RFID & Security: an overview of threats and possible ...lauren_m/WEB-ActionSSO/2014-SSO... RFID &...
Transcript of RFID & Security: an overview of threats and possible ...lauren_m/WEB-ActionSSO/2014-SSO... RFID &...
www.centrenational-rfid.com
RFID & Security: an overview of threats and possible
countermeasures
Claude Tételin Directeur Technique
Président AFNOR CN31
Septembre 2014
• The French RFID National Centre
• Classification of RFID technologies
• Purpose of security: what do you want to protect?
– Applications of RFID
– Identifiers
– Data
• Attacks
• Possible countermeasures
• Conclusion
2
Agenda
Le CNRFID
Le CNRFID, Une Initiative Nationale• Initié par le Ministère de l’Industrie et des Finances
• Créé par le Pôle de compétitivité Solutions Communicantes Sécurisées et le
Pôle Traçabilité en juillet 2008
• Mis en place opérationnellement en janvier 2009
Association loi 1901, cofinancée par : • L’Etat (DGCIS)
• Ses adhérents
• Ses services
Une expertise reconnue : • Membre des comités de normalisation internationaux (CEN, ETSI, ISO)
• Présidences & vice présidences
• Mandat européen, « Privacy & Public Awarness », Présidence groupe norme
liées au processus PIA
Nos valeurs
www.centrenational-rfid.com
• Indépendance
Association indépendante de tout organisme, secteur, profession,
marché ou région
• Transparence et neutralitéLe CNRFID a pour mission de promouvoir l’utilisation intelligente
des technologies RFID et NFC. Cette mission est menée dans la
plus grande transparence et avec toute la neutralité et
confidentialité qui s’impose à un Centre National de Référence.
Notre Mission
www.centrenational-rfid.com
Accompagner le développement (financièrement et
techniquement) des solutions sans contact
Contribuer à la normalisation, aux évolutions légales et
règlementaires
Favoriser le développement d’une synergie stratégique et
opérationnelle de nos adhérents offreurs et utilisateurs au
niveau national, européen et international
Former et informer les utilisateurs/offreurs de solutions sans
contact
Répertorier les solutions technologiques
1
2
3
4
5
Des adhérents représentatifs
de la chaîne de valeur de la RFID
Puce électronique
Etiquette, Tag, carte
InterrogateurPackaging,Capteurs,Sécurité
Software,Réseau
Intégration Utilisateurfinal
Les actions du CNRFID
www.centrenational-rfid.com
Implication au sein de l’univers académique
Evénements et rencontres business
Formations et Informations
Accompagnement Projet
Services
du CNRFID
Norme, règlementation et
standardisation
Le soutien aux PME
Veille technologique et stratégique
• The French RFID National Centre
• Classification of RFID technologies
• Purpose of security: what do you want to protect?
– Applications of RFID
– Identifiers
– Data
• Attacks
• Possible countermeasures
• Conclusion
8
Agenda
RFID principle:
Technology for automatic identification that uses radiofrequency radiations or
magnetic fields for identifying objects carrying tags present in the readerinterrogation zone.
An electronic chip embedded in the tag contains unique identifiers and data.
www.centrenational-rfid.com 9
RFID Classification
Active / Passive / Battery Assisted Passive
Active: the RFID chip has its own RF emitterMore complex and more expensiveGreater reading distances (> 100 m)Tag needs an on-board power supply
Passive: the RFID has no emitter on boardSimple and cheapTag needs to backscatter reader’s RF signal to communicateReading distances from few centimetres up to 10 m maximumRFID chip supplied by reader’s RF signal
Battery Assisted: a passive tag that carries a batteryNo RF emitter on board (passive)Backscattering for communicationThe battery is generally used for supplying peripherals (sensors, I2C links,…)
www.centrenational-rfid.com 10
RFID Classification
Frequency or reader/tag coupling
Inductive coupling: uses magnetic fields
LF (125kHz) or HF (13,56MHz) systems
Antennas = Coils or loops
Magnetic field rapidly decreases = interrogation zones are clearly defined
Propagative coupling: far field region
UHF (433 and 860-960MHz) and SHF (2,45GHz) systems
Antenna = Dipole based designs
Propagation = reflexions and diffractions = possible holes in the interrogation zone
www.centrenational-rfid.com 11
RFID Classification
Memory types and sizesRead Only
End-users cannot change these data
TID: Tag Identifier (generally 32 or 64 bits)
Encoded by chip manufacturer
Write Once Read Multiple
End-user can encode data once
UII: Unique Item Identifier (32, 64, 96 or 128 bits)
Example: EPC Code (GS1)
Multi Time Programmable: User Memory
A few bits up to several kilobits
Access could be protected or restricted (login, password)
Protocoles TTF, RTF, ToTaL
www.centrenational-rfid.com 12
RFID Classification
• The French RFID National Centre
• Classification of RFID technologies
• Purpose of security: what do you want to protect?
