We demonstrate anti-cloning techniques for o-the-shelf EPC tags, overcoming practical challenges in a previous proposal to co-opt the EPC \kill" command to achieve tag authenti- cation. We study the implications of these vulnerabilities to overall system security, and oer suggestions for improvement. We measure multi- ple weaknesses, including susceptibility to cloning, extended read ranges, and the ability to remotely kill a WA EDL. As a central case study, we examine the recently issued United States Passport Card and Washing- ton State \enhanced drivers license" (WA EDL), both of which incorporate Gen-2 EPC tags. We explore the systemic risks and challenges created by the increasingly common use of EPC for secu- rity applications. However, end-users of security applications can still benefit from the increased tag cloning resistance that serialized TID numbers provide before migrating to more secure solutions.ĮPC (Electronic Product Code) tags are industry-standard RFID devices poised to supplant optical barcodes in many applications. The analysis illustrates that the practical hurdle of TID checks is not high enough for industrial-scale security applications and that it can completely diminish due to commodification of the RFID technology.
In this overview paper, we analyze the suitability of serialized TID numbers for security applications by evaluating the effort to bypass the TID check based on known vulnerabilities and we compare this effort to the needed level of protection in an example of anti-counterfeiting in the tobacco industry. Furthermore, serialized TID numbers are important for end-users who want to protect their current UHF tags from cloning since cryptographic tags are not yet commercially available in that frequency range. Serialized TID numbers do not provide any cryptographic protection, but they do introduce a practical hurdle against adversaries who want to clone RFID tags today. Though transponder ID (TID) numbers of RFID tags were originally introduced to identify the chip model, serialized TID numbers are currently advertised as security features of UHF chips.
At this point, we see future promise in the design and use of mock ID infrastructure for public engagement during relevant policy deliberations about ID schemes and databases which contain personal information. Designed in the spirit of serious play, our mock ID infrastructures make the security and civil liberties challenges inherent in the proposed combination of ID cards and databases more visible, while demonstrating how such ID schemes work.
This paper reports on our attempts to create spaces for ‘playful’ engagement with RFID-based ID scheme technology at a time of ‘serious’ policy deliberations. We also worked closely with civil society organizations to run public engagement activities. Influenced by participatory design and probe approaches to technology design, we built and tested mock infrastructures of RFID-based identification systems including low fidelity paper prototypes, and high fidelity prototypes using RFID-chipped cards, a database, antenna and reader. This project began with the goal of designing prototypes to demonstrate security and civil liberty concerns with a new RFID-based identification (ID) scheme in Canada. It became evident, as we attended legislative hearings, that parliamentarians needed clarifications to understand how the RFID identification scheme would function in practice. As researchers, we were closely involved in following the EDL policy development process. In Canada, four provinces recently implemented RFID based ‘enhanced’ drivers licences (EDL) in response to the United States’ Western Hemisphere Travel Initiative (WHTI), which requires all persons entering the United States to present a valid passport or alternative ‘secure’ document to prove their identity and citizenship. In many jurisdictions around the globe, governments are developing ID schemes based on radio frequency identification (RFID) and biometric technologies.