Slashdot Mirror
RFID Fingerprints To Fight Tag Cloning
Bourdain writes with news out of the University of Arkansas, where researchers are looking for ways to combat counterfeit RFID tags. Passive tags typically wait for a reader to transmit a signal of the appropriate strength and frequency before sending their own transmission. The scientists found that the amount of power required to trigger this varies quite a bit from one tag to the next, especially when many different frequencies are sampled. This and other physical characteristics give the tag its own "fingerprint" that is independent of the signal information stored in its memory, which the researchers say will facilitate the detection of cloned tags.
January 31st, 2005, was the last day that Michael Sims, Nazi editor of Slashdot [blogspot.com], ever posted a story or indeed was ever heard from again. But what happened that day to Michael Sims? Did his embroilment in the Censorware.org conspiracy finally catch up with him? Or was he involved in a violent, and ultimately fatal, lovers' spat with his partner Jamie McCarthy? The truth, as we'll see, is much more perverse than fiction.
On New Year's Eve of 2004, the entire Slashdot staff was throwing a party to celebrate another year of Linux propaganda, homosexual recruitment, and the profits that their Microsoft ad banners had raked in for them. Eric Raymond, Emad, Roblimo, Hemos, Taco, Jamie, and Alan Cox all planned to rape Richard Stallman later in the night. Michael had shown up late, however, and was let in on the plans after they were made.
As it turned out, Jamie was to be leading the charge against the Free Software Foundation's founder and would be the first to penetrate Stallman's hairy unwashed ass. Michael, however, was jealous of this and made secret plans to thwart their nefarious venture of homosexual rape. The event was planned for zero hours, right as the ball dropped. But Michael had other ideas.
Michael suggested they all toast their plan with JÃgermeister, Eric Raymond's drink of choice that was in heavy supply that night, and the rest of the partygoers followed. While everyone downed their first shot, Michael slipped into the VA Software office's break-room, grabbing the syringe Raymond used to inject Rob Malda's semen with on the way. Michael leered at the case of JÃgermeister, needle in hand.
Minutes later, Michael reappeared in the conference room with more JÃger, ready for more shots. Over the next couple of hours they indulged in several drinking and party games, spurred on by Michael, as they drank bottle after bottle of the dark brown herbal liquor. If one were to pay special attention to Michael, however, they would note that Michael drank much less than anyone else and only from his own bottle.
Emad and Roblimo were involved in a powerful sixty-nine cheered on by Hemos and Alan whose bent geek penises throbbed near Emad's head and Roblimo's bloated ass, waiting for an opportunity. Moaning, Emad diverted his wet mouth from Roblimo's butthole and took down Hemos and Alan's cocks in quick succession. Hearing the wet, sloppy commotion behind him, Roblimo lost control and glunked all over Emad's chest.
Across the room near the podium, Eric Raymond was man-handling Rob, jamming a handgun down the back of his pants and asking him if he remembered their special night in Holland [blogspot.com]. Rob was giggling like a school girl and squirmed with all his might against the cold steel. Eric rained a shower of JÃger over Rob's head which Rob greedily tongued up even as Eric's skinny red penis entered his ass cheeks, probing for the brown prize.
The conference room was awash in gay cum and chaos, Michael noted happily as he surveyed the carnage around him. Emad had now teamed up with Alan and Hemos to rape Roblimo's ass as Rob was being pistol-whipped to orgasm by Eric, all oblivious to the massive amounts of Rohypnol they were ingesting as they drank the JÃgermeister Michael had given them. It wouldn't be much longer before the drug took effect.
Another half-hour into the night, Eric paused from raping Taco's mouth and sodomizing his anus with his Glock, short of breath. His head swam and he looked at his bottle of JÃgermeister. I can usually down six of these babies, thought Eric, wondering why he was now farting uncontrollably. Rob's nose wrinkled as Eric's rectum expelled another gallon of aerosolized feces into the air. Stooping, Eric held on to the podium for support.
Across the way, Emad pulled his tiny Iranian dick out from betwee
If you can read the fingerprint, so can anyone...
So what's to stop a dedicated attacker from reading the fingerprint when they read the tag contents, and then devising a method to duplicate all the data?
An active tag might even be programmed to emulate the fingerprint characteristics.
So if I have a pot wired across the power receiver, I can twiddle it until it matches. If people know the factors being sampled, they can adjust them.
i shit out an obama.
plop!
Does this say the same at 55-70+ mph or just at much lower walking speeds?
