Slashdot Mirror

← Back to Stories (view on slashdot.org)

RFID Fingerprints To Fight Tag Cloning

Posted by Soulskill on from the cloning-is-bad-haven't-you-seen-scifi dept.

Bourdain writes with news out of the University of Arkansas, where researchers are looking for ways to combat counterfeit RFID tags. Passive tags typically wait for a reader to transmit a signal of the appropriate strength and frequency before sending their own transmission. The scientists found that the amount of power required to trigger this varies quite a bit from one tag to the next, especially when many different frequencies are sampled. This and other physical characteristics give the tag its own "fingerprint" that is independent of the signal information stored in its memory, which the researchers say will facilitate the detection of cloned tags.

19 of 59 comments (clear)

  1. Security enhancement at best by Anonymous Coward · · Score: 4, Insightful

    If you can read the fingerprint, so can anyone...

    So what's to stop a dedicated attacker from reading the fingerprint when they read the tag contents, and then devising a method to duplicate all the data?

    An active tag might even be programmed to emulate the fingerprint characteristics.

    1. Re:Security enhancement at best by Mikkeles · · Score: 3, Funny

      Simple; they'll keep the algorithm a secret! ;^)

      --
      Great minds think alike; fools seldom differ.
    2. Re:Security enhancement at best by cortesoft · · Score: 4, Informative

      I don't know if it will be that easy. These fingerprints seem to be based on the fact that all RFID chips have flaws, and they are all flawed in different ways.... including the device that is trying to act as the clone of the RFID. What this means is that this clone RFID has to be able to mimic EXACTLY the flaws of the real thing without giving itself away by its OWN flaws. Without knowing more details about the flaws they are trying to measure, it is hard to say whether that would be possible. If the flaws are easily mimicked in the sense that you can create a clone whose own defects are not detected because they are all superseded by the original's flaws, it may work. If they vary so much that every clone will have some flaw that is severe enough to shine through, it would be impossible.

    3. Re:Security enhancement at best by vojtech · · Score: 2, Insightful

      It just means the clone will have to be a bit more expensive.

      Cloned tags aren't using the same cheap chips that the common passive tags do. An attacker can afford to carry batteries with him and make the tag completely locally powered. Then he has much more powerful electronics at his disposal and can simulate whatever frequency response the original tag had due to its cheap (few cents per tag) design.

      This fingerprinting will do no more than to force the attacker to pay a few bucks more to create a clone.

  2. Potentiometer by White+Flame · · Score: 2, Interesting

    So if I have a pot wired across the power receiver, I can twiddle it until it matches. If people know the factors being sampled, they can adjust them.

  3. Does this say the same at 55-70+ mph or just at by Joe+The+Dragon · · Score: 3, Interesting

    Does this say the same at 55-70+ mph or just at much lower walking speeds?

  4. What's the point? by AdamInParadise · · Score: 2, Interesting

    Just use a sensible crypographic authentication mechanism and be done with it. I guess that it is interesting from a "pure science" point of view but I'm not quite sure that this should be used to detect fake passports.

    --
    Nobox: Only simple products.
    1. Re:What's the point? by sdiz · · Score: 2, Interesting

      These are passive tags, i.e. ultra-low power consumption. You can't put any decent crypto on it.

    2. Re:What's the point? by cortesoft · · Score: 4, Insightful

      Crypto wouldn't work... the cloner doesn't have to break the encryption to copy the chip.

      Imagine in this way.... you have an encrypted hard drive, and someone wants to pass off their hard drive as yours. They don't have to break the encryption... they can copy the drive byte for byte, and hand it to the person who if verifying that is the original. The person checking the data is the one who does the decrypting.

    3. Re:What's the point? by oljanx · · Score: 2, Interesting

      It's not practical for a passive RFID tag to provide cryptographically secure authentication. Only a very small amount of power can be transmitted from the reader to the tag, just enough to transmit back a fairly simple ID. If you want a secure challenge/response mechanism it would require much more power, an active tag would be required.

