INTRODUCTIONThe purchaser of an item will not necessarily be aware of thThe tag can be read at a distance without the knowledge of tIf a tagged item is paid for by credit card or in conjunctioTags create, or are proposed to create, globally unique seriRFID BackgroundRFID TAGSATMEL TK5552Attack on tagsRelated works on security of non-secure tagssecure tagssmart card and RFIDcontactless rfid/smart cardThe reader specifies the sector to be accessed and chooses kThe card reads the secret key and the access conditions fromThe reader calculates the response using the secret key and the card verifies the response by comparing it to its challeThe reader compares the response with its own challenge.An algorithm for secrecy of low-COST TAGalgorithm analysisImplementationConclusion1Security in RFID Systems Project report for GMU ECE 646 Alireza Pirayesh Sabzevar Abstract— Nowadays low cost Radio Frequency Identification (RFID) systems are one of the hot topics in the computer industry and it is receiving lots of attention from public and private sector. While RFID is suffering from poor security mechanisms, adding RFID tags to ordinary goods jeopardizes public privacy and has caused consumer protests. It is not surprising that security in RFID has received little attention so far. Until now RFID has been mainly used in closed systems with Read-Only (RO) tags. Plus the RFID industry has focused its attention on increasing the performance (read range) and reducing cost, and has paid little attention to the security requirement of the users. There is a growing need in the RFID community to overcome several troubling problems and the industry has responded to this need in several ways. In this project, we review the background of RFID and the possible attacks against the current systems and their corresponding defensive mechanisms. As RFID tags and smart cards are getting closer in architecture and applications, we review the security mechanism of smart cards and potential threats against them to see how these mechanisms can possibly be adapted to RFID systems. It is possible to engineer a new generation of RFID tags with embedded security mechanisms based on the current architectures. In this project an algorithm for such a tag has been simulated by RPC and reviewed. Index Terms— RFID, Smart Card, One-time pad, Security I. INTRODUCTION adio Frequency Identification (RFID) technology has been around for a quite some time but recently it has been changed to a controversial subject. On one side, the public and private sectors see the potential of RFID and are eager to start using this technology to enhance their products and lower costs. At the same time, RFID is suffering from poor security mechanisms and adding RFID tags to ordinary goods infringes on public privacy which has caused consumer protests. The purpose of an RFID system is to enable data to be transmitted by a portable device, called a tag, to an RFID reader and processed according to the needs of the particular application. This system consists of 4 items as is shown in picture 1: Picture 1: RFID System Model Tag: An RFID tag is a small object, such as an adhesive sticker, that can be attached to or incorporated into a product. The tag stores relevant data about the tagged item. RF Antenna: The radio interface between the reader and the tag. Reader: A device which communicates with the tag in order to read or write the stored data onto the tag. Host Computer: Consists of one or more computers including a database system which is connected to one or more reader devices. The reader passes the tag value to the processing unit which retrieves more information about the tag from the database of tag information. In a typical RFID system, individual objects are equipped with a small, inexpensive tag which contains a digital memory chip that is given a unique electronic product code. The interrogator, an antenna packaged with a transceiver and decoder, emits a signal that activates the RFID tag so it can data read from and written to it. When an RFID tagged item passes through the electromagnetic zone, it detects the reader's activation signal. The reader decodes the data encoded in the tag's integrated circuit (silicon chip) and the data is passed on to the host computer for processing. For example, the host computer can deduct the item from inventory or add the price of the item to the customer receipt. Telephone cards and bank cards are two common examples of RFID technology in everyday life which stores data in a silicon chip in a contact-base fashion. RFID systems are useful when the mechanical contact used by a chip card is often impractical. RFID tags are often envisioned as a replacement for UPC or bar-codes, having a number of important advantages over the older technology: • While UPC codes are limited to a single code for all instances of a particular product. RFID codes are long enough that every RFID tag may have a R2unique code. • The uniqueness of RFID tags means that a product may be individually tracked as it moves from location to location, finally ending up in the consumer's hands. • For reading a bar-code the tag should be in line-of-sight of the reader and can be read one by one. In contrast the RFID reader doesn’t need the tag to be visible and can read many tags in less than a second. In general, there are two main areas of application, defined broadly as proximity or short range, and vicinity or long range. Long range or vicinity applications can be described as track and trace applications, but the technology provides additional functionality and benefits for product authentication. Typical end-uses include, but are not limited to supply chain management, parcel and post, garment tags, library and rental sectors and baggage tagging. Short range or proximity applications are typically access control applications and mass transit ticketing. The use of RFID technology has generated considerable controversy and even product boycotts. The four main privacy concerns regarding RFID are: 1. The purchaser of an item will not necessarily be aware of the presence of the tag or be able to remove it. 2. The tag can be read at a distance without the knowledge of the individual. In everyday life, people are prone to carrying various objects around with them. Some of them are quite personal, and provide information that the user does not want anyone to know about. Examples include money,
View Full Document
Unlocking...