Slashdot Mirror
World's First "Unclonable" RFID Chip
An anonymous reader writes to tell us that a new RFID chip from Verayo claims to be unclonable through the use of the new Physical Unclonable Functions (PUF), sort of an electronic DNA for silicon chips. "Basic passive RFID chips can be easily cloned by copying the data residing on one chip to another. Verayo's PUF-based RFID chips cannot be cloned, and provide a very strong and robust authentication mechanism. No other chip or device can be disguised as the original chip, even if the data is copied from one Verayo RFID chip to another."
You conduct overheard conversations all the time and have no issue with considering them "secure": namely via SSL/TLS encryption. All that's necessary to create an RFID that can't be completely duplicated is for the chip to hold on to more information than it broadcasts, and then only reveal that information in a clever way (asymmetric encryption). A well coded challenge-response handshake can allow the reader and chip to conduct a conversation that is 'unique' and cannot be easily duplicated later on. Sure, there is the potential for it to be improperly coded, or downright misrepresented. However, don't count it as a failure before it's even seen the light of day.
You could have a more powerful RFID tag that has some computation ability. This would allow you to generate a new code for every communication, preventing your replay attack.
If the list of request-responses was a true one time pad, then they might actually have some fairly good security from a radio attack, but the number of queries to the rfid tag would be finite.
If they use any kind of cipher, then it is very much open to attack.
If I have nothing to hide, don't search me
From the illustration, it looks like a simple challenge response mechanism. All I have to say is: duh!
So they finally added some form of authentication. This is what smart cards were supposed to be when I first heard about them 10 years ago. Simple RFID was never intended to be used for something secure: it was meant to replace bar codes or magnetic strips.
The use of language is strange.
Unclonable: cannot be cloned
DNA: a molecule that clones itself.
Its not the best choice of marketing metaphor.
Its like saying that an event is possibly inevitable.
-Sean
You'd be far more likely to see something along the lines of a key pair, where the private key is on the RFID, and any device that needs to read the RFID has the public key. Then the RFID would sign something, eg encrypt a hash of the message it received and send that encrypted hash back along with its response. The reader decrypts the hash, and makes sure it lines up right. As long as public-key encryption isn't cracked, you're good.
SIGSEGV caught, terminating
wait... not that kind of sig.
Forgive me for my ignorance (and I haven't RTFA), but my understanding of RFID is the only way to tell what an RFID device is is by listening to it broadcast. Well, if you listen to a device broadcast enough, particularly if you listen in on a conversation between it and what it's supposed to talk to...doesn't it then become relatively simple to create your own RFID device that broadcasts all the same things as the original chip, and responds in all the same ways to input?
Seems to me it's just another instance of "DRM doesn't work," only in this case all the communication between supposedly secure nodes literally has to take place in the open air...
Dan Aris
Well, I don't know if I can answer your question in terms of the technical limitations of RFID - but in general, your argument ignores the possibility that RFID data is being encrypted.
For instance: suppose the subway fare system uses a set of encryption keys - some of these keys will be stored on the fare cards (the RFID devices) and some will be stored in the machines that interact with these cards...
Now suppose the interaction starts with one of these machines broadcasting, looking for a fare card... In some part of the initial handshaking the machine sends out a transaction number - encoded using an encryption key that fare cards can decode. In all further communication that transaction number is part of the encryption key used by the fare card.
You can listen in on this transaction, but you can't do anything with it unless you can decode the messages... You can't replicate the transaction because your response has to include the transaction ID given to you by the gate machine...
So in the context of an "uncloneable" chip - you could create another chip that pretends to have the same "Physical Uncloneable Functions" - but that depends on first knowing exactly what they are... If it's handled in a static way and not encoded, that's pretty easy. If it's handled in a way that one RF exchange only gets you one part of the data you'd need to replicate the thing - or if the data you'd need to replicate the chip is encrypted, then that makes the problem substantially harder...
Fundamentally, though, I believe you're correct - if it can be made once, it can be made again... The trick is to make it difficult to do that.
Bow-ties are cool.
This is how DVD encryption was broken. The theory was fine, but there was no way to secure the private keys when they were included in every shipped device. "DVD John" (IIRC) lifted the private key from Xing's player and it was game over for DVD encryption. I believe this happened within six months of when DVD players began shipping.
Okay, so according to TFA (yeah I know, not supposed to read it, yadda yadda yadda), it looks like the RFID device isn't authenticated by its ID, but by a series of challenge-and-response tokens it has that are also stored in some central database, which appear to increment as they are used.
There appears to be a finite number of challenge-response pairs in the authentication database. How limited is that number? Are they also stored on board the RFID tag? Are they generated from the serial# and/or ID#?
What is the length of the challenge, and of the response? Could a captured item (ie, passport) with such an RFID tag be brute-force interrogated (hit with a series of random-number "challenges" to see which might elicit stored "responses"), and counterfeited that way?
Could this scheme be vulnerable to MITM-style attack?
I prefer rogues to imbeciles because they sometimes take a rest.
Not to defend the claim (the claim is obviously marketing hype) but when they say cloned they mean you can't take a one of their RFID chips and change it to be identical to another one of their chips (to be read by their scanners, etc.). Adding a computer or more circuitry doesn't count because it would not be a clone (even if it generated the same responses).
