Add to collection(s) Add to saved
  1. Business
  2. Management

What is RFID - Security Assessment

advertisement 
30 Minutes of RFID
Analysis, Applications and Attacks
Presented By Dan Cornforth
Copyright Security-Assessment.com 2006
Overview
•
•
•
•
•
•
What is RFID
How does the technology work
Identify some of the forces behind progress to date
Who is using RFID currently & for what
What might RFID be useful for & by whom
Some potential weaknesses, attack vectors and fixes
Copyright Security-Assessment.com 2006
What is RFID
Smartcode EPC passive RFID tag
Copyright Security-Assessment.com 2006
What is RFID
• Radio Frequency Identification
• Typical RFID infrastructure
Copyright Security-Assessment.com 2006
RFID Characteristics & Differentiators
•
•
•
•
Types of tag
– Passive
– Active
The air interface (operating frequency)
– LF
125khz
– HF
6.78mhz, 13.56mhz, 27.125mhz, 40.680mhz
– UHF
433.920mhz, 869mhz, 915mhz
– Microwave
2.45ghz, 5.8ghz, 24.125ghz
Communication modes
– Full duplex
– Half duplex
– Variant half duplex
Coupling
– Backscatter
Copyright Security-Assessment.com 2006
Governing Specifications
• ISO 14443
– Defines 2 card types (A & B)
– Modulation methods
– Coding schemes
– Protocol initiation procedures
• ISO 15693
– Defines vicinity cards
• Emergence of the EPC (Gen2) standards
– Electronic Product Code
• No single global body, for RFID governance and standards…
yet
Copyright Security-Assessment.com 2006
Security Features of Common Tags
•
•
•
Transmit standard serial ID
– UNIQUE
– VeriChip
– Most animal tags
– HID Prox II
Requires a password authentication prior to ID transmission
– Q5
– Titan
– EM4469
Challenge response, PKI and encrypted transmission of ID
– DST (40 bit key)
– MiFare
– HiTag (48 bit key)
– SmartMX (128 bit AES, 4096 bit asymmetric key)
Copyright Security-Assessment.com 2006
Influences & Drivers
• Perceived speed, security and simplicity of the cashless
society
– The Hong Kong Octopus Card
– Estimated 63% time saving – Amex (ExpressPay)
• Asset, warehouse and stock management traditionally seen
as drivers
• US TREAD Act 2004 (Trans, Recall, Enhance, Acc, Doc)
• Wal-Mart, FDA and US DoD mandates
• Keyless entry
– Centralised access management
– Key duplication perceived more difficult ~ dependant
• EPCglobal network
• Ever decreasing size and price of the hardware
Copyright Security-Assessment.com 2006
Current Applications
•
•
•
•
•
•
•
•
Payments
– Amex Bluecard products & ExpressPay,
– Mastercard PayPass
Public transport & ticketing
– The Hong Kong Octopus card
– London transports Oyster card
– Many more throughout Europe, US and Asia
Industrial automation
– Stock and asset management through the supply chain
Electronic immobilisation
Physical access control
ePassport
Animal identification
Various medical applications
Copyright Security-Assessment.com 2006
Current Applications
Copyright Security-Assessment.com 2006
Future & Potential Applications
•
•
•
A potentially limitless marketing resource (e.g Tagged clothing
items that may be tracked throughout a shopping mall)
– What are the shopping behaviour patterns of our customers?
– What else did they buy from who?
– Was our store their first choice for the product they bought?
– Where did they eat?
– Who are they shopping with?
– Which family member(s) appear to be driving the shopping
experience?
