Secure Contactless Sphere Smart RFID-Technologies for a

Secure Contactless Sphere
Smart RFID-Technologies
for a Connected World
Werner Haas, Herwig Zeiner &
SeCoS Konsortium
Graz, am 7. Oktober 2013
Motivation
Das „Web of Things“
Vernetzung von Menschen mit diesen
physischen Objekten
Interaktion mit den physischen
Objekten / der Objekte untereinander
Sicherheit gewährleisten
Schutz der Privatsphäre
Sichere Gesamtlösung
Elektronik weiterentwickeln
Höhere Reichweite
Schnellere Übertragung
+
+
4
Projektaufbau & Ergebnisse
Community Building
Future Applications Demonstrations
P1:
Web of Things
Application
Platform
P3:
Contactless
Transmission
Technologies
1. Social Connected City
2. Product Software
Updates in User Self
Service
3. Industrial Lean
Maintenance
4. Theft Protected
Object
5. Fraud Protected
Product
P2:
Integrated
Secure
Technologies
Access Without Permission
A Practical RFID Relay Attack
Proximity
>50m via
Bluetooth
Roman Silberschneider, Thomas Korak, and Michael Hutter, Austrochip 2013
Mobile Security
Research Results
Mobile devices as RFID reader platforms
Security/privacy vulnerabilities of reader
platform might impact the security/privacy of
IoT applications
E.g. (data dependent) information leakage
during computations
Execution times
Power consumptions
EM emanations
…
9
Timing Attacks (1)
Exploit execution times of secret
computations to recover secret data (e.g.,
cryptographic key)
Why does the execution time vary?
Conditional execution of instructions
Retrieving data from different
memory locations
Cache access  Data retrieval almost
immediately
Main-memory access  Data retrieval takes
more time
10
Timing Attacks (2)
Approach
Gather measurement samples of multiple
AES encryptions
Statistical analysis of execution times 
recover (parts) of the secret key
Results
3 mobile devices (tablets and smartphones)
Reduced 128-bit AES key to ~58-bit AES
key  potential security vulnerability
For further information see list of
publications at http://www.comet-secos.at 11
MMID – mm-wave RFID
MMID system simulations:
TX
FWD
Base Station
Channel
RX
BWD
Transponder
Channel measurements:
Using prototype antenna
fc: 63 GHz, BW: 8.5 GHz
Half power beam width: 40°
Gain: 10 dB
Philipp Franz Freidl, Michael Gadringer, IHF
12
Smart City
RFID in Public Transport
Fare collection
Operating company
Data on traffic streams
Basis of optimizing
bus/train schedules
Active check-in/
active check-out
Passive checkin/check-out
High cost transponders
User acceptance?
Solution:
Active check-in/Passive
check-out
13
Status Dual RF Interface AFE
(active check-in/passive check-out demonstrator)
Elaboration of preliminary specifications based on expected
application conditions
Extension of investigation towards semi-passive operating mode
Adoption of existing IP-blocks for HF mode operation
Design UHF power conversion unit (PCU) in an ultra deep
submicron technology
High efficiency charge pump along with limiter circuits and
ESD structures
Design in an advanced pre-layout state
Design UHF demodulator with optional high-sensitivity mode for
semi-passive operation
Square-law detector, baseband amplifier and low-power wakeup
Early concept phase
Expected tape-out of test-chip featuring UHF PCU and first
versions of building blocks of the UHF demodulator: Q2, 2014
14
Wireless Sensor Node
with NFC support
Wireless Sensor Network Nodes
for Home Automation
WLAN Router as WSN Gateway
WLAN
W-Mbus
home charging stations
NFC
P = 300W
E=1200kWh
Light:On/Off
Lock and unlock your
home charging station
Monitor the power consumption/
power metering of appliances
Control appliances
FiND-iT RFID Starter Kit
RFID Journal’s FiNDiT Kit provides a
complete UHF RFID
solution for small
businesses and
offices, home offices
and consumers to
identify, confirm and
track assets or items
right out of the box.
Theft Protected Object
1. Tags anbringen
3. Schutzzone verlassen
2. Schutzzone betreten
4. Diebstahlserkennung
18
Trends
Infineon secures eGovernment services
(eID for South Africa)
Complete Identity Protection with
SmartMX NXP Technology
NXP has delivered more than two billion
secure SmartMX microcontrollers for
Smart Cards and the National Identity
Card
New Features for RFID Sensors (AMS
markets a new generation of RFID
sensors)
Smart Webzine: Newsletter #210 - 10/04/2013 - | www.smart-webzine.com
Trends
Massive Growth of Mobile Payments in
Canada
New EU rules on personal identity
New Directive on Payment Services
(PSD-2)
A wind of madness blows on ICT
Panic seizes our leaders who suddenly
are discovering the weakness of our
communication systems.
Smart Webzine: Newsletter #210 - 10/04/2013 - | www.smart-webzine.com
Fördergeber
Das K-Projekt SeCoS wird im Rahmen von COMET –
Competence Centers for Excellent Technologies –
durch BMVIT, BMWFJ und die Steirische
Wirtschaftsförderungsgesellschaft mbH (SFG) des
Landes Steiermark gefördert.
Das Programm COMET wird durch die FFG
abgewickelt.
21