– Applications of RFID
– Identifiers
– Data
• Attacks
• Possible countermeasures
• Conclusion
13
Agenda
Reading distance
From few mm to several meters for passive systems (>100 m for active RFID)
Think about reading volumes and not onlymaximum distances!
Reading w/o line of sight
Use of magnetic or EM fields
Take the environment into account (metal, water, etc.)
Simultaneous readings
Up to 100 tags/s (UHF protocols)
Adapt the protocol to the application (passNavigo vs. logistics)
If you don’t need any of these three characteristics, please don’t use RFID in your process
www.centrenational-rfid.com 14
Different RFID applications
www.centrenational-rfid.com 15
Identifiers and Data
MemoryRFID chips only use non volatile memory (because
RFID tags have to store information even when they
are not powered)
RFID chips mainly use EEPROM technology
because the size of the memory do not exceed tens
of kbytes and each bit of memory can be addressed
individually (no need to lose time and energy to write
complete blocks even if it is sometimes possible)
EEPROM is a stable technology (lower cost)
FeRAM are used for applications which require high
capacity memory (Fujitsu UHF tag with up to 64
kbytes user memory)
CID: Chip IdentifierNumber used to identify the chip. Usually encoded by the chip manufacturer in a ROM like memory. Cf. TID
TID: Tag IdentifierNumber used to identify a RFID Tag. Usually encoded by the tag manufacturer or chip manufacturer in a ROM like memory. Manufacturers may use the ISO 15963 encoding rules.
UII/UID: Unique Item Identifier/Unique IdentifierUII is a code that identifies the object to which a tag is affixed. For ISO applications, UII has to follow ISO 15962
EPC: Electronic Product CodeEPC is a special case of UII and is proposed by GS1. For EPCGlobalapplications, UII (EPC) has to follow EPCglobal Tag Data Standards.
Identifiers and Data
AFI: Application Family IdentifierAFI represents the type of application targeted by the RFID readers and is used to extract from all the RFID tags present only the tags meeting the required application criteria. AFI is defined in ISO/IEC 15961-3
Reader
AFI is also used for contactless smartcards applications (banking, transport, access control, etc.). AFI codes are defined by ISO 14443 and ISO 15693AFI is a powerful tool to speed up anti-collision process
Courtesy of Paul Chartier, Praxis Consultants
Identifiers and Data
• Basic UHF Protection features:• None: everyone can read/erase/write at the identifier memory location
• Lock: Once written by an authorized organization, the identifier is locked. Everyone can read it but need a password to change it. Questions:
• What is an authorized organization?• Who define the password and store it?• Is there a different password for each tag?
• PermaLock: Once written by an authorized organization, the identifier is permanently locked. Everyone can read it but identifier can never been changed again.
• Be careful when permalocking an encoded identifier• Un-permalocking of tag is sometimes possible but very difficult (recommissioning)
Identifiers and Data
Available data protection features depend on where data is stored
DataCan be stored:
Directly in the RFID tag memoryIn an external data base
Data in the tagEveryone who reads a tag can access the data but…
Data could be protected (access password) or encipheredTag reading may require reader authentication
No need to have network connection
Data in the applicationNo data stored in the tag End user accesses data using the unique identifier as a pointer in a data baseThis may require authentication and data access/modification may depend on end-user’s privileges
Identifiers and Data
• The French RFID National Centre
• Classification of RFID technologies
• Purpose of security: what do you want to protect?
– Applications of RFID
– Identifiers
– Data
• Attacks
• Possible countermeasures
• Conclusion
20
Agenda
Security services: what is the targeted asset?
Data disponibility
Integrity that ensures that any modification of data is detected
Confidentiality that prevents unauthorized disclosure of data
Access control that prevents unauthorized use of resources
Authentication that ensures that the device (tag and/or reader) entity is the one claimed
What is the target?
