RFID Security Overview

Uploaded on

Security overview for RFID (HF and UHF) tags, by the RFID oem readers leader manufacturer Skyetek, who adds cryptographic functionality to RFID tags that do not ordinarily have built-in security.

Security overview for RFID (HF and UHF) tags, by the RFID oem readers leader manufacturer Skyetek, who adds cryptographic functionality to RFID tags that do not ordinarily have built-in security.

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. SkyeTek’s Security Suite
  • 2. RFID Security IssuesUnauthorized access • Rogue reader can write to or kill tags or read confidential informationTag clones • Unauthorized tag copies or rogue tags from unauthorized sources compromise system securityWireless eavesdropping • Rogue device intercepts over-the-air data transfer, gaining confidential information
  • 3. The Value of Securing TagsThe authentication process determinesif a product is genuineProtects sensitive dataProtects against counterfeitsSkyeTek not only allows for verifyingthat tags are authentic from initialprogramming, but that they areauthentic with secure updates from anyauthentic reader
  • 4. SkyeTek’s Secure Memory ValueAdds cryptographic functionality to RFID tags that donot ordinarily have built-in securityRemoves the need for an authentication server • Adds security to closed systems and handhelds SkyeTek Approach SkyeTek Approach Typical Reader Typical Reader SECURE SECURE INSECURE
  • 5. ReaderWare Secure Memory ComponentsEncryption and Decryption • Uses shared keys to encrypt sent data and decrypt received data • Original data can be retrieved using encryption algorithmHashing and Keyed Hashing • Hashing takes any amount of data and creates a constant-length hash representing a checksum for the data • Cannot re-create the original data from the hash, but can authenticate versus hashed value • Used to sign and verify a messagePseudorandom Number Generation • Protects against recognizing the same content with every transaction. Randomizing data such as the EPC makes it anonymous.
  • 6. Process for Securing Tags Tag Producer Tag Consumer SkyeModule SkyeModule Setup Secure Memory: •Algorithms •Keys Setup Secure •Enable KDF Memory: •Algorithms •Keys Tag Can now Write Tag •Enable KDF Accepted read or write to tagKDF = Key Derivation Function
  • 7. Two Security Modes1. Data Integrity mode (Signing andVerifying): Reader verifies dataintegrity •Write: Create a signature •Reader computes a secure hash for the data and writes the data and a hashed message authentication code (HMAC) to the tag •Read: Verify the signature using the shared key •Reader verifies that the HMAC matches the data it wrote to the tag
  • 8. Signing and VerifyingA message Authentication Code (MAC) is created by computing achecksum from the message content and a shared secret key • SkyeTek uses the shared key and a hashing algorithm to create the signature (HMAC=Hashed MAC)When read, the reader verifies that the HMAC used the sameshared secret keyThis is a “symmetric” signature because the same shared key isused during the write and read
  • 9. Two Security Modes2. Encryption and Data Integritymode•Reader verifies data integrity (as in mode 1) and encrypts the data •Write: Reader writes encrypted data and HMAC to the tag •Read: Reader verifies HMAC, deciphers the data, and reports the plaintext data to the host
  • 10. Encryption= Key + Cipher Algorithm“Key” values determine the detailedoperation of the algorithm and are used tocreate an initialization vector (IV)Symmetric Encryption uses the same key toencrypt and decryptAsymmetric (Public Key) Encryption uses apublic key to encrypt the data and separateprivate key to decrypt the data • Keys can be smaller, but it is compute- intensive to perform
  • 11. Symmetric Encryption
  • 12. Asymmetric (Public Key) EncryptionPKI (Public Key Infrastructure) is not Public Key Encryption • PKI uses digital certificates to establish credentials
  • 13. Why not encrypt?May want to properly verify the authenticityof the data but allow others to easily readthe information. • Readers are not allowed to update the information but can read it. • This can make it easier to be interoperable with other readers or other companies.Want to allow cryptography capable readersonly at some locationsNot enabling encryption can free up somespace on the tag
  • 14. Secure Memory ReviewEntire tag memory is secureAlgorithm information, cipher IV, andciphertext stored on tagSigning • Signature (HMAC) in plaintext or ciphertext (if encrypted) is stored in tag header • Reader and tag signature are compared to determine if data was altered or tamperedEncryption • Hides plaintext data as ciphertext • Only authorized users with the proper key can decode the ciphertext
  • 15. SkyeTek Secure Memory Algorithms Protocol Type AlgorithmEncryption Ciphers TDEA (3DES) (56, 112, and 168 bit keys) AES (128, 192, and 256 bit keys)Hash Functions Secure Hash Algorithms (SHA): SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 MD5Keyed-Hash HMAC is used with supported hashMessage functions in combination with aAuthentication shared secret keyCode (HMAC)Pseudorandom SHA1PRNGNumber Generator
  • 16. Secure Tag Format Original available data length = L Apply secure memory features Secure Tag Header1. Algorithm spec for HMAC2. HMAC3. Algorithm spec for cipher4. Initialization Vector (IV) for New available data length = L2 cipher The counter (CTR) function allows only portions of the data contents to be rewritten instead of the entire contents
  • 17. Enhancing Security with Key DerivationFunction (KDF)Applies a tag-specific and application-specifickey before initializing secure memory • Applies an HMAC using specified keys, the tag ID, and the application type (integrity or encryption)Even if a brute-force attack on a single tag issuccessful, it does not compromise multipletags