490 likes | 766 Views
RFID/USN Security Issues. 2009/7/14 신승목 Cryptography & Information Security Lab. Ubiquitous world. 1. RFID 개론 및 보안 이슈. 2. USN 개론 및 보안 이슈. 3. 3. Quiz. 4. 4. Contents. Advent of Ubiquitous society. Transition to Ubiquitous society. RFID/USN concept.
E N D
RFID/USNSecurity Issues 2009/7/14 신승목 Cryptography & Information Security Lab
Ubiquitous world 1 RFID 개론 및 보안 이슈 2 USN 개론 및 보안 이슈 3 3 Quiz 4 4 Contents KAIST-ICC
Advent of Ubiquitous society KAIST-ICC
Transition to Ubiquitous society KAIST-ICC
RFID/USN concept • RFID/USN 기술은 다양한 장소에서 태그나 센서 노드를 이용하여 인간/사물 등의 환경 정보를 인식하고 취합 및 처리하여 인간이 좀 더 편리하게 IT 서비스를 이용할 수 있게 해준다. @ MIC/Korea 2007 KAIST-ICC
Introduction to RFID KAIST-ICC
What it RFID? • Radio Frequency IDentication (RFID) is a method of remotely identifying objects using transponders (tags) queried through a radio frequency channel. T8 T1 T2 Tn Reader T3 T6 T4 T5 T7 Backend Database KAIST-ICC
RFID - overview RFID Barcode A typical RFID tag Data A multi-tier system: RFID tag, reader and backend server An infrastructure to build ubiquitous society KAIST-ICC
RFID readers (1/2) • Fixed-Type Readers • Mobile Readers KAIST-ICC
RFID readers (2/2) • Typical Structure of RFID Reader Digital Signal Processor (DSP) Network Processor PowerSupply 13.56MHz Radio 915MHz Radio KAIST-ICC
RFID Tag • Classification by Power • Classification by Frequency • Low-frequency (LF: 125 ~ 134.2 KHz and 140 ~ 148.5 KHz) • High-frequency (HF: 13.56 MHz) • Ultra-high-frequency (UHF: 868 ~ 928 MHz) KAIST-ICC
Electronic Product Code (EPC) • 296 = 79,228,162,514,264,337,593,543,950,336 • 96 bits can uniquely label all products for the next 1,000 years. KAIST-ICC
EPC classification (1/2) • Class-1: Identity Tags (normative): • Passive Tags • An electronic product code (EPC) identifier • A Tag identifier (TID) • A 'kill' function that permanently disables the Tag • Optional password-protected access control • Optional user memory KAIST-ICC
EPC classification (2/2) • Higher-class Tags (informative) • Class-2: Higher-Functionality Passive Tags • An extended TID (Tag ID) • Extended user memory • Authenticated access control • Class-3: Semi-Passive Tags • An integral power source • Integrated sensing circuitry • Class-4: Active Tags (i.e., sensor node) • Tag-to-Tag communications • Active communications • ad-hoc networking capabilities KAIST-ICC
RFID system applications (1/3) • Libraries • Supply chain management KAIST-ICC
RFID system applications (2/3) • Airline Baggage @ JFK Airport KAIST-ICC
RFID system applications (3/3) • Passports • Transport payments • Anti-counterfeiting • Whitepapers in 2006 (by Auto-ID Labs.) • Access control • Animal tracking, etc. KAIST-ICC
RFID security issues KAIST-ICC
Security and Privacy in RFID • Privacy invasion: • Information leakage of user’s belongings without awareness of a user • Static ID is subject to tracking such as behavior tracking • Lack of authentication: • Malicious reading (skimming): • Captured information aids duplicating genuine tags. • Denial-of-Service(DOS) due to deployment of cloned tags • Risks • Eavesdropping between T & R • DB Desynchronization B & R • Impersonation, spoofing • Replay attack / Active Query • Data loss (DoS, Message hijacking) • Forgery (Decoy Tag, etc.) • Physical (Hardware) attack KAIST-ICC
Security Requirements in RFID Systems • Confidentiality • Indistinguishability • Anti-cloning • Availability • Forward security KAIST-ICC
Weak Implementations (1/2) • In January 2005, researchers at John Hopkins University and the RSA Lab announced a successful attack on the Texas Instruments DST RFID by guessing its 40-bit key using brute-force. • The DST RFID was used in Ford immobilizers and ExxonMobil SpeedPass. KAIST-ICC
Weak Implementations (2/2) - Video • Cracking TI (Texas Instrument) DST (Digital Signature Transponder) chip TI DST Cracking the key in a DST tag Buying gas using the DST simulator Sniffing a DST tag in a victim's pocket KAIST-ICC
Security Challenge • The narrow cost requirements of low-cost RFID systems make low-cost tags extremely resource-scarce environments, far below the requirements for any public-key and symmetric-key cryptographic systems. • EPC tags: $0.05, 250 – 1000 gates • AES: 20,000 – 30,000 gates KAIST-ICC
