World's First "Unclonable" RFID Chip

An anonymous reader writes to tell us that a new RFID chip from Verayo claims to be unclonable through the use of the new Physical Unclonable Functions (PUF), sort of an electronic DNA for silicon chips. "Basic passive RFID chips can be easily cloned by copying the data residing on one chip to another. Verayo's PUF-based RFID chips cannot be cloned, and provide a very strong and robust authentication mechanism. No other chip or device can be disguised as the original chip, even if the data is copied from one Verayo RFID chip to another."

Why is this automatically discredited?

[jeffmeden]

You conduct overheard conversations all the time and have no issue with considering them "secure": namely via SSL/TLS encryption. All that's necessary to create an RFID that can't be completely duplicated is for the chip to hold on to more information than it broadcasts, and then only reveal that information in a clever way (asymmetric encryption). A well coded challenge-response handshake can allow the reader and chip to conduct a conversation that is 'unique' and cannot be easily duplicated later on. Sure, there is the potential for it to be improperly coded, or downright misrepresented. However, don't count it as a failure before it's even seen the light of day.

Re:Isn't that logically impossible?

[corsec67]

You could have a more powerful RFID tag that has some computation ability. This would allow you to generate a new code for every communication, preventing your replay attack.

If the list of request-responses was a true one time pad, then they might actually have some fairly good security from a radio attack, but the number of queries to the rfid tag would be finite.

If they use any kind of cipher, then it is very much open to attack.

duh!

[MobyDisk]

From the illustration, it looks like a simple challenge response mechanism. All I have to say is: duh!

So they finally added some form of authentication. This is what smart cards were supposed to be when I first heard about them 10 years ago. Simple RFID was never intended to be used for something secure: it was meant to replace bar codes or magnetic strips.

They used Unclonable and DNA in the same sentence

[cutecub]

The use of language is strange.

Unclonable: cannot be cloned
DNA: a molecule that clones itself.

Its not the best choice of marketing metaphor.

Its like saying that an event is possibly inevitable.

-Sean

Re:Isn't that logically impossible?

[Tetsujin]

Forgive me for my ignorance (and I haven't RTFA), but my understanding of RFID is the only way to tell what an RFID device is is by listening to it broadcast. Well, if you listen to a device broadcast enough, particularly if you listen in on a conversation between it and what it's supposed to talk to...doesn't it then become relatively simple to create your own RFID device that broadcasts all the same things as the original chip, and responds in all the same ways to input?

Seems to me it's just another instance of "DRM doesn't work," only in this case all the communication between supposedly secure nodes literally has to take place in the open air...

Dan Aris

Well, I don't know if I can answer your question in terms of the technical limitations of RFID - but in general, your argument ignores the possibility that RFID data is being encrypted.

For instance: suppose the subway fare system uses a set of encryption keys - some of these keys will be stored on the fare cards (the RFID devices) and some will be stored in the machines that interact with these cards...

Now suppose the interaction starts with one of these machines broadcasting, looking for a fare card... In some part of the initial handshaking the machine sends out a transaction number - encoded using an encryption key that fare cards can decode. In all further communication that transaction number is part of the encryption key used by the fare card.

You can listen in on this transaction, but you can't do anything with it unless you can decode the messages... You can't replicate the transaction because your response has to include the transaction ID given to you by the gate machine...

So in the context of an "uncloneable" chip - you could create another chip that pretends to have the same "Physical Uncloneable Functions" - but that depends on first knowing exactly what they are... If it's handled in a static way and not encoded, that's pretty easy. If it's handled in a way that one RF exchange only gets you one part of the data you'd need to replicate the thing - or if the data you'd need to replicate the chip is encrypted, then that makes the problem substantially harder...

Fundamentally, though, I believe you're correct - if it can be made once, it can be made again... The trick is to make it difficult to do that.

Re:Yeah?

[NotBornYesterday]

Okay, so according to TFA (yeah I know, not supposed to read it, yadda yadda yadda), it looks like the RFID device isn't authenticated by its ID, but by a series of challenge-and-response tokens it has that are also stored in some central database, which appear to increment as they are used.

There appears to be a finite number of challenge-response pairs in the authentication database. How limited is that number? Are they also stored on board the RFID tag? Are they generated from the serial# and/or ID#?

What is the length of the challenge, and of the response? Could a captured item (ie, passport) with such an RFID tag be brute-force interrogated (hit with a series of random-number "challenges" to see which might elicit stored "responses"), and counterfeited that way?

Could this scheme be vulnerable to MITM-style attack?