    4. Re:What's the point? by owlstead · · Score: 3, Informative

      Depends on the chip. If you include ISO 14443 processor cards then you can have crypto, combined with secure on chip storage of the key of course. You are giving away this chip, so you must make sure that the chip storage and on board crypto is sufficiently protected against attacks. E.g for passports you can have active authentication or chip authentication to verify that the chip is not cloned.

    5. Re:What's the point? by owlstead · · Score: 2, Informative

      Replying on myself here, but the original article does not seem to include processor chip technology.

      That and it should have read ISO 14443 processor chips of course, not ISO 14443 processor cards. It's Saturday morning over here - need cafeine.

    6. Re:What's the point? by AdamInParadise · · Score: 3, Insightful

      Encrypting a hard drive protects the confidentiality of its data. It does not prevent you from cloning the hard drive i.e. it does not protect the authenticity of the hard drive.

      In many applications that use RFID tags, authenticity is much more important than confidentiality. Those researchers seem to propose a way to authenticate the RFID tag using its "fingerprint". What I'm saying is that a dynamic challenge-response scheme is much more practical and more reliable.

      Crypto is not only about encrypting data.

      --
      Nobox: Only simple products.
  5. Are we actually fixing anything here? by Anonymous Coward · · Score: 2, Insightful

    So... we're now looking into methods of physical authentication for digital authentication data that was intended to replace physical authentication?

    Wouldn't it be easier (and cheaper) to go back a step?

  6. Passive tags will never be secure... by oljanx · · Score: 3, Informative

    Because it's not practical to produce a reader capable of transmitting enormous amounts of power, the complexity of passive tags is inherently limited. They are essentially glorified bar codes. This type of "fingerprinting" might add another level of complexity to the identification of tags, but it's not going to prevent counterfeit tags. At best it will slow down the production of counterfeit tags by an insignificant amount of time.

  7. Solving the wrong problem by lhunath · · Score: 5, Insightful

    RFID tags are not security devices, they are hyped barcodes. They do not provide any authentication.

    If you're worrying about your RFID tags being cloned for a malicious purpose, you are using them for the wrong thing.

    --
    ``OK, so ten out of ten for style, but minus several million for good thinking, yeah?''
  8. This is nothing new by ian_mackereth · · Score: 4, Informative
    This sort of physical characteristic fingerprinting has been done for years on magnetic stripe cards and EEPROM smartcards, so this is nothing new in theory, just in what physical characteristics are being measured.

    In mag stripes, the magnetic remanence of the strip is different from card to card, in EEPROM, differences in the voltage levels and speed of reading of the cells are used.

    The general principle is that it's no point having unbreakable crypto if the data can simply be copied to a new medium. Consider a card (of whatever type) that stores monetary value for public transport or photocopying or whatever: Put $100 on it and copy the data, not knowing which bits are what. Copy that data onto a heap of cards bought with $5 of credit on them and sell them in the grey market for $50 each and pocket the profit.

    With this sort of technique, though, part of that encrypted data is a fingerprint based on the physical characteristics of the original card. The new cards will generate a fingerprint in the reader that doesn't match the original, making the copies invalid.

    Sure, if you can crack the encryption, this method is useless, but that's not the point. Crypto can be pretty good and costs more than a cheap reader/writer to break to duplicate cards/RFIDs.

  9. full clone by Spaham · · Score: 2, Interesting

    well, they'll just have to clone that parameter too.
    Unless of course the industrial process used to create the tags makes each one of them a bit different,
    hence defeating the identification in the first place.

  10. Fingerprinting capability very limited..... by jcochran · · Score: 2, Insightful

    given what the article says.

    What they're measuring is the minimum power level that a given RFID will respond to. This opens up two major issues.

    1. A database of the response curves is needed in order to uniquely identify the RFID chip in question.
    2. Since the power received follows the inverse square law, one of the major advantages of an RFID chip is negated. Namely the ability to scan for it's presence without having to have exact location. They need to precisely control the distance from the RFID chip and the reader in order for that technology to work. And if they need that level of control, why not use a contact based technology?