However, obviously with enough money and resources you could copy one of their chips and turn out another RFID chip that would be identical. It may not even take that much effort or money (I'm sure we'll hear about what it takes soon enough).
If they had claimed that it would be prohibitively expensive or time-consuming to clone one of their chips then maybe I could believe them. But to claim unclonable is in a word unbelievable.
The NSA: The only part of the US government that actually listens.
Here's the #1 on my wish list for RFIDs and other wireless device technologies:
All currently available wireless systems use static IDs and reveal the device IDs in the selection phase (and usually during the rest of the communication too.) This is not necessary. A device should not identify itself and indirectly its owner before it has established that the communication partner is authorized to receive that information. All devices should anonymously verify the other device's authorization and only reveal static IDs inside of encrypted tunnels to authorized devices.
In theory this could be possible. I recall reading some years ago about a guy doing "genetic algorithm" development to get the ideal program for a particular type of integrated circuit. When he got done, the algorithm worked great --ON THAT IC ONLY. The machine code made no sort of ordinary sense; it appeared to be taking advantage of subtle interactions between circuit elements on the chip, which cannot be expected to be duplicated exactly on a different chip, and indeed the code did not work when copied to another chip.
The point is if both the chips and the genetic-algorithm-development-for-each-chip could be mass-produced, then the claim could indeed be possible!
Seriously.
All one would have to do, provided there is a limited amount of responses (which seems plausible considering it is embedded in the chip), just carpet-bomb the RFID with queries. Burn up all them responses, and "Presto!", useless chip. And THAT could be done while some guy is standing next to you on the subway. Get to work and the fucking thing doesn't function anymore.
Now, if they used a rotating list of responses, the same carpet-bombing would reveal that, eventually resulting in a list of correct responses to queries.
Yay for ineffective technology!
If nothing else, it will inhibit the use of them if people that have them for legitimate uses find them unusable all the time.
Wait till Sony gets a hold of this idea. You'll be buying your movies in 1 second clips each stored on a different RFID chip.
DRM, it's for the greater good.
The chip is not a public key crypto device; it looks like it has an unique hashing function built in. The system is based on a manufacturer-controlled database of message and digest values. Once the RFID reader detects this chip, it gets its ID and sends to the manufacturer database; the database sends back a one-time message for the chip to hash (the one-time thing is crucial - it guarantees that a given challenge will not be sent twice, so no replay attack and no MITM on the network connection from the reader to the manufacturer DB). The digest is sent back and if the stored digest and the one returned by the reader match, the chip's identity is confirmed. It seems that the manufacturer builds a database of message / digest values after getting the chip from the vendor treating it as a black box device, and the hashing algorithm never leaves the RFID vendor.
The chip might also be a stateful device, but this would introduce many problems (if the manufacturer DB gets out of sync with the chip, it's useless).
I think that obtaining the original chip (stealing it) would be always easier than duplicating it with this system. To successfully attack it (convince an uncompromised reader that you have the true chip) you would have to:
a) Record all possible responses to all possible challenges from the original chip. I think this is the way the system is particularly resilient to - if the message and response are at least 64 bits long, or there is any delay, then it is impossible.
b) Replicate the chip physically, using a microscope. This is theoretically possible but would be extremely costly, and probably unfeasible.
c) Steal the hashing algorithm from the RFID vendor. This would give you next to nothing if the hashing algorithm used a seed that is never broadcast from the chip (eg. serial # from the picture), so you would have to resort to b) to get it.
d) Steal the C/R database from the manufacturer. This is probably the easiest way, but the manufacturer can't notice or you have to steal the data for very many chips, making revoking them all a major blow for the company.
The main idea here is not being able to construct a fake chip based on data the real chip broadcasts.
Any other ideas?
Those who would give up liberty to obtain working drivers, deserve neither liberty nor working drivers.
You are not thinking out of the box.
Consider this. You got a video file, which is drm protected so no-one can copy it. Lets assume that drm is perfect and no-one is really not able to copy the file.
Okay, now take a video camera and voila, we got a copy.
If it is readable, it is possible to copy it. It can be made difficult, but never impossible.
I had an unhackable computer, but unfortunately I tried to ship it to the USA on an unsinkable ship. Now I'll just have to transmit details of it to you using my unbreakable code.
[ ]Half Empty [ ]Half Full [x]Twice as big as it needs to be
There is precisely one way to make a device un-clonable, and that is by quantum mechanically entangling it with a central authority. The no-cloning theorem of quantum mechanics then ensures that there is no way to record the state of the system without disturbing it in the process, thus destroying the entanglement. Obviously this is tricky to implement in practice ( read: impossible with existing technology ), and the device could only be identified once, after which its state would be ruined and the entanglement broken, but at least in theory every classical system ( i.e every system not relying on QM ) can be cloned. It may be exceedingly difficult to achieve in practice ( good luck creating two diamonds with the impurities at the same locations in the crystal lattice as an example ), but it is in at least in principle possible.
Bah, despite the naysayers below, I have no fear.
My IP address I will happily give out: 127.0.0.1
Go ahead, make my day and DDOS me to hell!