![]() |
|||
Home Research People Publications Contact | |||
|
|||
Sensing-Enabled RFID Security and Privacy -- A SAFE PROJECT |
|||
Passive RFID (Radio Frequency IDenti cation) tags are miniaturized devices that enable automated identification in numerous applications and circumstances (e.g., access cards, contacless credit cards, e-passports and medical implants). However, due to the inherent weaknesses of underlying wireless radio communications, RFID systems are plagued with a wide variety of security and privacy threats. A large number of these threats arise due to the tag's promiscuous response to any reader requests. This renders sensitive tag information easily subject to unauthorized reading. Information (might simply be a plain identifier) gleaned from a RFID tag can be used to track the owner of the tag, or be utilized to clone the tag so that an adversary can impersonate the tag's owner. Promiscuous tag response also incites different forms of relay attacks whereby a malicious colluding pair, relaying messages between a tag and a reader, can successfully impersonate the tag without actually possessing it. The feasibility of executing relay attacks has been demonstrated on many RFID deployments, including the Chip-and-PIN credit card system, RFID-assisted voting system, and keyless entry and start car key system. Providing security and privacy services for RFID tags presents a unique and formidable set of challenges. This is due to the constraints of these tags in terms of computation, memory, and power resources. The problem is exacerbated by the very strict and somewhat unusual requirements of RFID applications (originally geared for automation) in terms of usability. Consequently, currently deployed or proposed solutions often fail to meet these constraints and requirements. Recent technological advancements enable many RFID tags with sensing capabilities. This new generation of RFID devices - supporting sensing, computation, and RFID communication - can facilitate numerous promising applications for ubiquitous sensing and computation. They also suggest new ways of providing security and privacy services by leveraging the unique properties of physical environment or physical status of the tag (or its owner). This project aims at providing context-/situation-aware security and privacy solutions for different RFID applications in terms of not only efficiency and security, but also usability, by utilizing sensors and sensing technologies. |
|||
This project is partially supported by
the NSF grant CNS-1153573.![]() |
|||
Publications | |||
|