S4 July06 RFID

Information about S4 July06 RFID

Published on January 11, 2008

Author: Viviana

Source: authorstream.com

Content

Slide1:  30 Minutes of RFID Analysis, Applications and Attacks Presented By Dan Cornforth Overview:  What is RFID How does the technology work Identify some of the forces behind progress to date Who is using RFID currently & for what What might RFID be useful for & by whom Some potential weaknesses, attack vectors and fixes Overview What is RFID:  Smartcode EPC passive RFID tag What is RFID What is RFID:  Radio Frequency Identification Typical RFID infrastructure What is RFID RFID Characteristics & Differentiators:  Types of tag Passive Active The air interface (operating frequency) LF 125khz HF 6.78mhz, 13.56mhz, 27.125mhz, 40.680mhz UHF 433.920mhz, 869mhz, 915mhz Microwave 2.45ghz, 5.8ghz, 24.125ghz Communication modes Full duplex Half duplex Variant half duplex Coupling Backscatter RFID Characteristics & Differentiators Governing Specifications:  ISO 14443 Defines 2 card types (A & B) Modulation methods Coding schemes Protocol initiation procedures ISO 15693 Defines vicinity cards Emergence of the EPC (Gen2) standards Electronic Product Code No single global body, for RFID governance and standards… yet Governing Specifications Security Features of Common Tags :  Transmit standard serial ID UNIQUE VeriChip Most animal tags HID Prox II Requires a password authentication prior to ID transmission Q5 Titan EM4469 Challenge response, PKI and encrypted transmission of ID DST (40 bit key) MiFare HiTag (48 bit key) SmartMX (128 bit AES, 4096 bit asymmetric key) Security Features of Common Tags Influences & Drivers:  Perceived speed, security and simplicity of the cashless society The Hong Kong Octopus Card Estimated 63% time saving – Amex (ExpressPay) Asset, warehouse and stock management traditionally seen as drivers US TREAD Act 2004 (Trans, Recall, Enhance, Acc, Doc) Wal-Mart, FDA and US DoD mandates Keyless entry Centralised access management Key duplication perceived more difficult ~ dependant EPCglobal network Ever decreasing size and price of the hardware Influences & Drivers Current Applications:  Payments Amex Bluecard products & ExpressPay, Mastercard PayPass Public transport & ticketing The Hong Kong Octopus card London transports Oyster card Many more throughout Europe, US and Asia Industrial automation Stock and asset management through the supply chain Electronic immobilisation Physical access control ePassport Animal identification Various medical applications Current Applications Current Applications:  Current Applications Future & Potential Applications:  A potentially limitless marketing resource (e.g Tagged clothing items that may be tracked throughout a shopping mall) What are the shopping behaviour patterns of our customers? What else did they buy from who? Was our store their first choice for the product they bought? Where did they eat? Who are they shopping with? Which family member(s) appear to be driving the shopping experience? OK this may appear a little far fetched but technically feasible EPCglobal network Potential applications appear to be limited only by Privacy legislation Public perception Implementers imagination Future & Potential Applications Attack Vectors:  Tag destruction & read prevention The kill command The RFID “virus” Device cloning & replay attacks The relay attack Attacking weak crypto Side channel attacks (power analysis) Attack Vectors Tag Destruction & Read Prevention:  Nothing particularly sophisticated or glamorous here Home made strong electro magnetic field generator The “RFID-Zapper” Non FCC compliant https://events.ccc.de/congress/2005/wiki/RFID-Zapper(EN) Foil & duct tape RFID shielded wallet for the privacy enthusiast http://www.rpi-polymath.com/ducttape/RFIDWallet.php Tag Destruction & Read Prevention Physical Read Prevention:  Physical Read Prevention Physical Read Prevention:  Physical Read Prevention The Kill Command :  Primarily a privacy and anti-counterfeiting mechanism Technical implementation left to device manufacturer Achieved via Blowing an embedded fuse, following issue of correct “kill” string Set a “killed” value in memory, disabling the protocol state machine Logical layout of tag memory as per EPC Class 0 &1 Gen1 standards The Kill Command The RFID “virus”:  Nothing particularly notable or new to see here This is a PoC attack Bad data written to tag Middleware supporting the RFID infrastructure reads the bad data from the tag without sanitising the input The potential for SQL injection attack against a backend database exists Not strictly an RFID specific attack Not an ideal SQL injection scenario Knowledge of backend database construct and product is a prerequisite The RFID “virus” Device Cloning & Replay:  Effective against ID only and symmetric devices Reprogram another tag to emulate another device ID Certain models of HiTag can be programmed to emulate other devices serial numbers Reproduction and replay of the tag transmission http://cq.cx/verichip.pl Off the shelf parts 125 khz & 13.56 mhz Sniff, behave as a reader and behave as a device The USRP (Universal Software Radio Peripheral) http://ettus.com Device Cloning & Replay Device Cloning & Replay:  Device Cloning & Replay The Relay Attack:  Effective against challenge response, cryptographically & non cryptographically sound devices For those who have read Ross Andersons “Security Engineering” think “MiG in the middle” attack The scenario An RFID enabled point of sale for good or services Using a contactless smartcard Employing a cryptographically sound communication channel between the device and the reader How the attack works At the checkout the POS issues a challenge to the card in customer A’s wallet, which is waved before the reader Our customer relays this challenge via an RFID proxy to another card holders wallet elsewhere (Cardholder B) Card holder B’s card responds to the valid proxied challenge The response from B’s card is relayed to A’s card in answer to A’s purchase at the POS. The hardware for this attack cost the Cambridge based researchers approximately $250 The Relay Attack Attacking Weak Encryption:  Texas Instruments DST (Digital Signal Transponder) Basis for the SpeedPass payments system primarily used at petrol stations in the US Uses a proprietary 40 bit undisclosed algorithm The attack involved three distinct stages Reverse engineering of the algorithm Brute force key cracking Tag simulation Attacking Weak Encryption Attacking Weak Encryption:  Attacking Weak Encryption Power Analysis Attacks:  What is it? Side channel cryptanalysis attack against the chip Generally aimed at the implementation rather than the algorithm Focuses on the relation of changes within the power consumption across the chip with operations within the cryptosystem Requires logic analysis equipment Goals Extraction of cryptographic key material Peter Gutmann quote: “You simply cannot make a credit-card form factor device robust, capable, or secure.” Power Analysis Attacks Mitigation:  Ensure real cryptography is used AES & friends ~ good Snake oil infinity bit proprietary algorithm ~ bad Greater device tamper resistance Help place side channel attacks outside the realms of a moderately funded attacker Equates to a more expensive device Pressure device manufactures for the development & implementation of a distance bounding protocol within high security devices Equates to a more expensive device Ensure appropriate device selection and testing from project outset Recalling devices issued to a nations dairy herd or passport holders may prove costly Mitigation References & Resources:  Fundamentals and Applications in Contactless Smartcards & Identification Klaus Finkenzeller Python library for exploring RFID devices http://rfidiot.org Practical Relay Attacks Against ISO 14443 Proximity Cards Gerhard Hancke & Dr Markus Kuhn Low Cost Attacks on Tamper Resistant Devices Ross Anderson & Markus Kuhn A New Approach to Hardware Security Analysis in Semiconductors Sergi Skorobogatov RFID Essentials O’Reilly Texas Instruments DST attack http://www.jhu.edu/news_info/news/home05/jan05/rfid.html RFID relay attacks http://www.cl.cam.ac.uk/~gh275/relay.pdf RFID virus http://www.rfidvirus.org/papers/percom.06.pdf Smartdust http://en.wikipedia.org/wiki/smartdust References & Resources Questions:  Questions http://www.security-assessment.com [email protected]

