2 0.1 0 0 31.6 30.6 29.6 28.6 Power (dBm) 27.6 26.6 25.6 31.6 30.6 29.6 28.6 27.6 26.6 25.6 Power (dBm) • Decrease in detection with decrease in power • More rapid decrease in detection for circular antennas 54 Multi-Tags on Metals and Liquids 0.9 0.8 Power=31.6dBm, Circular Antennas Power=31.6dBm, Linear Antennas Power=27.6dBm, Circular Antennas Power=27.6dBm, Linear Antennas Detection Probability 0.7 0.6 0.5 0.4 0.3 0.2 0.1 0 1 Tag 2 Tags 3 Tags Antenna #1 1 Tag 2 Tags 3 Tags Antenna #2 Number of Tags 1 Tag 2 Tags 3 Tags Antenna #1 and #2 • Low detection probabilities • Linear antennas outperform circular 55 • Drop in detection at low power • Multi-tags better than multiple readers Detection Delta Change in Detection Based on # of Antennas and Tags Change in Detection Probability 0.16 0.14 0.12 0.1 0.030 0.014 0.08 0.06 0.029 0.036 0.04 0.02 1 2 3 1 2 3 1 2 3 1 2 3 tag tags tags tag tags tags tag tags tags tag tags tags 1 Antenna 2 Antennas 3 Antennas 4 Antennas 0 56 Anti-Collision Algorithms Algorithm Redundant Tags Connected-Tags Binary No Effect No Effect Binary Variant No Effect No Effect Randomized Linear Increase** No Effect* STAC Causes DoS No Effect* Slotted Aloha Linear Increase** No Effect* * Assuming tags communicate to form a single response ** If all tags are detected 57 Business Case for RFID • Costs & benefits (business case) – – – – Moore’s law higher employee productivity automated business processes workforce reduction • Tag manufacturing yield and testing – – – – 30% of chips damaged during manufacturing 15% damaged during printing [U.S. GAO] 20% tag failure rate in field [RFID Journal] 5% of tags purchased marked defective 58 RFID Tag Demand • Demand drivers – tag cost – desire to stay competitive Increase in RFID tag demand Decrease in RFID tag cost • Cost effective tag design techniques – memory design (self-adaptive silicon) – assembly technology (fluidic self assembly) – antenna design (antenna material) 59 Thesis Multi-tags can considerably improve reliability in RFID systems at a reasonable cost; effective PUF implementations can enable hardwaretampering resistant algorithms for RFID security and privacy; generalized yoking-proofs can provide auditing mechanisms for the near-simultaneous reading of multiple RFID tags. 60 Related Work on PUF • Optical PUF [Ravikanth 2001] • Silicon PUF [Gassend et al 2002] – Design, implementation, simulation, manufacturing – Authentication algorithm – Controlled PUF • PUF in RFID – Identification/authentication [Ranasinghe et al 2004] – Off-line reader authentication using public key cryptography [Tuyls et al 2006] 61 Privacy Model Experiment: 1. A passive adversary observes polynomially-many rounds of reader-tag communications with multiple tags 2. An adversary selects 2 tags 3. The reader randomly and privately selects one of the 2 tags and runs one identification round with the selected tag 4. An adversary determines the tag that the reader selected Definition: The algorithm is privacy-preserving if an adversary can not determine reader selected tag with probability substantially greater than ½ Theorem: Given random oracle assumption for PUFs, an adversary has no advantage in the above experiment. 62 Improving Reliability of Responses • Run PUF multiple times for same ID & pick majority number of runs unreliability chain length probability N overall reliability R(μ, N, k) ≥ (1 - ∑ m= R(0.02, 5, 100) ≥ 0.992 N+1 2 N μm(1-μ)N-m )k m • Create tuples of multi-PUF computed IDs & identify a tag based on at least one valid position value tuple size expected number of identifications (ID1, ID2, ID3) ∞ S(μ, q) = ∑ i q i [(1 – (1-μ)i+1)q - (1 – (1-μ) ) ] i=1 S(0.02, 1) = 49, S(0.02, 2) = 73, S(0.02, 3) = 90 63 Choosing # of PUF Computations probv(n, 0.1n, 0.02) n probv(n, t, μ) = 1 - ∑ i=t+1 probf(n, 0.1n, 0.4) n μi(1-μ)n-i i n n τj(1-τ)n-j probf(n, t, τ) = 1 - ∑ j j=t+1 α < probv ≤ 1 and probf ≤ β ≤ 1 0 ≤ t ≤ n-1 64 MAC Large Message Space Theorem Given random oracle assumption for a PUF, the probability that an adversary could forge a signature for a message is bounded from above by the tag impersonation probability. 65 MAC Small Message Space Theorem Given random oracle assumption for a PUF, the probability that an adversary could forge a signature for a message is bounded by the tag impersonation probability times the number of sub-signatures. 66 Purely Physical Ownership Transfer r0, c1, ..., cn (r1, a) oid = h(counter) r1, a = hs(r0, r1) counter = counter - 1 hs(r1, new) s = poid(v1) + ... + poid(vn) v1 = h(c1), ..., vn = h(cn) Challenges sent to tag in increasing order • Properties: – – – – – All PUF computations must be correct PUF-based random number generator Physical write-once counter oid is calculated for each identification Inherently limited # of owners 67 Using PUF to Detect and Restore Privacy of Compromised System s1,0 s2,0 s3,0 s1,1 s2,1 s3,1 s3,2 s2,2 s3,3 s3, s3,5 s1,2 s2,3 s3,6 s2,4 s3,7 s3,8 s3,9 s2,5 s3,10 4 1. Detect potential tag compromise 2. Update secrets of affected tags 68 PUF vs. Digital Hash Function algorithm MD4 MD5 SHA-256 AES Yuksel PUF # of gates 7350 8400 10868 3400 1701 545 • Reference PUF: 545 gates for 64-bit input – 6 to 8 gates for each input bit – 33 gates to measure the delay • Low gate count of PUF has a cost – – – – probabilistic outputs difficult to characterize analytically non-unique computation extra back-end storage • Different attack target for adversaries – model building rather than key discovery • Physical security – hard to break tag and remain undetected 69 PUF Design • Attacks on PUF – – – – • impersonation modeling hardware tampering side-channel Weaknesses of existing PUF reliability • New PUF design – – • no oscillating circuit sub-threshold voltage Compare different non-linear delay approaches 70 PUF Contribution and Motivation Contribution • Physical privacy models • Privacy-preserving tag identification algorithm • Ownership transfer algorithm • Secure MAC algorithms • Comparison of PUF with digital hash functions Motivation • Digital crypto implementations require 1000’s of gates • Low-cost alternatives – Pseudonyms / one-time pads – Low complexity / power hash function designs – Hardware-based solutions 71 Speeding Up The Yoking Protocol Idea: split cycle into several sequences of dependent MACs starting / closing tags Requires – multiple readers or multiple antennas – anti-collision protocol 72