- RFID Is Not RF
- Recent Attacks In RFID
- Security Requirements
- Common Attack Surfaces
- Cryptography Implementations
RFID is a device which works basically on the electromagnetic waves. Its operating frequency varies from 135KHz - 5.8GHZ microwave and these are closely coupled circuits. It is similar to the smart card. The transponder is composed of either inductive or capacitive radio coupling. There are two main components of RFID. They are,
- Transponder- an object to be identified.
- Reader (or) Interrogator-which is used to communicate with the transponder.
RFID is not RF
Both RFID and RF works on the same electromagnetic waves. The main difference between these two RFID is just used to intimate the reader that the transponder is here and by using RF we can perform multiple operations but one at a time. As stated above both operate at different frequency range following FCC standards. RFID falls under (NFC) near field communication category while the RF can be used to transmit over an long distance by use of amplifiers and repeaters.
Recent Attacks In RFID
Attacks on RFID usually take place due to improper installation and lack of authorization. The recent attack took place in the CRC part of the machine. The verification is part is consists of an simple XOR gate formula which the intruders used this flaw in the CRC to bypass the reader where they found the 32 bits data transmitted for every 4ms and form the extracted data he flashed an new card and with no time the machine accessed.
The device security can be distinguished into two categories based on the area of usage, such as,
- Industrial or closed application
- Public applications
You may get confused of how the device is been classified, so based on the application lets thrive into an example, consider a ramp which is in motion where each product in the ramp has its own RFID tag. For the purpose of tracking here transponders are always kept active which turns the device ready for spoofing and jamming and also leads to wastage of power. In public ticketing system individual user has a physical access and we can’t identify the intruder as it is in place in public, whereas in the case of the industry it is only possible for the employer to act as an intruder. So now let us dig deeper into the attacks as they can be classified into two major categories.
- Common attack surfaces
- Cryptography implementations
Common attack surfaces
These attacks are performed by the intruder with adequate knowledge and to do this it is not necessary for him to know about the entire architecture or the systems working process. The various categories of the common attack surfaces are listed below,
- Attacks on Transponders
- Spoofing & cloning of transponders
- Attacks on RF interface
Attacks on Transponders
The transponders simply resembles as a credit/debit card which is used to provide access to the user to step in/out of the premise. The attack on transponder gets varied based on the type of transponder used. For example consider an attack in which the intruder tries to perform a permanent destruction of the transponder. This attack can be performed by exposing the antenna in a strong field, in which the maximum field of an antenna should be greater than 12A/m for a frequency of 13.56MHz for inductive coupled transponders. In this case the transponder is introduced in a strong electromagnetic field thereby producing an extreme heat which turns the transponder to destroy thermally else if the intruder can’t introduce in strong electromagnetic field then he can use the microwave to induct it.
This attack doesn’t require the intruder to be skilled an intruder with no skills can perform this task this is simple, just like wrapping up a thing. Here the intruder should have the transponder in hand and he requires a metal surrounding it, whereas in this case we can use an aluminum foil surrounding the transponder which produces an UHF scatter thereby resulting in an eddy current loss which makes insufficient for the reader to detect the transponder.
Spoofing & cloning of Transponder
To start with this attack we should initially determine the type of transponder, either it is a read-only or read-typewrite one. As this might affect the intruder attacking scenarios.
These attacks are carried out in contact-less RFID interface (i.e)., when a transponder reaches the sufficient distance to the reader it automatically detects the transponder and it logs the data where the transponder's acknowledgement should be sent. Then the reader will send a data frame to enhance the operation where this signal contains all useful information about the transponder, then number the user name with some manufacturer constraint details. By the use of certain interceptor the intruder can intercept the signal and that can be useful for them to construct a cloned copy of the transponder by which the intruder can perform unauthorized access.
Transponders with writeable memories
Transponders with writeable memory can be simply read by the intruder without any basic knowledge but they should know the usage of the tool. By using a perfect RFID reader/writer the intruder will not only perform cloned copy of cards but he can also overwrite the existing memory of the card. This can be efficiently prevented by the use of perfect encryption in areas of communications and needs to apply proper A&A mechanism wherever possible.
Attacks on RF interface
RFID works on electromagnetic waves either in near field or in far-field. To capture the RF interface the intruder doesn’t require a physical access instead he needs to be skilled in the area of communication and to understand and work with the signal characteristics. The various attacks in the RF interfaces are,
- Communication interception between the transmitter and the receiver (Eavesdrop).
- Communication interception between the transmitter and the receiver (Jamming).
- Extending the read range in order to skim the transponder
- Blocking the reader with DOS attack.
- Undetected use of remote transponder through a relay attack.
For furthur details/queries just drop an mail to [email protected]
The intruder needs a suitable antenna tuned at 13.56MHz to intercept a medium frequency at a distance of 3m. Successful attack requires less bandwidth but whereas in the real time we will receive more bandwidth of signal which takes more time for the analyst to come into conclusion by taking the average of the signal.
This technique is an entirely different form, as this would not provide any useful information for the attacker instead the intruder can hold/delay the operation for neither a while nor the intruder feels to enjoy it. This can be done with minimum skills with specific hardware in the hands of an intruder.
RFID communicates with large no of transponders using serial communication contactless method (i.e)., it communicates with the transponder via a slotted ALOHA neither uses a BST(Binary Search Tree) where it TX/RX are as binary values as 1 and 0. By the use of the blocker tag, we can take down the system in which the BST would take 2^k values where k is the no of bits in serial number. If a reader needs to crack an password it would be calculated as follows tg=t1*2n where n is the no of bits. For an individual serial number for running the entire series it would tale about approximately 8000 days which is obsolete. Hence to perform this action we need a full blocker or universal blocker. Even the widely used slotted aloha can be blocked by using a blocker tag.
These implementations should be made in the transponders and the readers in order to avoid common security flaws. To make a better encryption we need to eliminate the security flaws listed below,
Authentication using derived keys
In this method there would be a common key shared between all the transponders and the readers. For example, consider a metro station where the public used to get ticket by recharging the given transponders; in this the transponders will communicate with the reader whenever it reaches a certain distance; if all the transponders use a common key shared between them then it will be easy to capture the RF interface within a certain distance. So, to eliminate this problem the manufacturer should use a unique id for each of the transponders which contain a read-only category.
Encrypted Data Transfer
As mentioned previously, we can sniff the RF interface and we need to secure them by encryption. Let us just have a look at the below image.
This above image represents a process of data transfer from the transmitter. In this use case let us consider that we have two attack scenarios, one is passive scanning algorithm and the other is used to alter the captured data frames for the fruitful attack. Let’s assume that the key should be shared between the TX and the RX for decryption. In this the key would also be transmitted in the air so it is possible for the intruder to capture that too. A single miscalculation may lead to system take over. In order to avoid this we need to transmit the data on a hex code format in which this encryption should be done before we start transmitting and at the receiver end the decryption frame format is specified within the receiver. The main concept is that the produced key should be changed dynamically for each and every transfer of signal from the transmitter. Dynamic key can be generated by the use of stream cipher. This is one of the efficient ways to avoid the Encrypted data transfer.
RFID can operate at three different ranges namely LF, HF and UHF in most of the cases we use HF transponders for our public ticketing and login premises at our office and the UHF are used in toll plazas. For each category of RFID there are low cost cloning and RFID writers are available in Chinese websites. There are various vendors available; hence it is responsible for the user to opt it. Briskinfosec recommends before choosing the RFID it is better to look at the international standards like ISO,IEC and when you opt for cheaper things make sure that it is using strong cartographic algorithms to avoid security breaches.