The RFID tag (and the object it is attached to)
The RFID chip
The RFID air interface
The device interface and the application
www.centrenational-rfid.com 21
RFID attacks
The only one reallyspecific to RFID
Attackers may use:
Fake Reader, Fake Tag, Real Reader, Real Tag
www.centrenational-rfid.com 22
Configuration of RFID attacks
Fake Reader:
Interferences for Denial of Service
Eavesdropping
Tag Activation
www.centrenational-rfid.com 23
Configuration of RFID attacks
Fake Tag:
Interferences / collisions for Denial of Service
Unauthorized access
www.centrenational-rfid.com 24
Configuration of RFID attacks
Fake Tag and Fake Reader:
Tag cloning
Relay Attack
www.centrenational-rfid.com 25
Configuration of RFID attacks
Threats associated with the data encoded on the RFID tag
Side Channel (power consumption, EM fields,… )
Tag Cloning (unique chip ID, data,…)
Physical data modification (to gain privileges…)
Tag switching (start communication with real tag and continue with fake one)
Tag destruction (physical, logical)
Threats associated with the air interface
Unauthorised Tag Reading (skimming)
Tracking (behavioural profiling, data linking, localisation ….)
Eavesdropping or traffic analysis
Relay attack
Man in the middle (data modification/insertion)
Replay attack
www.centrenational-rfid.com 26
RFID attacks scenarios
Threats associated with the air interface …
Noise / Jamming (specific frequency)
Blocker tags (Anticollision process)
Let’s play your imagination…
Finally, all kind of threat is based on:
Tag Activation and/or Eveasdropping
www.centrenational-rfid.com 27
RFID attacks scenarios
Examples of achievable distances
Tag activation
HF (15693): around 4 meters (1/d3 law for H field)
HF (14443): around 1 meter
UHF: around 25 meters (1/d2 law for EM field)
Eavesdropping
HF: around 40 meters
UHF: more than 100 meters
Remember that attackers don’t care about RF regulations
www.centrenational-rfid.com 28
RFID attacks
• The French RFID National Centre
• Classification of RFID technologies
• Purpose of security: what do you want to protect?
– Applications of RFID
– Identifiers
– Data
• Attacks
• Possible countermeasures
• Conclusion
29
Agenda
The recently published European Standard (EN 16571) enumerates more than 40 possible countermeasures to reduce different risks.
Some are part of standardized solutions other are proprietary
Protection of data using a password
Reader shall give the right password to access data on the tag
You can add security timeout and/or limit the number of unsuccessful attempts
Permanent or temporary read lock protection
Reader cannot access part of tag’s memory (protection of passwords or cryptographic keys)
www.centrenational-rfid.com 30
RFID countermeasures
Permanent or temporary write lock protection
Reader cannot modify / erase part of tag’s memory
Data protection using the unique chip id
Reader has to know the unique chip ID to access data or communicate with the tag. This is even harder when TID is serialized.
Active Jamming
This protects the tags that one holds from a potential unauthorized activation issuing an EM field to jam the signal. This process could be illegal because it can damage the contactless systems that are close when using high power (denial of service)
www.centrenational-rfid.com 31
RFID countermeasures
Distance bounding protocols
Algorithm which defines a maximum response time. If tag’s answer to reader request is too long, the reader shall stop the communication suspecting a relay attack
Note that this is the only known way to mitigate relay attack
Use of a Faraday cage
Tags are placed in a Faraday cage that does not let external electromagnetic waves supply the tags. This protects the tags from skimming (unauthorized tag activation).
Note: this is possible for personal ID cards in a wallet but much more difficult to implement for UHF Item tags.
www.centrenational-rfid.com 32
RFID countermeasures
Switch
A switch is placed between the antenna and the chip. This prevent the tag to be skimmed.
Note: Think about the place it would take… This is possible for personal ID cards only. How can you know if the switch is on or off?
Use of a Faraday cage
Tags are placed in a Faraday cage that does not let external electromagnetic waves supply the tags. This protects the tags from skimming (unauthorized tag activation).
Note: this is possible for personal ID cards in a wallet but much more difficult to implement for UHF Item tags.
www.centrenational-rfid.com 33
RFID countermeasures
Blocker tag
This tag emulates and backscatters several different UID to the reader. This creates never ending collisions so that the reader is unable to inventory the population of surrounding tags. This prevents from accessing tag’s memory and ID.
