RFID and privacy

1
RFID and privacy
2
Introduction

• Because of reductions in size and cost, RFID has
  gained rapid acceptance as a means of tracking
  objects in recent years.
• Widely-implemented applications include automatic
  toll-payment, supply-chain tracking, others.
• Countless other applications have been proposed
  or are under research.

3
What is RFID?

• Compact combination of antenna and Microchip
• Can be active with power source, or more
  commonly, passive. Passive type is powered by
  radio signal from scanner.
• Responds to scanner signal by transmitting data.
• Readable from inches to many feet away, depending
  on chip and scanner.

4
Passive chips can be made small enough to be
almost unnoticeable, and of course are getting
smaller
Source Hitachi
As well as Cheaper They can cost 10-20 cents
each.
5
First Paper

• Extending the EPC Network The Potential of RFID
  in Anti-Counterfeiting, Staake, Thiesse, and
  Fleisch, 2005 ACM Symposium on Applied Computing.
• Proposes an extension to the current standard for
  RFID information lookup, using cryptography to
  validate the identity of products.

6
Motivations

• Economic Counterfeiting is a growing problem
  relative to total amount of trade, and has
  negative implications for producers.
• Health and Safety Many commonly counterfeited
  items, such as pharmaceuticals, are critical to
  health and safety.

7
EPC

• Used for product inventory and tracking.
• EPC, Electronic Product Code, is the descendant
  of the old UPC numbers found in bar codes.
• Unlike UPC, each EPC identifier refers to an
  individual object, not just a class of objects
  (i.e. a product line).

8
ONS

• Object Naming System
• Modeled after DNS
• Can be used to match any EPC in the system with
  its corresponding object description and status
  (where sold, shipped, etc.)

9
ONS Continued

• Like DNS, there is an ONS root server and network
  of ONS servers that refer query down hierarchy
  until authoritative EPC-IS server is found.
• EPC-IS server contains actual record for the
  product associated with the ID.

10
The EPC Infrastructure
11
Counterfeit Prevention

• Authors note that plain-text EPC codes can easily
  be cloned by counterfeiters, so current EPC
  standard cannot be used for authentication.
• Propose using slightly higher-cost RFID chips
  with enough CPU power to do crypto.
• Use a shared key known to the RFID chip and EPC
  system.

12
Counterfeit Prevention

• Authentication Process
• RFID chip sends EPC ID
• Cryptographic Unit CU within ONS replies with
  randomly generated challenge
• RFID encrypts challenge with shared key,
  returning encrypted version.
• CU uses key on file to verify challenge is
  encrypted correctly

13
Illustration of proposed solution
14
Second Paper

• When Big Brother Privatizes Commercial
  Surveillance, the Privacy Act of 1974, and the
  Future of RFID, John M. Eden, Duke Law
  Technology Review 2005
• Presents an overview of some of the privacy
  concerns and challenges posed by RFID

15
Benefits

• RFID is in many ways a revolutionary technology,
  and has beneficial applications that are already
  being realized
• Examples
• Detection of food spoilage
• Streamlining of supply chains

16
More controversial uses

• Currency
• Already in use at some private businesses
• Proposal to embed RFID in currency in Europe
• Pros Hard to fake, hard to steal, easy to
  carry, easy to replace.
• Cons (for consumer) Anonymity of cash
  diminished.

17
Controversial apps contd

• Identification
• Already in wide use in smart ID cards which can
  be waved over reader to unlock doors and provide
  access to secure areas.
• U.S. State department recently proposed putting
  RFID in passports with all personal data encoded
  on chip.

18
Controversial apps contd

• Implantation
• EPA recently approved implantable RFID chip for
  human use, to contain medical records.
• Concerns about tracking, privacy of med records,
  safety.
• Already being used for other applications,
  regulars at a Barcelona nightclub have been
  getting implants as convenient ID and to track
  bar tabs. (http//technology.guardian.co.uk/online
  /story/0,3605,1234827,00.html)

19
Orwellian Surveillance?

• According to author, the classic Orwellian
  government tracking scenario is not a realistic
  fear at this time.
• Would require an enormous network of integrated
  sensors
• Would require the tagging of everyone.

20
Corporate Surveillance

• However, corporate tracking is a real risk that
  is already beginning to be realized.
• Loyalty cards with RFID already being introduced.
• Adoption of Loyalty cards can be seen as being
  coerced by price differences.
• Possibility of targeted advertising, based on
  items selected in a store (a la Minority Report),
  requires a reader rich environment.

21
Corporate Surveillance Contd

• With EPC, ability to read other retailers tags
  will soon be widespread, allowing retailers to
  ascertain customers preferences.
• Tags embedded in many products, such as clothing,
  and difficult to find by consumer or to determine
  whether it has been turned off.
• Consumers could be walking around broadcasting
  all products they are using.

22
Corporate Surveillance Contd

• Proposal to include kill switch in RFIDs to allow
  retailers to deactivate devices when purchased.
• Author believes that this solution will not be
  effective because it is voluntary on part of
  retailers, and they have no incentive to
  deactivate RFIDs.

23
Current Privacy Laws

• With the exception of healthcare privace laws,
  current laws are very narrowly written, and do
  not apply to how data is collected, or apply only
  to communications, not transactions.

24
Proposal

• Author Proposes an amendment to the Privacy act
  of 1974 which would require permission before
  aggregating this data.