Data-security vendors sometimes get tall orders from customers. Not unheard of are: “I’d like a good digital signature system… with 20-bit keys” and “I want to use one-time pads for encryption… and I need to compress them.” But one of the most challenging I’ve heard was recently offered up by colleagues in the RFID (Radio-Frequency IDentification) industry.
Barcode-type RFID tags contain codes that can precisely identify consumer items. (E.g., “This is a 100-count bottle of 45mg Oxycontin® tablets.”) Such tags can therefore betray private information about consumers to nearby RFID readers. Barcode-type RFID isn’t often on store shelves yet, but may well be soon. Consequently, some in the RFID industry say:
(1) “I want RFID tags that are readable by all of my commercial partners in the supply chain, but…”
(2) “I don’t want the item codes to be readable once tags reach consumer’s hands.”
Many RFID tags respond to a “kill” command–a self-destruct feature for privacy protection that’s enabled by a tag-specific password. The two requirements above are achievable if tags are “killed” at the point of sale. But the RFID industry request includes two more requirements:
(3) “I don’t want to manage any keys, e.g., kill passwords.” (Tags cross geographies and organizations in tortuous ways that thwart good key management.)
(4) “I don’t want to require any special physical process to protect tags.”
A tall order indeed! And to top it off, the industry is already wedded to an RFID standard tag called EPC (Electronic Product Code) whose technical specifications are largely fixed (and austere).
RSA Labs and ThingMagic LLC have devised what we see as a practical solution to this tricky problem–and similarly to the problem of managing keys for tag authentication.
Bryan Parno, an RSA Labs summer intern from Carnegie Mellon University, will be presenting the solution at USENIX Security ’08 next week.
The basic idea is simple: We propose storing RFID tags’ keys on the tags themselves. It’s also counterintuitive: After all, how can keys be used to secure the very devices in which they’re stored?
For the answer, have a look at our research paper…