Introduction to USN KAIST-ICC
Sensor & Sensor Network • What is a Sensor? • A device that produces a measurable response to a change in a physical or chemical condition, e.g. temperature, ground composition, etc. • Sensor Networks • A large number of low-cost, low-power, multifunctional, and small sensor nodes • They benefit from advances in 3 technologies • digital circuitry • wireless communication • silicon micro-machining KAIST-ICC
Sensing Networking Computation Wireless Sensor Networks (WSN) • New technologies have reduced the cost, size, and power of micro-sensors and wireless interfaces. Circulatory Net EnvironmentalMonitoring Structural KAIST-ICC
WSN - Properties • Compose of a large number of sensor nodes • Densely deployed inside(near) the phenomenon • Low energy consumption • Relocation or recharge is impossible • Self-organizing network (infrastructureless) • Random deployment : manual configuration is unfeasible KAIST-ICC
Applications: U-farm KAIST-ICC
Applications: Weather sensing Fire Detection KAIST-ICC
Applications: Fire Detection CulturalProperty Asset Management using USN Bush Fire Detection KAIST-ICC
Applications: Battle Field KAIST-ICC
센서노드(교량) CCD 카메라 중계기 파고센서노드(2개소) Applications: Disaster Detection • 법정하천(2개소) • 센서노드 : 15개 • 중계기 : 7개 • 카메라 : 2개 소하천(7개소) 센서노드 : 4 개 중계기 : 2개 카메라 : 2개 죽암천 평리천 현포천 태하천 내수전천 저동2리천 서달천 저동천 구암천 도동사천 남서천 도동항 사동천 남양천 옥천천 통구미천 위험내천(6개소) 센서노드 : 11개 중계기 : 6개 KAIST-ICC
Communication Architecture Sensor nodes can be data originators and data routers KAIST-ICC
Node Hardware In-node processing Wireless communication with neighboring nodes Event detection Acoustic, seismic, magnetic, etc. interface Electro-magnetic interface sensors radio CPU battery Limited-battery supply KAIST-ICC
Examples of Sensor Nodes KAIST-ICC
USN security issues KAIST-ICC
Why should we consider the Security? (1/2) • Providing confidentiality, integrity, and availability of the communications and computations • Sensor networks are vulnerable to security attacks due to the broadcast nature of transmission • Sensor nodes can be physically captured or destroyed KAIST-ICC
Why should we consider the Security? (2/2) • Since the system is able control house infrastructure • e.g., gas, water control etc • If the adversary attacks house infra system • House infrastructure can be a serious harm to human • e.g., Open gas valve, overheat the micro-wave KAIST-ICC
Security Threats of Each Application * Yee Wei Law and Havinga, P.J.M., “How to Secure a Wireless Sensor Network”, 2005 KAIST-ICC
Design of New Security Solution Must Be Required! Constraints of WSN KAIST-ICC
Security Requirements for WSN • Data Confidentiality (Eavesdropping) • Don’t leak sensor readings • Solution: Encryption • Data Authentication (inject / alter Attack) • data was really from claimed sender • Solution: MAC • Data Integrity (inject / alter Attack) • Received data is not altered in the mid-way • Solution: data authentication KAIST-ICC
= sensor node Attacks on WSN • Typical attacks on WSN are: • Sybil attack • Wormholes • HELLO flood attacks • Notations = adversary = base station * D. Wagner, “Security for Sensor Networks: Cryptography and Beyond”, SASN 2003 KAIST-ICC
HELLO flood attack • Inferring a node is a neighbor (i.e. within radio range) after receiving a broadcast packet from them may be ill-conceived. An adversary with a powerful transmitter could easily reach every node in the network. * D. Wagner, “Security for Sensor Networks: Cryptography and Beyond”, SASN 2003 KAIST-ICC
Sybil attack • An adversary may present multiple identities to other nodes. The Sybil attack can disrupt geographic and multipath routing protocols by “being in more than one place at once” and reducing diversity. * D. Wagner, “Security for Sensor Networks: Cryptography and Beyond”, SASN 2003 KAIST-ICC
Wormholes • Tunnel packets from one part of the network and replay them in a different part. * D. Wagner, “Security for Sensor Networks: Cryptography and Beyond”, SASN 2003 KAIST-ICC
Conclusion • RFID/USNs are essential technology for up-coming Ubiquitous world • If the system is not designed with security in mind • This technology would harm human life • Security should be considered from the design of entire Ubiquitous system KAIST-ICC