RFID Tags for Critical JSF ComponentsSubAssemblies

1
RFID Tags for Critical JSF Components/Sub-Assembl
ies

• Alfio Grasso
• Deputy Director
• Auto-ID Lab, ADELAIDE

2
Agenda

• Background on Auto-ID Lab
• RFID
• RFID Security Authentication Primitives
• Project Activities
• Management
• Timescale
• Risks
• Deliverables
• Market Opportunities
• Conclusions

3
Adelaide, Auto-ID Lab
4
The Auto-ID Laboratories
5
Auto-ID Labs

• One of 7 Auto-ID Labs around the world
• MIT, USA
• Cambridge, UK
• Adelaide, Australia
• Keio, Japan
• Fudan, China
• St Gallen, Switzerland
• ICU, Korea

6
Auto-ID Lab Advantage

• RFID Lab has been operating for more than 3
  decades
• Commercial successes in RFID Commercialisation
• RFID in Library, vehicle (toll, access), rail,
  waste management
• International Collaboration
• ASIC design, development and implementation
• Collaboration with ChipTec
• Security Authentication
• Design of compact metal mount tags
• Beer kegs, wine closures, animal tags,
• Standards Experience
• ISO and EPCglobal
• Intellectual Property
• 21 patents
• Know how

7
RFID

• Radio Frequency Identification
• Automatic Data Capture
• Uses RF to communicate
• Basic Elements
• Tags
• Readers/Antennas
• Host CPU

8
Host CPU

• Application
• Do something with the tag information
• Potential to generate massive amounts of data
• Once installed it costs virtually NOTHING to read
  a tag!
• Real time data gt real time decisions
• 0HIO (Zero Human Involvement Operations)
• Term defined by John Greaves, CHEP International

9
Security Work

• Elliptic Curve Cryptography
• One Time Codes
• Shrinking Generators
• Physically Unclonable Functions

10
Elliptic Curve Cryptography

• Uses the discrete log problem
• but over a finite abelian group of points x, y on
  an elliptic curve
• y2 x3 ax b mod (p)
• ECC keys can be shorter for the same security
  when compared with other systems
• No mathematical proof of the difficulty has been
  published but the scheme is accepted as a
  standard by USA National Security Agency.
• Keys must be large enough.
• A 109 bit key has been broken (roughly same
  security to RSA 640)
• 160 bits ECC - same security as RSA 1024 bits.
• 224 bits ECC - same security as RSA 2048 bits.

11
One Time Codes

• Have available a set of purely random numbers in
  the tag and matching tag dependent number in a
  secure data based
• Need a large supply to cater for many
  authentications
• Options
• Reserve a pair for final authentication by end
  user
• Recharge in a secure environment
• Assume an eavesdropper cannot be every where and
  use old codes for identity change for fresh
  reader or tag authentications

12
Shrinking Generators

• Two linear shift registers, A (data) and S
  (sampling), with different seeds, clocked
  together.
• Outputs are combined as follows
• If S is 1, output is A
• If S is 0, there is no output and another clock
  is applied
• This scheme has been resistant to cryptanalysis
  for 12 years.
• No known attacks if
• feedback polynomials are secret and
• registers are too long for an exhaustive search.

13
Shrinking Generator

• Shrinking Generator
• Minimal hardware complexity
• Shrink the output from LFSR R1
• Produce irregular sequence K
• Practical alternative to a one time pads
• Known attacks have exp time complexity
• Keep connection polynomials secret
• Use maximum length LFSRs

14
Simple challenge-response protocol

• Reader chooses a challenge, x, which is a random
  number and transmits it to the label.
• The label computes and
  transmits the value y to the reader (here e is
  the encryption rule that is publicly known and K
  is a secret key known only to the reader and the
  particular label).
• The reader then computes
  .
• Then the reader verifies that .

15
Physically Uncloneable Functions

• Exploits gate and wire delay variations due to IC
  fabrication process
• Use of PUFs on RFID tags to securely store keys
• 800 challenge-response pairs to uniquely identify
  over 109 chips

16
Editor of Security Book

• Prof. Peter Cole and Damith Ranasinghe
• Joint editors of a Springer-Verlag book, soon to
  be published
• Networked RFID Systems and Lightweight
  Cryptography Raising Barriers to Product
  Counterfeiting.

17
Project Activities
18
Project Activities

• Define User Requirements (Use Cases)
• Investigate and document the uses of RFID in the
  JSF program
• manufacturer, supply chain, deployment, support
  and maintenance
• Develop at least one authentication scheme using
  passive RFID tags, based on one or more use cases
• Develop Vendor Extensions to EPCglobals Class 1,
  Generation 2 standard to implement the
  authentication scheme, ISO 18000 Part 6 Type C
• Design, Fabricate and Test the proposed vendor
  extensions to commercially available C1G2 ASIC
  implementations
• Design RFID Tag Antennas for one or more use
  cases
• Develop Demonstration Software for authentication
  based on C1G2 Vendor extensions
• Undertake and participate in field trials
• Provide documentation to JSF Industry Partners

19
Theory of Operation

• Commercial RFID C1G2 readers will be used to
  identify the tags
• The unique identity (UID) stored on the tag is
  anticipated to be the DoD Identity Type as
  defined in EPCglobals Tag Data Standards V1.3
• The DoD Construct identifier is defined by the
  United States Department of Defense.
  (http//www.dodrfid.org/supplierguide.htm)

20
Secure Data

• Once the reader identifies the UID (unique
  identifier), the reader passes the UID to the
  Application
• The Application uses a secure connection to a
  secure database to determine the authentication
  codes applicable to the Tag.
• The application then encrypts and sends the
  appropriate authentication code, via a C1G2
  Vendor extension to the tag.

21
Tag Confirms Legitimate Reader

• Once the tag receives the encrypted
  authentication code via the vendor extension, if
  valid it will respond with its authentication
  code, also encrypted.
• If not valid it will respond with a random number
• In both cases care will be taken to prevent side
  channel attacks
• e.g. by monitoring Power Supply

22
Verification by Reader

• Once the encrypted response is received and
  verified
• The Tag has authenticated the RFID Reader, and
• The RFID Reader has authenticated the Tag

23
Management
24
Project Plan
25
Timescale

• Use cases developed in the first year
• ASIC implementation in the second year
• Testing, Field Work and Documentation in the
  third year
• Seeking Industry Partner
• Assist in use case definitions
• Application Software Commercialisation
• Tag Rollout
• First products in 2010
• Ongoing and through life support

26
Risk Management

• 18 Risks Identified
• Likelihoods Low to Medium
• Commercial Participation (Medium)
• Technical Risks (Low)
• Schedule Risks (Low)
• Impact Low to High
• Commercial Participation (High)
• Technical Risks (Low)
• Schedule Risks (Low)

27
Deliverables

• Use Case Report
• ASIC Implementation Plan
• ASIC Design
• Field Trial Report
• Design Package

28
Market Opportunities
29
JSF Block Development

• Assuming a 2007 start, JSF Block 4 is the
  earliest possible deployment

30
Industrial Partnerships

• Assist in the research in developing use cases
• Develop systems for the deployment of RFID tags
  for JSF components and sub-assemblies.
• Develop, possibly with further collaboration with
  the Auto-ID Lab Adelaide other use case
  solutions.
• Develop, possibly with further collaboration with
  the Auto-ID Lab, Adelaide other RFID antenna form
  factors.
• Develop and commercialise the prototype software,
  which was used to demonstrate one or more use
  cases, into system software for the deployment of
  the technology into JSF programs.
• Develop commercial applications of the RFID tags
  for non-military applications.
• Develop commercial applications of the System
  Software for non-military applications.
• Provide operational support, needs analysis and
  logistics, to manage the deployment of the
  technology into JSF programs, throughout the JSF
  life span.

31
Commercial Market

• Authentication and anti-counterfeiting a world
  problem, OECD reports that counterfeits are
• 50 of motion pictures
• 40 of business software
• 33 of music
• 10 of clothing
• 10 of automobile spares
• 10 of the worlds pharmaceuticals
• US and others mandating Pedigree Laws
• Solutions developed have huge commercial
  opportunities

32
Conclusions
33
Conclusions

• RFID has low to moderate technical risk
• Auto-ID Lab commercial success in RFID
  developments
• Significant research already undertaken in RFID
  and security/authentication
• Looking NOW for Industrial Partners
• Significant opportunity for JSF
• Australia International
• Significant JSF and Commercial opportunities for
  Industrial Partner(s)