Implications of Data Remanence on the Use of RAM for True Random Number Generation on RFID Tags

1
Implications of Data Remanence on the Use of RAM
for True Random Number Generation on RFID Tags
We Can Remember it for You Wholesale

• Nitesh Saxena and Jonathan Voris
• nsaxena_at_poly.edu, jvoris_at_isis.poly.edu
• Polytechnic Institute of New York University
• Department of Computer Science and Engineering

2
The Problem RFID Random Number Generation

• Most security and privacy solutions for RFID tags
  require true random number generation (RNG)
• True randomness Uses physical noise
• Pseudorandomness Uses a seeded function
• Due to costs, RFID tags are constrained in terms
  of
• Memory
• Computation
• Power
• User interfaces
• What is the best way to perform RNG on RFID tags?

3
Potential Solution RAM Based RNG

• Recent proposal Fingerprint Extraction and
  Random Numbers in SRAM (FERNS) by Holcomb et. al
  RFIDSec 07ToC 09
• Derives a fingerprint from uninitialized memory
• Fingerprint can be used as
• An identifier
• A source of randomness
• Huge advantage No new hardware required for RNG

4
Potential Limitations of RAM Based RNG

• Amount of randomness is restricted by amount of
  unused memory
• RFID tags dont have much to begin with
• Other functionalities also utilize RAM
• After a portion of memory has been used for RNG,
  must wait for it to become uninitialized before
  using again
• How often does this occur with standard RFID
  usage?
• Can RAM based RNG generate sufficient randomness
  for RFID security and privacy protocols?

5
RFID Overview

• RFID infrastructure consists of
• Tags small transponders
• Readers wirelessly query tags
• Tags commonly
• Are passive derive power from reader
  transmissions
• Have little memory and computational power
• How can random numbers be generated under these
  constraints?

6
Intels WISP Tags

• Wireless Identification and Sensing Platform
  (WISP) by Intel Research
• First programmable passive RFID tag
• Onboard TI MSP430 microcontroller
• 512 bytes of RAM
• Allowed work with a live RFID tag
• Alter functionality
• Probe memory

7
Using Memory for RNG (1)

• FERNS approach
• RAM cells power up into a stable 0 or 1 state
• Which state depends on physical properties
• Large threshold voltage mismatch reliably enter
  one state
• Small mismatch take on value randomly
• Physical noise of well matched cells supplies
  entropy

8
Using Memory for RNG (2)

• Desirable RAM cells are randomly distributed
• An extractor is needed to pull them together
• Can use a hash function
• PH Universal Hash Function
• Suitable for low-cost hardware implementation

9
Data Remanence

• Popular belief data held in RAM is lost as soon
  as power is removed
• Not accurate! Data takes time to decay
• Brief interval after power loss where data
  remains intact
• Known as data remanence
• Decay rate varies
• Between particular chips
• With temperature
• What implications does
• this have on RAM
• initialization frequency?

Source Halderman et. al USENIX 08
10
RFID Authentication (1)

• RFID tags designed to respond promiscuously to
  any query
• Tag forging is relatively simple
• Query a tag to obtain its data
• Program a new tag with an identical value
• Cryptography is expensive, so traditional
  solutions are ill-suited to low cost tags

11
RFID Authentication (2)

• New authentication solutions developed to address
  tag shortcomings
• HB is one of the best known
• Challenge-response scheme based on HB human
  authentication protocol
• Requires only bitwise logic gates and high
  quality random numbers
• For 80-bit security, either
• 80 rounds where tag generates a 224 bit random
  value
• Single round where tag generates a 17,920 bit
  random value
• Can RAM based RNG generate sufficient randomness
  for protocols like HB?

12
Experimental Setup

• Used 4 WISP 4.1 tags
• Desktop computer
• TI MSP-FET430 debugging interface
• Impinj Speedway RFID Reader

13
WISP RNG Implementation (1)

• Implemented FERNS on a WISP tag
• Reduced the PH hash input block size from 64 bits
  to 16 bits
• Reduced output to 37 bits from 133
• Practical consideration no need for multiple
  precision data types
• Theoretical benefit produces slightly more
  random bits (148 vs 133)

14
WISP RNG Implementation (2)

• Preliminary test
• Tag generates a single 37 bit hash from 512 bits
  of uninitialized RAM
• Tag transmits hash value to the reader through
  its EPC ID
• Noticed identical values being transmitted
• Certainly not random!
• Why?

