Home Internet of Things Aerospace Apparel Energy Defense Health Care Logistics Manufacturing Retail

RFID Security Consortium Receives $1.1 Million NSF Grant

Comprised mostly of academics, the group hopes to develop ways to improve security measures for RFID systems, and to incorporate the study of RFID into engineering curricula.
By Mary Catherine O'Connor
In addition to enabling payment and automatic-ID applications, Juels explains, RFID systems can also be used as security tools, such as key fobs for cars or contactless smart cards in access control. However, as currently deployed, these types of tags do not have sufficient protections from hackers. Adding cryptography to tags, especially to passive ones with small amounts of onboard processing power, represents a major challenge to cryptographers. Still, overcoming this hurdle is of increased importance as RFID technology proliferates.

When securing data in an RFID system, Juels says, there are two main goals: to scale security down to the constraints (limited memory) of the tag; and to scale security up in the back-end systems that also store sensitive data.

The consortium will include an advisory committee, currently composed of RSA and California's Bay Area Rapid Transit (BART). According to Juels, the consortium hopes to grow the committee. Its role will be to present an industry perspective on the security tools and policies proposed by the consortium. "[The advisory group] has committed to giving [CUSP] a dose of reality as to whether what we devise makes sense in real-world applications," explains Juels.

William Wong, principal engineer of the Automatic Fare Collection Capital Program for Transit System Development department at BART, will sit on this advisory committee. "BART is interested in the technology used to improve the security of smart cards," he says, "and the research that Professor Fu is conducting may benefit mass transit in the future." BART has piloted an RFID-based transit-card system and has begun to roll it out.

"Our plan is to look at ongoing deployments and how to make them strong in respect to privacy and authentication," explains Juels. The consortium's first planning meeting is scheduled for later this month. CUSP does not yet have any other fixed timeline at present. However, in the next year or so, it hopes to develop authentication techniques compatible with Electronic Product Code (EPC) tags and readers (interrogators).

Login and post your comment!

Not a member?

Signup for an account now to access all of the features of RFIDJournal.com!

Case Studies Features Best Practices How-Tos
Live Events Virtual Events Webinars
Simply enter a question for our experts.
RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations