Wireless technology can be open to security issues, and as a result RFID security is a major issue.
Linked to RFID security, another associated issue is that of privacy. When RFID tags can be tracked, this can lead to privacy issues. In addition to this, it can be particularly important if the RFID system is not secure.
As a result, RFID security and RFID privacy are inextricably linked and both need to be taken very seriously.
RFID tag cloning
One area of particaulr concern with RFID security is that of tag cloning. RFID security systems need to be able to prevent cloning as this would open the overall system to a variety of forms of security attack.
Typically when RFID tag cloning occurs, the responses of RFID tags are received by rogue monitors. Information received can then be used to replicate tags.
To enable RFID security to overcome this vulnerability, cryptographic techniques are used and embedded into the chips used. A number of approaches may be adopted:
- Rolling code approach: This approach to RFID security uses a scheme where the identifier given by the RFID tag changes after each read action. This reduces the usefulness of any responses that may be observed. It requires the RFID reader and RFID tag to have the same algorithm for changing the identifier. If multiple readers are used, they must be linked so that tracking can occur.
- Challenge response authentications: These systems use cryptographic principles. Here the reader issues an enquiry to the tag which results in a response, but as secret tag information is never sent over the interface between the RFID reader and tag the system cannot be compromised. Both reader and tag compute information from internal cryptographic algorithms, and the results are sent and the correct responses required for a successful information interchange. The system is essentially the same as encrypting data to send over a normal radio link.
In view of the additional processing required, the tags have a very much higher cost, and they are also far more power hungry. As a result deployment of these RFID secure tags is limited to areas where the cost can be justified.
A major concern over the increase in use of RFID tags is the personal security associated with the illicit tracking of RFID tags.
Private organisations have expressed their concern over this with the increasing use of electronic product code tags being embedded in consumer products. In addition to this the US Department of Defense (DoD) is looking at the problem with their use of tracking assets.
There are a number of ways in which these RFID security issues arise:
- The unique identifiers within RFID tags can be used for profiling and identifying consumer and individual patterns.
- Stealth readers can track people with RFID tags on them - RFID tags will normally remain active after an item has been bought, and when wearing a garment, for example, it is possible to utilise this tag illicitly.
- Hidden tags could be placed within on or within an item to enable stealth tracking to be undertaken.
To help overcome these issues a number of approaches can be adopted:
- Blocker tags: These tags spam any unauthorized readers into assuming that there are many tags in the vicinity and thereby preventing access to any tags that may be on the individual.
- Kill switches: When consumer items are purchased, or if an RFID tag needs to be deactivated for any reason, tags can be disabled. This function is incorporated into many newer RFID tags, although not all. It also does not stop the possibility of illicit tags being placed and used for tracking.
While these measures are available, personal security can still remain an issue as the possibility of RFID security for individuals is not widely recognized.
Security is a major issue for RFID as with any other wireless or wired communications technology. Fortunately the short ranges of RFID mean that some forms of hacking are not possible, but this does not mean that security should not be taken very seriously. If there is a hint of any gain that can be made by hackers then the opportunities will be seized. In addition to this the issues of privacy also need to be considered, especially with the growing awareness of privacy in all is aspects.
Wireless & Wired Connectivity Topics:
Mobile Communications basics2G GSM3G UMTS4G LTE5GWiFiIEEE 802.15.4DECT cordless phonesNFC- Near Field CommunicationNetworking fundamentalsWhat is the CloudEthernetSerial dataUSBSigFoxLoRaVoIPSDNNFVSD-WAN
Return to Wireless & Wired Connectivity