Like any other security devices and mechanism RFID is not flawless. Despite its widespread application and usage, RFID poses security threats and challenges that need to be addressed properly before deployment. This post aims to highlight several important RFID related security issues.
RFID Counterfeiting: depending on the computing power, RFID can be classified into three categories:
- Basic tags
- Tags that uses symmetric keys
- Tags that uses public-key
Since basic tags do not use any encryption, they can be counterfeited easily. As you already know that supply chain management and travel industries. Attackers can write information to a basic black tag or can modify data in the tag writable basic tag in order to gain access or validate a product’s authenticity. The things that an attacker can do with basic tags are:
- They can modify the existing data in the basic tags and can make invalid tags into a valid tag and vice-versa. They can lower the price of an expensive item to buy it at reduced price.
- The attackers can change the tag of an object to that of another tag embedded in another object.
- They can create their own tag using personal information attached to another tag.
So, make sure your tag is using some sort of cryptography when you are dealing with sensitive object such a passports or any identity documents. If you have to use basic tag, make sure you have proper security measures, monitoring and audit program in place to detect any anomalies in your RFID system.
- RFID Sniffing
Sniffing is a major of concern in deploying RFID solution. RFID readers always send requests to the tags to send back its identity information. Once the reader reads information sent by the tag, it verifies it with the data stored in a backend server. Unfortunately, most of the RFID tags do not have a way to discriminate between a request sent by a valid RFID read and a fake RFID reader. An attacker can use his own RFID reader to read the tags and use it for their own purposes.
By reading information received from RFID tag an attacker can track the location and movement of an object or a person. When a tag is attached to an object and the object enter the RFID reader’s field, the RFID read can identify the object and locate its position. So, you need to remember that whenever you attach an RFID tag to an object, you need to accept that fact that an attacker can track your object even if you are using encrypted messages to communicate between the tags and the RFID readers. An attacker can use mobile robots in order to track the location.
- Denial of Service
When a reader request information from a tag, it receive the identification id and compares it with the id stored in the database server. Both the RFID reader and the backend server are vulnerable to denial of service attacks. When DoS attack takes place, the tags fail to verify its identity with the reader and as a result the service gets interrupted. So, you need to make sure both the reader and the database server has mechanism to fight against denial of service attack.
In a spoofing attack, the attacker masquerade as a legitimate user of the system. The attacker can pose himself as an authorized Object Naming Service user or database user. If an attacker can successfully get access to the system with his spoofed credentials he can do whatever he wants with RIFD data such as responding to invalid requests, changing RFID id, denying normal service or even writing malicious code in the system.
As you know that repudiation means when as user officially deny that he has done an action and we have no way to verify that whether he has performed that particular action. In the case of RFID, repudiation can happened in two ways: one is the sender or receiver may deny doing an action such as sending RFID request and we have no evidence to proof that. The second one is the EPC number owner or the database owner denies that it has any data about the tags attached to an object or a person.
- Insert Attacks
In this type of attack, an attacker tries to insert system commands to the RFID system instead of sending normal data.an example of RFID insert attack is that a tag carrying system command in its memory..
- Replay Attacks
An attacker intercepts communication message flowing between the reader and the tags and he records the tag’s response that can be used as a response to reader’s request. An example of reply attack is a perpetrator recording communication between access card reader and a proximity card, which can be used to access a secure facility.
- Physical Attacks
It happens when an attacker physically obtain tags and alter its information. Physically attack can take place in a number of ways such as an attacker using a probe to read and to alter the data on tags. X-ray band or other radial band destroys data in tags, which an attacker can use to attack an RFID system-this type of attack is also known as radiation imprinting. Electromagnetic interference can disrupt communication between the tags and the reader.
Beside, anyone can easily remove tags from objects with knife or any other tools, which will make your object unrecognizable by the RFID reader.
Like any other information system, RFID is also prone to virus attacks. In most cases the backend database is the main target. An RFID virus can either destroy or disclose the tags data stored in the database disrupt the service or block the communication between the database and the reader.
To protect your RIFD database, make sure you mitigate database related vulnerabilities and risks.
Despite being a target of some common attacks, RFID is gaining popularity in certain areas because of its low-maintenance cost and cost-effectiveness. If you are considering implementing Radio-frequency identification in your organization, for whatever purpose it may be, you need to pay extra-care for the first four types RFID attacks described in this post: counterfeit, sniffing, tracking and denial of service.