15
WISP Data Remanence (1)

• Broke WISP memory into blocks and sent through
  EPC ID
• Uninitialized memory was not changing!
• Data was being retained between queries
• Tags derive power from reader transmission
• While continuously polling, tag never loses power
• Memory not reinitialized between queries

16
WISP Data Remanence (2)

• How long is data retained in WISP memory?
• Used data remanence methodology from Halderman
  et. al USENIX 08
• Attached WISP to debugger
• Provides power
• Allows direct reads/writes to tag memory
• Fill WISP memory with a pseudorandom pattern

17
WISP Data Remanence (3)

• Next, detached WISP from debugger
• Deprives tag of power
• Waited a certain length of time
• Reattached to debugger and read back memory
  contents
• Decay rate is the Hamming distance between the
  original pattern and the value read back
• Since pattern was pseudorandom, expected to have
  equal amount of each bit
• Thus Hamming distance of 50 pattern length
  indicates full decay

18
WISP Data Remanence (4)

• Took samples after removing power for 0 to 60
  seconds at 5 second intervals
• Tests performed on 4 WISP tags

19
Remanence Results (1)
20
Remanence Results (2)
21
Remanence Results (3)

• Initial 15 second period of little (lt 1)
  decay
• 15 seconds of rapid decay
• Slow decay of whatever remained
• Depending on particular tag, WISPs require 25 to
  30 seconds without power for complete decay

22
Available Memory on WISPs (1)

• How much uninitialized RAM is available on a
  WISP?
• At the very least, EPC protocol stack must be in
  RAM
• Loaded tags with default firmware
• Checked how much space was available for
  additional data
• 512 136 376 bytes available

23
Available Memory on WISPs (2)

• 376 bytes is a best case
• Not all mandatory aspects of the EPC protocol are
  implemented
• Assumes no space occupied by the authentication
  protocol itself
• Earlier versions (2.0/2.1) of WISP tags have 256
  bytes of RAM
• 112 bytes available for hashing Czeskis et al.
  CCS 08
• 5-10 cent RFID tag projected to have 128 bits max
  Juels and Weis CRYPTO 05

24
Practicality of RAM Based RNG (1)

• How feasible is it to use RAM Based RNG for RFID
  authentication protocols?
• Taking HB and HB as examples
• For 80 bit security,
• Parallel HB requires 17,920 random bits
• HB requires 512 random bits (but requires more
  memory itself)
• Estimated 0.103 bits of entropy per byte of RAM -
  Holcomb et. al RFIDSec 07
• Based on remanence results, a 30 second wait time
  is required between reads

25
Practicality of RAM Based RNG (2)

• For WISP 4.1
• 309 random bits available
• For HB
• 58 memory hashes required
• 28.5 minutes of wait time
• For HB
• 2 memory hashes required
• 30 seconds of wait time

26
Practicality of RAM Based RNG (2)

• For WISP 2.1/2.0
• 118 random bits available
• For HB
• 152 memory hashes required
• 76 minutes of wait time
• For HB
• 5 memory hashes required
• 2.5 minutes of wait time

27
Effect on RFID Usage Model

• Consider contactless RFID access card usage model
• Reader continuously polling
• User swipes card in front of reader
• Access card would have to be taken out of range
  of reader to let memory cool down
• Users would have to repeatedly bring card in and
  out of reader range
• How to tell when you are out of range and for how
  long?
• Hardware could be used to shut down RAM between
  RNG uses
• Would add complexity and cost
• Would still have to wait

28
Potential Attacks

• If an adversary could continuously supply power,
  could force tag to reuse RAM values
• Values would be predictable
• Undermines protocol security
• If tag was locked down between RAM uses,
  adversary could DoS tag instead
• Worse than normal jamming just issuing queries,
  not jamming spectrum

29
Conclusion

• Have shown practical shortcomings of RAM based
  RNG for RFID tags
• Memory is in short supply
• Data remanence leads to longer than expected wait
  times between RAM uses
• RAM Based randomness is still attractive due to
  hardware reuse
• But seems insufficient on its own
• Future work investigate using sensors as an
  entropy source

30

• Thank you!