Kill function
UHF tags can be killed by authorized readers. A kill password prevents unauthorized reader to kill every tags out there…
Once in the killed state, the tag does not answer to any request. It’s dead
Note: this is an alternative to physical tag removal.
www.centrenational-rfid.com 34
RFID countermeasures
The recently published EPC C1G2 V2 (ISO/IEC 18000-63) standards
propose new set of protection features !
Untraceability
This feature allows to hide portions of tag’s memory.
The serialized part of the EPC code could be hidden (not backscattered by the tag) but still remain in the memory so that authorized readers can access it.
Reduced read range
Using internal switch (remotely controlled by an authorized reader), the tag backscatters less signal. This prevents from long range tag activation and data access.
www.centrenational-rfid.com 35
RFID countermeasures
Cryptography
UHF tags may use different crypto suites (symmetric or asymmetric):
to encrypt communications
for tag, reader or mutual authentication
Cryptographic suites are under development in ISO SC31 committee.
Note: 10 different crypto suites will be available but only few of them will be implemented in RFID UHF chips.
Note: together with classical crypto commands, the CHALLENGE command will allow to authenticate a complete population of tags very quickly.
www.centrenational-rfid.com 36
RFID countermeasures
37Copyright CNRFID
Risk evaluation
Questions:
Identification of the threats and associated vulnerabilities
What would be the extent of the damage if the vulnerability was exploited
Is the attack easy to reproduce? (in lab, in real life)
How many users will be affected?
What are the skills required by the attacker?
How does it cost to implement the attack, what is the benefit for the attacker?
What are the possible countermeasures?
How does it cost to implement them?
Chose a metric and evaluate the risk
ISO 27005, Ebios,…
One word on Privacy
Privacy is closely linked to data security but is a broader question
European Recommendation May 2009« implementation of the principles of respect of privacy and data
protection in applications based on RFID »
Title « Data Protection »: not only Personal Data
Definitions & Scope All RFID technologies (NFC, contactless smart cards) All kind of applications … except govermental ones (Passport, ID) Focus on retail (direct link between companies and consumers)
One word on Privacy
40Copyright CNRFID
One word on Privacy
If you do not systematically deactivate the tags please undertake a Privacy Impact Assessment (PIA)
New European Standard (EN 16571) on
Identification of privacy asset and valuation
what kind of personal data
where is it stored (tag, application)
Identification of the threats and associated vulnerabilities
Identification of countermeasures
Evaluation of residual risk
Metric is based on ISO 27005
Conclusion
Distinction has to be made between HF ISO 14443 based RFID application and others (ISO 15693 and UHF protocols)
ISO 14443 based applications are proximity systems (few centimeters).
ISO 14443 product is not secured in itself but:
Can support high level secured commands
Complex OS with security features can be embedded in the chip
RFID for item identification is a weak technology but:
Data in the tag has low value
Important data could be stored in a secure data base only accessible after authentication
New features that protect both tag ID and data will be available in the near future
[1] PARET Dominique – RFID en ultra et super hautes fréquences UHF-SHF, Théorie et mise en oeuvre. Dunod (2008).
[2] COMBES Paul – Micro-Ondes 2, circuits passifs, propagation, antennes. Dunod (1997).
[3] PARET Dominique – Identification radiofréquence et carte à puce sans contact, description. Dunod (2001).
[4] FINKENZELLER Klaus – RFID Handbook, Radio-Frequency Identification Fundamentals and Applications. Wiley (1999).
[5] BOWICK Chris – RF Circuit Design. Newnes (1982).
[6] de DIEULEVEULT François – Electronique appliqué aux hautes fréquences. Dunod (1999).
[7] VIZMULLER Peter – RF Design Guide, systems, circuits and equations. Artech House (1995).
[8] VENTRE Dominique – Communications analogiques. Ellipses (1998).
[9] ZHANG Yan, YANG Laurence, CHEN Jiming – RFID and Sensor Networks. CRC Press (2010)
[10] BELLANGER Maurice – Traitement numérique du signal - Théorie et pratique. Dunod (2006).
[11] GREEN R.B. – The general theory of antenna scattering. OSU report 1223-17 (1963)
[12] SCHNEIDER R.K. – A re-look at antenna in-band RCSR via load mismatching. IEEE Antennas and Propagation Society
International Symposium, vol.2, pp 1398-1401 (1996)
[13] DOBKIN Daniel – The RF in RFID, Passive UHF RFID in practice. Newnes (2008)
[14] TETELIN Claude - Systèmes et techniques RFID. Techniques de l’ingénieur E1470
Bibliography