Alexei Czeskis
ABSTRACT
We tackle the problem of defending against ghost-and-leech (a.k.a. proxying, relay, or man-in-the-middle) attacks against RFID tags and other contactless cards. The approach we take -- which we dub secret handshakes -- is to incorporate gesture recognition techniques directly on the RFID tags or contactless cards. These cards will only engage in wireless communications when they internally detect these secret handshakes. We demonstrate the effectiveness of this approach by implementing our secret handshake recognition system on a passive WISP RFID tag with a built-in accelerometer. Our secret handshakes approach is backward compatible with existing deployments of RFID tag and contactless card readers.
Our approach was also designed to minimize the changes to the existing usage model of certain classes of RFID and contactless cards, like access cards kept in billfold and purse wallets, allowing the execution of secret handshakes without removing the card from one's wallet. Our techniques could extend to improving the security and privacy properties of other uses of RFID tags, like contactless payment cards.
- L. Bao and S. S. Intille. Activity recognition from user-annotated acceleration data. In A. Ferscha and F. Mattern, editors, Proceedings of PERVASIVE, 2004.Google Scholar
Cross Ref
- S. C. Bono, M. Green, A. Stubblefield, A. Juels, A. D. Rubin, and M. Szydlo. Security analysis of a cryptographically-enabled rfid device. In SSYM'05: Proceedings of the 14th conference on USENIX Security Symposium, pages 1--1, Berkeley, CA, USA, 2005. USENIX Association. Google ScholarDigital Library
- H.-J. Chae, D. J. Yeager, J. R. Smith, and K. Fu. Maximalist cryptography and computation on the WISP UHF RFID tag. In Proceedings of the Conference on RFID Security, July 2007.Google Scholar
- T. Choudhury, G. Borriello, S. Consolvo, D. Haehnel, B. Harrison, B. Hemingway, J. Hightower, P. P. Klasnja, K. Koscher, A. LaMarca, J. A. Landay, L. LeGrand, J. Lester, A. Rahimi, A. Rea, and D. Wyatt. The mobile sensing platform: An embedded activity recognition system. IEEE Pervasive Computing, 7(2):32--41, 2008. Google ScholarDigital Library
- J. Conway. On Numbers and Games. Academic Press, 1976.Google Scholar
- N. Davies, D. P. Siewiorek, and R. Sukthankar. Activity based computing. IEEE Pervasive Computing, 7(2):20--21, 2008. Google ScholarDigital Library
- S. Drimer and S. J. Murdoch. Keep your enemies close: Distance bounding against smartcard relay attacks. In 16th USENIX Security Symposium, August 2007. Google ScholarDigital Library
- EPCGlobal. Class 1 Generation 2 UHF Air Interface Protocol Standard. http://www.epcglobalinc.org/standards/uhfc1g2.Google Scholar
- D. Gafurov, K. Helkala, and T. Sdrol. Biometric gait authentication using accelerometer sensor. Journal of Computers, 1(7):51--59, 2006.Google ScholarCross Ref
- D. Halperin, T. S. Heydt-Benjamin, B. Ransford, S. S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W. H. Maisel. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In IEEE Symposium on Security and Privacy. IEEE Computer Society, May 2008. Google ScholarDigital Library
- G. Hancke. A practical relay attack on ISO 14443 proximity cards, 2005. http://www.cl.cam.ac.uk/?h275/relay.pdf .Google Scholar
- G. P. Hancke and M. G. Kuhn. An RFID distance bounding protocol. In Proceedings of IEEE/Create-Net SecureComm, 2005. Google ScholarDigital Library
- T. S. Heydt-Benjamin, D. V. Bailey, K. Fu, A. Juels, and T. O'Hare. Vulnerabilities in first-generation RFID-enabled credit cards. In Proceedings of Financial Cryptography and Data Security, 2007. Google ScholarDigital Library
- A. Juels. RFID security and privacy: A research survey. In IEEE Journal on Selected Areas in Communications, 2006. Google ScholarDigital Library
- A. Juels, R. Rivest, and M. Szydlo. The blocker tag: Selective blocking of RFID tags for consumer privacy. In 10th Annual ACM Conference on Computer and Communications Security, 2003. Google ScholarDigital Library
- D. Kaminsky. Soylent badges: An attack surface analysis of RFID, 2007. http://www.law.washington.edu/LCT/Events/rfid/Dan_Kaminsky-RFID-Attack-%Surface.pdf.Google Scholar
- Z. Kfir and A. Wool. Picking virtual pockets using relay attacks on contactless smartcard systems, 2005. citeseer.ist.psu.edu/kfir05picking.html. Google ScholarDigital Library
- B. Logan, J. Healey, M. Philipose, E. Munguia-Tapia, and S. Intille. A long-term evaluation of sensing modalities for activity recognition. In Proceedings of Ubicomp, 2007. Google ScholarDigital Library
- R. Mayrhofer and H. Gellersen. Shake well before use: Authentication based on accelerometer data. In Proc. Pervasive 2007: 5th International Conference on Pervasive Computing. Springer-Verlag, May 2007. phto appear. Google ScholarDigital Library
- MIT Auto-ID Center. 860MHz -- 930MHz Class I Radio Frequency Identification Tag Radio Frequency & Logical Communication Interface Specification Candidate Recommendation, 2002. http://tinyurl.com/2ebjx7.Google Scholar
- D. Molnar and D. Wagner. Privacy and security in library RFID issues, practices, and architectures. In 11th ACM Conference on Computer and Communications Security, 2004. Google ScholarDigital Library
- S. N. Patel, J. S. Pierce, and G. D. Abowd. A gesture-based authentication scheme for untrusted public terminals. In UIST '04: Proceedings of the 17th annual ACM symposium on User interface software and technology, pages 157--160, New York, NY, USA, 2004. ACM. Google ScholarDigital Library
- A. P. Sample and J. R. Smith. A low-cost capacitive touch interface for passive RFID tags. Submitted for publication.Google Scholar
- J. R. Smith, A. P. Sample, P. S. Powledge, S. Roy, and A. Mamishev. A wirelessly-powered platform for sensing and computation. In P. Dourish and A. Friday, editors, Ubicomp, volume 4206 of Lecture Notes in Computer Science, pages 495--506. Springer, 2006. Google ScholarDigital Library
- A. Varshavsky, A. Scannell, A. LaMarca, and E. de Lara. Amigo: Proximity-based authenticaiton of mobile devices. In Proceedings of Ubicomp, 2007. Google ScholarDigital Library
- Identity Stronghold website. http://idstronghold.com/.Google Scholar
- Privaris plusID products. http://www.privaris.com/products/index.html.Google Scholar
- SMARTCODE solves the privacy issue relating to potential unauthorized reading of RFID enabled passports and ID cards. http://tinyurl.com/ypodsz.Google Scholar
Index Terms
- RFIDs and secret handshakes: defending against ghost-and-leech attacks and unauthorized reads with context-aware communications
Recommendations
Lightweight Cryptography for RFID Tags
RFID tags pose privacy risks that have only been somewhat addressed. Achieving acceptable levels of security and privacy will require a combination of software and hardware solutions.
Location-Aware and Safer Cards: Enhancing RFID Security and Privacy via Location Sensing
In this paper, we report on a new approach for enhancing security and privacy in certain RFID applications whereby location or location-related information (such as speed) can serve as a legitimate access context. Examples of these applications include ...
On two RFID privacy notions and their relations
Privacy of RFID systems is receiving increasing attention in the RFID community. Basically, there are two kinds of RFID privacy notions in the literature: one based on the indistinguishability of two tags, denoted as ind-privacy, and the other based on ...
Comments