Related presentations


Other presentations created by Viviana

loreal
14. 01. 2008
0 views

loreal

Doc
10. 01. 2008
0 views

Doc

stop
10. 01. 2008
0 views

stop

TheGhostShip
15. 01. 2008
0 views

TheGhostShip

02 analyst pres feb02
22. 01. 2008
0 views

02 analyst pres feb02

Jason Mars powerpoint Unit 3
24. 01. 2008
0 views

Jason Mars powerpoint Unit 3

Thailand Outlook
04. 02. 2008
0 views

Thailand Outlook

EC2004 ch02
04. 02. 2008
0 views

EC2004 ch02

ppmeeting2
05. 02. 2008
0 views

ppmeeting2

The Basic Map
07. 02. 2008
0 views

The Basic Map

everest111
06. 02. 2008
0 views

everest111

CREST Cal Val Wisc 05
13. 02. 2008
0 views

CREST Cal Val Wisc 05

NAVD88 NewYork
14. 02. 2008
0 views

NAVD88 NewYork

Quek NET Overview
20. 02. 2008
0 views

Quek NET Overview

holmes
28. 02. 2008
0 views

holmes

LT1053N 04 2007
05. 03. 2008
0 views

LT1053N 04 2007

Freedman
15. 03. 2008
0 views

Freedman

course pack slides
19. 03. 2008
0 views

course pack slides

KingGrowingGreenLead ers
21. 03. 2008
0 views

KingGrowingGreenLead ers

CAPPESCMAR17
03. 04. 2008
0 views

CAPPESCMAR17

4 diary
16. 04. 2008
0 views

4 diary

cpath cmphi august 20032
08. 05. 2008
0 views

cpath cmphi august 20032

TopEPs
23. 01. 2008
0 views

TopEPs

OIF Tribute
12. 02. 2008
0 views

OIF Tribute

grb2 bp04
22. 01. 2008
0 views

grb2 bp04

Re wilding North America
15. 01. 2008
0 views

Re wilding North America

SomeWakefieldStudies
09. 01. 2008
0 views

SomeWakefieldStudies