View
48
Download
3
Category
Preview:
DESCRIPTION
RFID/USN Security Issues. 2009/7/14 신승목 Cryptography & Information Security Lab. Ubiquitous world. 1. RFID 개론 및 보안 이슈. 2. USN 개론 및 보안 이슈. 3. 3. Quiz. 4. 4. Contents. Advent of Ubiquitous society. Transition to Ubiquitous society. RFID/USN concept. - PowerPoint PPT Presentation
Citation preview
RFID/USNSecurity Issues2009/7/14Cryptography & Information Security Lab
KAIST-ICC
KAIST-ICCContents* / 48
KAIST-ICC
KAIST-ICCAdvent of Ubiquitous society* / 48
KAIST-ICC
KAIST-ICCTransition to Ubiquitous society* / 48
KAIST-ICC
KAIST-ICCRFID/USN concept@ MIC/Korea 2007RFID/USN / IT .* / 48
KAIST-ICC
KAIST-ICCIntroduction to RFID*
KAIST-ICC
What it RFID?KAIST-ICCRadio Frequency IDentication (RFID) is a method of remotely identifying objects using transponders (tags) queried through a radio frequency channel.
* / 48
KAIST-ICC
RFID - overviewKAIST-ICCDataBarcodeRFIDA typical RFID tagA multi-tier system: RFID tag, reader and backend serverAn infrastructure to build ubiquitous society* / 48
KAIST-ICC
RFID readers (1/2)KAIST-ICCFixed-Type Readers
Mobile Readers* / 48
KAIST-ICC
RFID readers (2/2)KAIST-ICCTypical Structure of RFID Reader
Power Supply* / 48
KAIST-ICC
RFID TagKAIST-ICCClassification by Power
Classification by FrequencyLow-frequency (LF: 125 ~ 134.2 KHz and 140 ~ 148.5 KHz)High-frequency (HF: 13.56 MHz)Ultra-high-frequency (UHF: 868 ~ 928 MHz)* / 48
PassiveSemi-passiveActivePower SourcePassiveBatteryBatteryTransmitterPassivePassiveBatteryMax Range(m)101001000
KAIST-ICC
Electronic Product Code (EPC)KAIST-ICC
296 = 79,228,162,514,264,337,593,543,950,33696 bits can uniquely label all products for the next 1,000 years.* / 48
VersionEPC Manager (Manufacturer)Object Class (Product)Serial Number8 bits28 bits24 bits36 bits
KAIST-ICC
EPC classification (1/2)KAIST-ICC
Class-1: Identity Tags (normative):Passive TagsAn electronic product code (EPC) identifierA Tag identifier (TID)A 'kill' function that permanently disables the TagOptional password-protected access controlOptional user memory* / 48
KAIST-ICC
EPC classification (2/2)KAIST-ICCHigher-class Tags (informative)Class-2: Higher-Functionality Passive TagsAn extended TID (Tag ID)Extended user memoryAuthenticated access controlClass-3: Semi-Passive TagsAn integral power sourceIntegrated sensing circuitryClass-4: Active Tags (i.e., sensor node)Tag-to-Tag communicationsActive communicationsad-hoc networking capabilities
* / 48
KAIST-ICC
RFID system applications (1/3)KAIST-ICCLibraries
Supply chain management
* / 48
KAIST-ICC
RFID system applications (2/3)KAIST-ICCAirline Baggage @ JFK Airport
* / 48
KAIST-ICC
RFID system applications (3/3)KAIST-ICC
PassportsTransport paymentsAnti-counterfeitingWhitepapers in 2006 (by Auto-ID Labs.)Access controlAnimal tracking, etc.
* / 48
KAIST-ICC
KAIST-ICCRFID security issues* / 48
KAIST-ICC
Security and Privacy in RFIDPrivacy invasion:Information leakage of users belongings without awareness of a userStatic ID is subject to tracking such as behavior tracking
Lack of authentication:Malicious reading (skimming): Captured information aids duplicating genuine tags.Denial-of-Service(DOS) due to deployment of cloned tags
RisksEavesdropping between T & RDB Desynchronization B & RImpersonation, spoofingReplay attack / Active QueryData loss (DoS, Message hijacking)Forgery (Decoy Tag, etc.)Physical (Hardware) attack* / 48KAIST-ICC
KAIST-ICC
Security Requirements in RFID SystemsConfidentialityIndistinguishabilityAnti-cloningAvailabilityForward security
* / 48KAIST-ICC
KAIST-ICC
Weak Implementations (1/2)In January 2005, researchers at John Hopkins University and the RSA Lab announced a successful attack on the Texas Instruments DST RFID by guessing its 40-bit key using brute-force.The DST RFID was used in Ford immobilizers and ExxonMobil SpeedPass.