Just use a sensible crypographic authentication mechanism and be done with it. I guess that it is interesting from a "pure science" point of view but I'm not quite sure that this should be used to detect fake passports.
Nobox: Only simple products.
So... we're now looking into methods of physical authentication for digital authentication data that was intended to replace physical authentication?
Wouldn't it be easier (and cheaper) to go back a step?
Because it's not practical to produce a reader capable of transmitting enormous amounts of power, the complexity of passive tags is inherently limited. They are essentially glorified bar codes. This type of "fingerprinting" might add another level of complexity to the identification of tags, but it's not going to prevent counterfeit tags. At best it will slow down the production of counterfeit tags by an insignificant amount of time.
Who is cloning RFIDs yet? Seriously, who?
RFID tags are not security devices, they are hyped barcodes. They do not provide any authentication.
If you're worrying about your RFID tags being cloned for a malicious purpose, you are using them for the wrong thing.
``OK, so ten out of ten for style, but minus several million for good thinking, yeah?''
Ok, at first, this made no sense to me. The trouble I had was understanding how the flaws(uncontrolled manufacturing artifacts) would be of any use. I think I finally figured out what that poorly written article was trying to get across.
Say, for example,you have 200 million different passports. They should have 200 million different PROGRAMMED sets of information. At the time the passport is issued, the RFID is scanned to detect the FLAWS in it. This is recorded and filed away somewhere. The FLAWS are recorded as a specific signature that is in turn referenced to the PROGRAMMED data.
In order to detect a counterfeit passport all they have to do is make sure the flaw fingerprint matches the programmed data.
But seeing as how the article just told the entire world how they tell what the fingerprint is, I don't think it would be long before the cloners simply modify readers to start at a low frequency then ramp up until they get a signal and make sure the counterfeit responds the same way, at the same frequency. It could be as simple as smacking the RFID against a table until the RFID "flaws" react the way you want them to. In short, keep changing it until it reacts the same way as the original.
Ok, someone tell me I'm wrong because I'm not sure I'm right.
In mag stripes, the magnetic remanence of the strip is different from card to card, in EEPROM, differences in the voltage levels and speed of reading of the cells are used.
The general principle is that it's no point having unbreakable crypto if the data can simply be copied to a new medium. Consider a card (of whatever type) that stores monetary value for public transport or photocopying or whatever: Put $100 on it and copy the data, not knowing which bits are what. Copy that data onto a heap of cards bought with $5 of credit on them and sell them in the grey market for $50 each and pocket the profit.
With this sort of technique, though, part of that encrypted data is a fingerprint based on the physical characteristics of the original card. The new cards will generate a fingerprint in the reader that doesn't match the original, making the copies invalid.
Sure, if you can crack the encryption, this method is useless, but that's not the point. Crypto can be pretty good and costs more than a cheap reader/writer to break to duplicate cards/RFIDs.
well, they'll just have to clone that parameter too.
Unless of course the industrial process used to create the tags makes each one of them a bit different,
hence defeating the identification in the first place.
given what the article says.
What they're measuring is the minimum power level that a given RFID will respond to. This opens up two major issues.
1. A database of the response curves is needed in order to uniquely identify the RFID chip in question.
2. Since the power received follows the inverse square law, one of the major advantages of an RFID chip is negated. Namely the ability to scan for it's presence without having to have exact location. They need to precisely control the distance from the RFID chip and the reader in order for that technology to work. And if they need that level of control, why not use a contact based technology?
I wonder if their data will scale? Is it effected by temperature changes? Humidity changes (especially Gen2 tags)? It's one thing to notice the uniqueness of a few hundred chips, but it a passport database could have billions of entries, or say a database of tagged cash with trillions of entries, would entries still be unique under varying temperature and humidty? Or just mostly unique, like social security numbers? Another way of reducing counterfeiting is to track where the item is supposed to be in a secure database (or secure databases linked by secure communications) and if the tag shows up in an unexpected place, investigate further. In the passport example from the article, if passport X is known to be in the US and its counterfeit tries to be used in France, that should trigger further examination. Of course, this requires all the passport computers to communicate world wide which could be administratively difficult, but probably not a lot more difficult than figuring out which database of response curves to query.
-- Everything is wonderful until you know something about it.
Given that the fingerprint is due to "radio-frequency and manufacturing differences" and "significantly different for same-model tags," isn't it also possible that a tag's fingerprint may vary over time?
And if the idea is "to detect counterfeit tags," how can they do that if tags of the same model have different fingerprints?
But the act of embedding the correct fingerprint signature into the RFID tag might change the signature! How's that cat doing, anyway.