– OK this may appear a little far fetched but technically feasible
EPCglobal network
Potential applications appear to be limited only by
– Privacy legislation
– Public perception
– Implementers imagination
Copyright Security-Assessment.com 2006
Attack Vectors
•
•
•
•
•
•
•
Tag destruction & read prevention
The kill command
The RFID “virus”
Device cloning & replay attacks
The relay attack
Attacking weak crypto
Side channel attacks (power analysis)
Copyright Security-Assessment.com 2006
Tag Destruction & Read Prevention
• Nothing particularly sophisticated or glamorous here
• Home made strong electro magnetic field generator
– The “RFID-Zapper”
– Non FCC compliant
– https://events.ccc.de/congress/2005/wiki/RFID-Zapper(EN)
• Foil & duct tape RFID shielded wallet for the privacy
enthusiast
– http://www.rpi-polymath.com/ducttape/RFIDWallet.php
Copyright Security-Assessment.com 2006
Physical Read Prevention
Copyright Security-Assessment.com 2006
Physical Read Prevention
Copyright Security-Assessment.com 2006
The Kill Command
• Primarily a privacy and anti-counterfeiting mechanism
• Technical implementation left to device manufacturer
• Achieved via
– Blowing an embedded fuse, following issue of correct “kill”
string
– Set a “killed” value in memory, disabling the protocol state
machine
• Logical layout of tag memory as per EPC Class 0 &1 Gen1
standards
Copyright Security-Assessment.com 2006
The RFID “virus”
• Nothing particularly notable or new to see here
• This is a PoC attack
– Bad data written to tag
– Middleware supporting the RFID infrastructure reads the bad
data from the tag without sanitising the input
– The potential for SQL injection attack against a backend
database exists
• Not strictly an RFID specific attack
• Not an ideal SQL injection scenario
• Knowledge of backend database construct and product is a
prerequisite
Copyright Security-Assessment.com 2006
Device Cloning & Replay
• Effective against ID only and symmetric devices
• Reprogram another tag to emulate another device ID
– Certain models of HiTag can be programmed to emulate
other devices serial numbers
• Reproduction and replay of the tag transmission
– http://cq.cx/verichip.pl
– Off the shelf parts
– 125 khz & 13.56 mhz
– Sniff, behave as a reader and behave as a device
– The USRP (Universal Software Radio Peripheral)
http://ettus.com
Copyright Security-Assessment.com 2006
Device Cloning & Replay
Copyright Security-Assessment.com 2006
The Relay Attack
•
•
•
•
•
Effective against challenge response, cryptographically & non
cryptographically sound devices
For those who have read Ross Andersons “Security Engineering” think
“MiG in the middle” attack
The scenario
– An RFID enabled point of sale for good or services
– Using a contactless smartcard
– Employing a cryptographically sound communication channel between the
device and the reader
How the attack works
– At the checkout the POS issues a challenge to the card in customer A’s
wallet, which is waved before the reader
– Our customer relays this challenge via an RFID proxy to another card
holders wallet elsewhere (Cardholder B)
– Card holder B’s card responds to the valid proxied challenge
– The response from B’s card is relayed to A’s card in answer to A’s purchase
at the POS.
The hardware for this attack cost the Cambridge based researchers
approximately $250
Copyright Security-Assessment.com 2006
Attacking Weak Encryption
• Texas Instruments DST (Digital Signal Transponder)
– Basis for the SpeedPass payments system primarily used at
petrol stations in the US
– Uses a proprietary 40 bit undisclosed algorithm
• The attack involved three distinct stages
– Reverse engineering of the algorithm
– Brute force key cracking
– Tag simulation
Copyright Security-Assessment.com 2006
Attacking Weak Encryption
Copyright Security-Assessment.com 2006
Power Analysis Attacks
• What is it?
– Side channel cryptanalysis attack against the chip
– Generally aimed at the implementation rather than the
algorithm
– Focuses on the relation of changes within the power
consumption across the chip with operations within the
cryptosystem
– Requires logic analysis equipment
• Goals
– Extraction of cryptographic key material
• Peter Gutmann quote:
“You simply cannot make a credit-card form factor device
robust, capable, or secure.”
Copyright Security-Assessment.com 2006
Mitigation
•
•
•
•
Ensure real cryptography is used
– AES & friends ~ good
– Snake oil infinity bit proprietary algorithm ~ bad
Greater device tamper resistance
– Help place side channel attacks outside the realms of a moderately
funded attacker
– Equates to a more expensive device
Pressure device manufactures for the development &
implementation of a distance bounding protocol within high
security devices
– Equates to a more expensive device
Ensure appropriate device selection and testing from project
outset
– Recalling devices issued to a nations dairy herd or passport holders
may prove costly
Copyright Security-Assessment.com 2006
References & Resources
•
•
•
•
•
•
•
•
•
•
Fundamentals and Applications in Contactless Smartcards & Identification
Klaus Finkenzeller
Python library for exploring RFID devices
http://rfidiot.org
Practical Relay Attacks Against ISO 14443 Proximity Cards
Gerhard Hancke & Dr Markus Kuhn
Low Cost Attacks on Tamper Resistant Devices
Ross Anderson & Markus Kuhn
A New Approach to Hardware Security Analysis
in Semiconductors
Sergi Skorobogatov
RFID Essentials
O’Reilly
Texas Instruments DST attack
http://www.jhu.edu/news_info/news/home05/jan05/rfid.html
RFID relay attacks
http://www.cl.cam.ac.uk/~gh275/relay.pdf
RFID virus
http://www.rfidvirus.org/papers/percom.06.pdf
Smartdust
http://en.wikipedia.org/wiki/smartdust
Copyright Security-Assessment.com 2006
Questions
http://www.security-assessment.com
dan.cornforth@security-assessment.com
Copyright Security-Assessment.com 2006
Related documents
Libraries Continue to Choose 3M RFID Solutions
Libraries Continue to Choose 3M RFID Solutions
RFID Implementation at the Hamilton Public Library
RFID Implementation at the Hamilton Public Library
Stock control and inventory
Stock control and inventory
Fiona Emberton paper
Fiona Emberton paper
Discussion #6 - Personal.psu.edu
Discussion #6 - Personal.psu.edu
ethnicspp
ethnicspp
brochure template en
brochure template en
3M Introduces New RFID Solutions at ALA Annual Conference
3M Introduces New RFID Solutions at ALA Annual Conference
Download
advertisement