* / 48KAIST-ICC
KAIST-ICC
Weak Implementations (2/2) - VideoCracking TI (Texas Instrument) DST (Digital Signature Transponder) chip
TI DSTCracking the key in a DST tagBuying gas using the DST simulatorSniffing a DST tag in a victim's pocket* / 48KAIST-ICC
KAIST-ICC
Security ChallengeThe narrow cost requirements of low-cost RFID systems make low-cost tags extremely resource-scarce environments, far below the requirements for any public-key and symmetric-key cryptographic systems.EPC tags: $0.05, 250 1000 gatesAES: 20,000 30,000 gates* / 48KAIST-ICC
KAIST-ICC
KAIST-ICCIntroduction to USN*
KAIST-ICC
Sensor & Sensor NetworkWhat is a Sensor?A device that produces a measurable response to a change in a physical or chemical condition, e.g. temperature, ground composition, etc.
Sensor NetworksA large number of low-cost, low-power, multifunctional, and small sensor nodesThey benefit from advances in 3 technologiesdigital circuitrywireless communicationsilicon micro-machining* / 48KAIST-ICC
KAIST-ICC
Wireless Sensor Networks (WSN)New technologies have reduced the cost, size, and power of micro-sensors and wireless interfaces.Circulatory NetEnvironmental MonitoringStructural* / 48KAIST-ICC
KAIST-ICC
WSN - PropertiesCompose of a large number of sensor nodesDensely deployed inside(near) the phenomenonLow energy consumptionRelocation or recharge is impossibleSelf-organizing network (infrastructureless)Random deployment : manual configuration is unfeasible
* / 48KAIST-ICC
KAIST-ICC
Applications: U-farm* / 48KAIST-ICC
KAIST-ICC
Applications: Weather sensing Fire Detection* / 48KAIST-ICC
KAIST-ICC
Applications: Fire Detection Cultural Property Asset Management using USN Bush Fire Detection* / 48KAIST-ICC
KAIST-ICC
Applications: Battle Field* / 48KAIST-ICC
KAIST-ICC
Applications: Disaster Detection2(2) : 15 : 7 : 2(7) : 4 : 2 : 2(6) : 11 : 6* / 48KAIST-ICC
KAIST-ICC
Communication ArchitectureSensor nodes can bedata originators anddata routers * / 48KAIST-ICC
KAIST-ICC
Node HardwaresensorsCPUradiobatteryAcoustic, seismic, magnetic, etc. interfaceElectro-magnetic interfaceLimited-battery supplyEventdetectionWireless communication with neighboring nodesIn-node processing* / 48KAIST-ICC
KAIST-ICC
Examples of Sensor Nodes* / 48KAIST-ICC
KAIST-ICC
KAIST-ICCUSN security issues* / 48
KAIST-ICC
Why should we consider the Security? (1/2)Providing confidentiality, integrity, and availability of the communications and computations
Sensor networks are vulnerable to security attacks due to the broadcast nature of transmission
Sensor nodes can be physically captured or destroyed* / 48KAIST-ICC
KAIST-ICC
Why should we consider the Security? (2/2)Since the system is able control house infrastructuree.g., gas, water control etcIf the adversary attacks house infra systemHouse infrastructure can be a serious harm to humane.g., Open gas valve, overheat the micro-wave
KAIST-ICC* / 48
KAIST-ICC
Security Threats of Each Application* Yee Wei Lawand Havinga, P.J.M., How to Secure a Wireless Sensor Network, 2005* / 48KAIST-ICC
KAIST-ICC
Constraints of WSN* / 48KAIST-ICC
KAIST-ICC
Security Requirements for WSNData Confidentiality (Eavesdropping)Dont leak sensor readingsSolution: EncryptionData Authentication (inject / alter Attack)data was really from claimed senderSolution: MACData Integrity (inject / alter Attack)Received data is not altered in the mid-waySolution: data authentication* / 48KAIST-ICC
KAIST-ICC
Attacks on WSNTypical attacks on WSN are:Sybil attackWormholesHELLO flood attacks
Notations= adversary= base station* D. Wagner, Security for Sensor Networks: Cryptography and Beyond, SASN 2003* / 48KAIST-ICC
KAIST-ICC
HELLO flood attackInferring a node is a neighbor (i.e. within radio range) after receiving a broadcast packet from them may be ill-conceived. An adversary with a powerful transmitter could easily reach every node in the network.
* D. Wagner, Security for Sensor Networks: Cryptography and Beyond, SASN 2003* / 48KAIST-ICC
KAIST-ICC
Sybil attackAn adversary may present multiple identities to other nodes. The Sybil attack can disrupt geographic and multipath routing protocols by being in more than one place at once and reducing diversity.
* D. Wagner, Security for Sensor Networks: Cryptography and Beyond, SASN 2003* / 48KAIST-ICC
KAIST-ICC
WormholesTunnel packets from one part of the network and replay them in a different part.
* D. Wagner, Security for Sensor Networks: Cryptography and Beyond, SASN 2003* / 48KAIST-ICC
KAIST-ICC
ConclusionRFID/USNs are essential technology for up-coming Ubiquitous worldIf the system is not designed with security in mindThis technology would harm human life
Security should be considered from the design of entire Ubiquitous systemKAIST-ICC* / 48
KAIST-ICC
KAIST-ICC
******************************************
Recommended