Survey of Cryptographic Implementations and Vulnerabilities on Passive RFID Devices

A long time ago, I saw a couple of banks that produced RFID-enabled credit cards. These were simple magstripe (magnetic stripe) credit cards that also happen to include an RFID chip so you didn't have to swipe your card. Instead, you could just tap the POS (Point of Sales) system and be done with your transaction.

RFID-enabled Card
RFID-enabled credit card

The first thing I thought was: Why on earth are they producing RFID enabled credit cards as opposed to moving towards the chip cards (which at this point were widespread throughout Europe and South America). The idea of going wireless intrigued me and I wondered how secure they were.

Last Quarter, I had the perfect opportunity to study these devices during one of my cryptography (CS290T: Advanced Topics in Cryptography) classes.

I ended up writing a 20-page paper on these small little chips, because once you start researching them you just fall into a rabbit hole of intriguing documents. Of course, you probably don't really want to read 20 pages, so let's cut to the interesting facts.

The Quick Version

What is RFID?

Radio-Frequency Identification (RFID) is a wireless technology intended for the automated identification of objects. While the RFID technology spectrum is actually quite broad, these devices can be roughly divided into tags and interrogators. Tags consist of small passive microchips connected to an antenna. These devices don’t have a power source of their own, instead they are designed to work with energy collected by a nearby RFID reader (interrogator). The RFID interrogator, on the other hand, does have an internal 1 power source and is usually connected to some external backend (server or database). Essentially, tags receive a query from the interrogator, run some computation or check memory, and return a response.

How are they used today?

These devices are extremely popular. In 2015 they represent a 10 billion dollar industry. They are used in automobile keys, access keys, payment fare cards, credit cards, theft deterrent systems, supply chains, even phones!  (That's right! NFC communication is technically still in the realm of RFID technologies).

Why are they interesting?

What made these devices intriguing for me, was that most companies are using these devices "in the dark". What I mean by this, is that they are not openly talking about the security measures or cryptographic implementations on their RFID devices. This is what is commonly refered to as "security by obscurity" (If I don't tell anyone, no one will figure out how it works and no one will find the flaws in the system). In the cryptography world this is considered a terrible idea, as peer-review and open discussion lead to better, more secure systems.

So, were these things secure?

At the end of the day, there is a lot of theoretical fixes and improvments that can be done to obtain fairly secure RFID chips. However, due to the "security by obscurity" philosophy that some of these companies undertook, a lot of devices found today have heavy security flaws. I focused heavily in two study cases: Nohl's reverse-engineering of the Mifare and Bono's DST cracking. In these two papers, major RFID products were reverse-engineered and broken fairly easily (according to the authors). I would definitely recommend these two papers as starting points for those interested in RFID reverse-engineering.

What are the attack vectors?

The attack vectors are the same as with any wireless technology.

  • Eavesdropping: Either by passively sniffing information from a nearby transaction (between a valid tag and reader) or actively querying nearby tags.
  • Cloning and Spoofing: Essentially pretending to be a legitimate tag or reader. (e.g. You clone someone's keycard and access their workplace)
  • Relay attacks: You create an extended channel so that you can initiate an exchange between a reader and a card that are separated by long distances (e.g. You use two phones connected wirelessly. You get one phone close to someone's RFID-enabled credit card and the other phone near a POS, then you allow the two devices to have an exchange and boom! free watch)
  • Denial Of Service Attacks: Essentially spam a tag or reader to the point where they can't authenticate. (e.g lock somebody out of their workplace by putting a jammer next to the RFID reader)
  • Side Channel or other Physical Attacks: As always, you could go for side channel or physical attacks to give you more information about the cryptosystem. However, given the other simpler forms of attack, it seems that this one is a bit overkill.

What can I do as a consumer?

Thankfully, it seems that some critical consumer products (such as credit cards) are moving towards safer technologies. In terms of RFID, you could mitigate problems by keeping these devices in Faraday cages (aka. wrap in tinfoil, or get yourself a fancy metallic wallet). Otherwise, if you wan't to be more extreme you can always just take a pin and prick a hole on the RFID chip.

What can I do as a researcher/developer?

I would suggest reading section 4 of my paper (shameless plug). I highlight some promising mitigation strategies for many of the aforementioned vulnerabilities. I also point in the direction of more research papers that go substantially deeper than I have. Essentially, there is a lot of peer-reviewed information out there that could help you develop a safer product. I'm not a huge expert, but there is two things I can say about this:

  1. Is RFID a proper solution for my product? In the case of credit cards, the answer should have been no.
  2. Don't follow "Security by Obscurity". There is a ton of research papers and peer-reviewed information out there from very smart people. There is no need to re-invent the wheel, just see what good peer-reviewed solutions you can find.

The Paper

Synopsis:

    This survey paper aims to give a solid groundwork for researchers wishing to understand the goals and challenges in the area of cryptographically-enabled passive RFID devices. We will provide the basic models of passive RFID device usages, and a series of common attack models. Furthermore we will study two famous cases of RFID reverse-engineering and their implications. Finally, we will survey possible techniques for mitigating typical vulnerabilities.

(You can also check this paper out in the Academia.edu link.)

Recent Posts

Recent Comments

Archives

Categories

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *