1 / 18

IWD2243 Wireless & Mobile Security

IWD2243 Wireless & Mobile Security. Chapter 6 : Wireless Embedded System Security. 6.1 Introduction. Radio Frequency Identification (RFID) Radio transmission containing some type of identifying information. Cryptographically encoded challenges and response. Include Point of Sale (POS)

tejana
Download Presentation

IWD2243 Wireless & Mobile Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IWD2243Wireless & Mobile Security Chapter 6 : Wireless Embedded System Security Prepared by : Zuraidy Adnan, FITM UNISEL

  2. 6.1 Introduction • Radio Frequency Identification (RFID) • Radio transmission containing some type of identifying information. • Cryptographically encoded challenges and response. • Include • Point of Sale (POS) • Automated Vehicle Identification (AVI) • Restrict access to building rooms within buildings • Livestock identification • Asset tracking • Pet ownership identification • Warehouse management and logistics and etc. Prepared by : Zuraidy Adnan, FITM UNISEL

  3. 6.2 RFID Security in General • RFID is being used in multiple areas where little or no consideration was given to security issues. • Case : - • Exxon Mobile Speedpass, RFID POS system • Adi Shamir – monitor power level in RFID tags – can compromise SHA 1 algorithm in RFID • Adi Shamir – common cell phone can conduct an attack in a given area. • Wall mart begin use RFID in its supply chain • Dept of Defense use RFID to improve data quality and management of inventories. Prepared by : Zuraidy Adnan, FITM UNISEL

  4. 6.3 RFID Radio Basics • Radio – small piece of “electromagnetic spectrum” that covers all forms of radiation • Radio frequency (RF) broken down to a number of band. • US – RF handled by FCC • Europe – RF mostly handled by ETSI • RFID – most system utilize one of three general bands, LF (125 kHz to 134kHz), HF (13.56 MHz), and ultra HF (860 to 930 MHz). • See figure 24.3 : Two different RFID tags and reader with integral antenna, page 621. Prepared by : Zuraidy Adnan, FITM UNISEL

  5. 6.4 RFID architecture • Consist of a reader and tag (also known as a label or chip) • Reader queries tag, obtain information, and then take action based on that info. • Tag / label • Transponders – Combination of transmitters & receivers. • Transponders use in RFID is called tag/label/chip. • RFID tag contain the following items : • Encoding/decoding circuitry, Memory, Antenna, Power supply, Communication control. • Active & Pasive tag • See figure 24.4 : Passive & active tag processes, page 624 Prepared by : Zuraidy Adnan, FITM UNISEL

  6. 6.4 RFID architecture • Consist of a reader and tag (also known as a label or chip) • Reader queries tag, obtain information, and then take action based on that info. • Tag / label • Transponders – Combination of transmitters & receivers. • Transponders use in RFID is called tag/label/chip. • RFID tag contain the following items : • Encoding/decoding circuitry, Memory, Antenna, Power supply, Communication control. • Active & Pasive tag • See figure 24.4 : Passive & active tag processes, page 624 Prepared by : Zuraidy Adnan, FITM UNISEL

  7. 6.4 RFID architecture • Passive vs Active tag • Passive tag – no battery or power source, wait signal from a reader. • Contains resonant circuit capable of absorbing power from the readers antenna. • Obtaining power from reader device is done using an electromagnetic property known as Near Field. • Antenna and reader must in close proximity to work. • Active tag use battery as its own power source. No need Near Field functionalities. Longer distance. • Semi-passive tag – have a battery but also using Near Field function to power the radio circuits. Prepared by : Zuraidy Adnan, FITM UNISEL

  8. 6.4 RFID architecture • Reader • Can be called also as “interrogator” or “transceivers” • Handheld unit – combination of reader and antenna • Contains system interface such as RS232 serial port or Ethernet jack, cryptographic encoding and decoding circuitry, power supply or battery, communication control circuits. • Middleware • Software that manage the readers and data coming from the tags, and passes to the backend of the systems. • Backend can be standard commercial database such as SQL, MySQL, Oracle, Postgres. Prepared by : Zuraidy Adnan, FITM UNISEL

  9. 6.5 Data communication (RFID) • Tag data • Few bytes to several megabytes • Depends on application and the individual tag • Many proprietary formats, the latest standard Electronic Product Code (EPC) • Replacement of Universal Product Code (UPC) • See figure 24.5 : Typical UPC bar code, page 627. • EPC – use GID-96 format. • GID-96 has 96 bits (12 bytes) of data. 28 bit General Manager Number (identify organization), 24 bit object class (break down product into group), 36 bit serial number, 8 bit header. • See figure 24.6 : Reader & Tag interaction, page 628. Prepared by : Zuraidy Adnan, FITM UNISEL

  10. 6.5 Data communication (RFID) • Tag data • Few bytes to several megabytes • Depends on application and the individual tag • Many proprietary formats, the latest standard Electronic Product Code (EPC) • Replacement of Universal Product Code (UPC) • See figure 24.5 : Typical UPC bar code, page 627. • EPC – use GID-96 format. • GID-96 has 96 bits (12 bytes) of data. 28 bit General Manager Number (identify organization), 24 bit object class (break down product into group), 36 bit serial number, 8 bit header. • See figure 24.6 : Reader & Tag interaction, page 628. Prepared by : Zuraidy Adnan, FITM UNISEL

  11. 6.5 Data communication (RFID) • Protocols • See table 24.2 : RFID Tag protocol, page 629. Prepared by : Zuraidy Adnan, FITM UNISEL

  12. 6.6 Physical Form Factor (Tag Container) • Can be in any form desired to perform required function • Design may be influenced by type of antenna. • May be in form of standalone device, or integrated in other object such as car ignition key. • Cards • Many purposes, such as building access. • See figure 24.7 & 24.8 : Fake credit card showing the RFID chip and antenna, A passive tag’s internal components, page 631. • Key Fobs – Exxon Mobile SpeedPass • Other form factors – E-ZPass (Toll collection system) • See figure 24.9 : E-ZPass windshield-mounted tag, page 633. Prepared by : Zuraidy Adnan, FITM UNISEL

  13. 6.7 Threat and Target Identification • Target, can be entire systems, or a section of the overall systems. • Organization can suffer tremendous loss. • Eg. RFID tag was manipulated in POS, so that the price of an item RM200 was reduced to RM19.95, 90% loss for company. • RF manipulation. • Prevent the tag of an object from being detected by a reader. • Wrap item in aluminum foil, or place it in metallic coated Mylar bag. Prepared by : Zuraidy Adnan, FITM UNISEL

  14. 6.7 Threat and Target Identification • Attack-over-the-air-interface • Four type of attacks :- Spoofing, Insert, Replay, DOS attacks. • Spoofing – Supply false info that looks valid and that the system accepts. Involve a fake domain name, IP add, or MAC. • Eg. Broadcasting incorrect EPC number over the air when a valid number was expected. • Insert – Insert system command where data is normally expected. • Common in website, where malicious code was injected into a web based app. SQL injection. • Can be applied in RFID situation, by having a tag carry a system command rather that valid data in its data storage area. Prepared by : Zuraidy Adnan, FITM UNISEL

  15. 6.7 Threat and Target Identification • Attack-over-the-air-interface • Replay – RFID signal is intercepted and its data is recorded; this data is later transmitted to a reader where it is played back. • DOS – known as flood attacks – signal is flooded with more data it can handle. • RF jamming. • Manipulating tag data • RF dump, RF dump-PDA. Prepared by : Zuraidy Adnan, FITM UNISEL

  16. 6.7 Threat and Target Identification • Middleware • Any point between reader and backend • Eg. Exxon Mobile SpeedPass system. • The weakest point – LAN. Replay and DOS attack can be done. • Social engineering attack. • Connection between data center and credit card centers can also be a point of attack. Prepared by : Zuraidy Adnan, FITM UNISEL

  17. 6.7 Threat and Target Identification • Backend • “Where the money is” • Blended attacks • Combinations of all attacks. To ensure the attack success. Prepared by : Zuraidy Adnan, FITM UNISEL

  18. 6.8 Management of RFID security • Risk and vulnerability assessment • Who, what, when, where, and How. • Hardening the target, Tag, Middleware, Backend • Read : Notes from underground. • Risk management • Validating all the equipments • Tag, Middleware, Backend. • Read : Notes from underground. • Threat management. • Confirming the integrity of the system • Read : Notes from underground. Prepared by : Zuraidy Adnan, FITM UNISEL

More Related