The Business Case for Attacks Against RFID Applications

By Lukas Grunwald

The goal of instituting RFID security measures should be to find a balance between an investment in security and the resulting business benefits.

image_pdfimage_print

These days, companies are employing radio frequency identification to help raise the bar against cloning and counterfeiting. Examples include adding RFID tags to ink cartridges for desktop printers and one-time-use components for medical devices. What do such diverse products have in common? In both cases, the suppliers of these goods generate recurring revenue from selling disposables rather than the devices that utilize them. The disposables have wide adoption in the market place, high profit margins and a potentially low barrier for counterfeiting.

These are the key ingredients providing the ideal breeding ground for criminal activity. When a manufacturer sees noticeable drops in its revenue due to cheaper counterfeits appearing in the marketplace, it often turns to RFID, hoping to prevent such counterfeiting. However, if the company selects an inadequate solution, or implements it poorly, then RFID is of little help.




Let’s consider the case of a printer manufacturer selling ink jet printers and matching ink cartridges. As is typical for the industry, the manufacturer does not make money by selling the printers themselves, but rather the ink cartridges. To prevent counterfeiting, the firm attaches RFID labels to every cartridge it ships, and equips every printer with an RFID interrogator. The reader then verifies the data on the tag before printing, in order to prevent the most common type of “attack”—unauthorized refilling of used ink cartridges.

The manufacturer may allow certain authorized partners to make third-party ink cartridges, or to refill original ones. For this purpose, the company could provide new RFID tags for relabeling, or offer a programming station for resetting the original labels to factory settings so the refilled cartridges will operate in RFID-enabled printers. After the RFID system is deployed for a year, however, the company still notices a 12 percent revenue loss due to counterfeit cartridges and refills. What has happened?

One possibility is that the firm chose an inadequate anticounterfeiting technology. For example, the system’s security is almost insignificant if it relies entirely on unique tag IDs or tag data that is read-only. In such a situation, information can be copied to another compatible tag that is writeable. In the process, the data can be modified arbitrarily. The original tag can then be replaced with the cloned one to fool the system. If an attacker understands the semantics of the data stored on the tag (figuring out the semantics is often a trivial matter), he can tailor a tag that the printer will accept as genuine. Depending on the implementation, even a “magic” tag may be possible that will always be accepted by the printer and never expire, even after an unauthorized refill.

But let’s assume things are not that simple. The company implemented an RFID application in which the system’s security relies on a slightly more expensive type of tag with cryptographic features: The tags provide mutual authentication and data encryption. Here, security relies on knowledge of a shared secret key (meaning both the RFID reader and each tag need to know the same secret key). The crypto features make cloning and tampering more difficult to achieve, but a number of things can still go wrong.

For instance, the secret key may still easily be extracted from either the tag or the reader. After obtaining the key, an attacker can produce an unlimited number of clones until the key is revoked (which would likely be impractical if there were a large number of printers in the field and no network access to them). It is a common misconception that key-extraction attacks are purely academic—that the only feasible physical attacks require expensive equipment and considerable expertise, such as the ability to take a chip apart and reverse-engineer its internal circuitry on the lowest possible level using an electron microscope. If that were indeed the case, then the cost for breaking a single tag would, by far, exceed the price of the product it protects.

It is true that groundbreaking research to uncover a tag’s security weaknesses is often conducted in academic circles. But once a tag’s weaknesses are identified and published in academic papers, the ultimate result of that work is often a simple piece of software anyone can download from the Internet. With that at hand, an attacker need only use a standard RFID interrogator to listen in on legitimate communication between a genuine reader and tag. Once sufficient sample data is captured, the software can perform a brute-force attack against the recorded data stream. A brute-force attack utilizes a powerful hardware platform to try out all possible key combinations in a structured way until a match is found. This type of soft attack typically takes only a few hours on a standard notebook computer to achieve, and reveals the same secret keys without the need for a complex physical attack.

Another way to extract keys is for an attacker to focus on the host system—in this case, the RFID reader and the components of the printer communicating with it—rather than the tag. This makes sense since the interrogator, just like the tag, must store the secret key. Keys are often not protected there at all, due to an attack against the host system not having been considered at design time. Or, it may be possible to disable the RFID reader inside the printer altogether and, as a result, trick the system into accepting any kind of ink cartridge. Such tampering with the printer hardware would typically be performed by an end user—for example, by following instructions published by counterfeiters on the Internet. This would be an example of poor implementation rather than wrong technology choice.

What can be done to solve the printer maker’s revenue-loss problem? Clearly, the current system’s level of security is inadequate and needs improvement. There are many technologies available that can help in that regard: Strong encryption and digital signature algorithms can effectively make any modification of tag data detectable; tags can be designed to be tamper-proof so they will self-destruct when peeled off as part of an attack involving relabeling; and hardware chips can be given a secure place to store secret keys, thereby making it very difficult to extract the precious secrets stored inside. Considered individually, all of these elements are just pieces of technology, but not a secure solution. It takes skill to choose the proper technologies and implement them flawlessly.

For a printer manufacturer whose core business is not security, it is possible, though costly, to develop the requisite security expertise in-house. However, the constant evolution of technologies available to protect businesses from fraud, as well as the tools available to hackers to perform ever more sophisticated attacks against them, makes this a tedious, never-ending battle. Instead, it may be more advantageous to outsource RFID security to experts in this field. In either case, it is essential to take a holistic view of the system that requires protection end-to-end, judge which types of attacks are realistic from a business perspective, and then pick the right technologies based on their actual value and applicability, and implement them correctly.

As with every system, the RFID application described above is only as secure as its weakest link. If a financial incentive exists to break the system, hackers will analyze the entire system in order to identify weak spots, then break the system where they find the least amount of resistance. Therefore, any RFID application should be designed with security in mind—particularly when the application’s sole purpose is protection from tag cloning and product counterfeiting.

A good starting point is to understand the business case of potential attackers and develop a threat model around that concept. This approach leads to a list of attacks, along with the likelihood of their occurrence. From there, potential revenue losses can be quantified to help make an informed decision regarding which level of security is required. There is no perfect security—rather, the goal should be to find a proper balance between an investment in security and the resulting business benefits, such as a decrease in revenue loss and brand protection.

Lukas Grunwald is the CTO and cofounder of NeoCatena Networks, a supplier of RFID security solutions dedicated to protecting high-value items from cloning and counterfeiting.