Construyendo IDentificación de Radiofrecuencia para el Medio Ambiente Global

Building Radio frequency IDentification for the Global Environment

White Paper RFID Tag Security

Authors: Manfred Aigner (TU Graz), Trevor Burbridge (BT Research), Alexander Ilic (ETH Zurich), David Lyon (GS1-UK), Andrea Soppera (BT Research), Mikko Lehtonen (ETH Zurich)

1

2

PREFACE About the BRIDGE Project BRIDGE (Building Radio frequency IDentification for the Global Environment) is a 13 million Euro RFID project running over 3 years and partly funded (€7,5 million) by the European Union. The objective of the BRIDGE project is to research, develop and implement tools to enable the deployment of EPCglobal applications in Europe. Thirty interdisciplinary partners from 12 countries (Europe and Asia) are working together on : Hardware development, Serial Look-up Service, Serial-Level Supply Chain Control, Security, Anti-counterfeiting, Drug Pedigree, Supply Chain Management, Manufacturing Process, Reusable Asset Management, Products in Service, Item Level Tagging for non-food items as well as Dissemination tools, Education material and Policy recommendations. For more information on the BRIDGE project: www.bridge-project.eu

Disclaimer: Copyright 2008 by (TUGraz, BT Research, ETH Zurich, GS1 UK) All rights reserved. The information in this document is proprietary to these BRIDGE consortium members. This document contains preliminary information and is not subject to any license agreement or any other agreement as between with respect to the above referenced consortium members. This document contains only intended strategies, devel

opments, and/or functionalities and is not intended to be binding on any of the above referenced consortium members (either jointly or severally) with respect to any particular course of business, product strategy, and/or development of the above referenced consortium members. To the maximum extent allowed under applicable law, the above referenced consortium members assume no responsibility for errors or omissions in this document. The above referenced consortium members do not warrant the accuracy or completeness of the information, text, graphics, links, or other items contained within this material. This document is provided without a warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability, satisfactory quality, fitness for a particular purpose, or non-infringement. No licence to any underlying IPR is granted or to be implied from any use or reliance on the information contained within or accessed through this document. The above referenced consortium members shall have no liability for damages of any kind including without limitation direct, special, indirect, or consequential damages that may result from the use of these materials. This limitation shall not apply in cases of intentional or gross negligence. Because some jurisdictions do not allow the exclusion or limitation of liability for consequential or incidental damages, the above limitation may not apply to you. The statutory liability for personal injury and defective products is not affected. The above referenced consor

tium members have no control over the information that you may access through the use of hot links contained in these materials and does not endorse your use of third-party Web pages nor provide any warranty whatsoever relating to third-party Web pages.

3

CONTENTS 1. Executive Summary 2. Introduction 2.1. The BRIDGE project 2.2. Objectives of The Security Research Group (SRG) 2.3. Scope of the SRG 2.4. Description of Work - Security Analysis and Requirements 2.4.1. RFID Tag Security 2.4.2. Anti-cloning of RFID Tags 2.4.3. Development of an RFID Trusted Reader 2.4.4. Supply Chain Integrity 3. Security Case Studies 3.1. Authentication 3.2 e-Pedigree 3.3 Track and traceability 3.4 Returnable transit units 3.5 Enabling After-Sales and Returns Whilst Protecting Consumer Privacy 4. The Background to RFID Security 4.1 Tag & System Security 4.2 The RFID tag industry today & its future 4.3 Current RFID Security capabilities 4.4 Transponder ID Numbers (TID) RFID Tag Security measures 5.1 Physical protection of a tag 5.2 RFID Tag security requirements RFID Security and Privacy 6.1 Privacy risks 6.2 Data Protection 6.2.1 Collection limitation and security safeguards principle 6.2.2 Data quality principle 6.2.3 Purpose specification principle and Use limitation principle

5.

6.

7. Standards Compliance and Evolution 8. Conclusions Appendix 1 An Introduction to RFID

4

1. Executive Summary RFID is a technology that offers huge potential for change management activities by automating processes and providing accurate, trusted data. Its unique

features include giving each physical object a globally unique digital identity read from a distance without requiring line-of-sight capability, and often without using a battery. These features provide new ways of measuring and integrating the real world into information systems and means RFID offers significant potential to change the way we do business. However, for RFID to reach its potential, greater attention must be paid to its security, which is the role of this work group, The Security Research Group (SRG)

Figure 1: SRG tries to improve the balance between risks and benefits of RFID-based business applications by developing secure RFID solutions

There are three important security scenarios to consider. Firstly, when RFID is implemented to improve an existing business process, it can automate activities and thereby reduce the potential business and security risks caused by human error. Secondly, RFID itself can induce new risks to a process; mostly unlike barcodes, RFID tags will be used in securitysensitive applications such as ticketing, access control and product authentication. Therefore security is needed to keep automated aspects and invisible properties under control, and prevent any risk of the process becoming susceptible to mass abuse. Owing to the high level of automation that RFID provides, a security incident could cause great harm before countermeasures will be effective. Thirdly, as RFID is a data gathering and process measurement technology, it can completely enable new business applications. Activities and actions un

able to previously be accurately measured can now deliver effective metrics. Again, security plays a major role delivering the accountability required to engender trust

...