RFID virus buster builds wireless firewall

RFID virus buster builds wireless firewall
RFID virus buster builds wireless firewall

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

Content-Transfer-Encoding: QUOTED-PRINTABLE

By Wendy M. Grossman
25 April 2007

"SPYCHIPS," some privacy campaigners call RFID. Two years ago, when 
Melanie Rieback in 2005 was hunting for a research topic for her PhD, 
she settled on RFID security because "It was obvious there was a lot of 
work to be done."

Based at the department of computer science at Vrije Universiteit in the 
Netherlands, Rieback, an American, caused a storm last year when she 
published a paper on RFID viruses. "I wrote a completely scientifically 
and factually neutral paper about how to use RFID to perpetuate common 
exploits like the ones on the Internet today," she says.

The paper didn't talk about the possible consequences. But, "The reality 
is that RFID is a new technology like anything else, and you have to do 
a proper cost-risk analysis in deciding when to deploy it." Using RFID 
to tag cows in a field clearly carries much less risk than putting them 
in passports and credit cards.

"I think you need to be as worried about RFID malware as any other kind 
of enterprise software. With big RIFD installations you're going to have 
big databases, Internet connections in the mix, a lot of bloated source 
code, and statistically they say there are 16 bugs per thousand line of 

Rieback's latest project, RFIDGuardian, aims to create a personal 
firewall for RFID tags. That is, a portable, battery-powered device that 
anyone can use to see and selectively block the tags around them.

The idea, Rieback says, was inspired by a paper written by Ari Juels 
that she believes was the first proposal for an RFID privacy-enhancing 
technology. "It was a brilliant idea, but it had a few shortcomings, and 
thinking through those led me to RFIDGuardian."

The basis of Juels' idea was to jam the system by using the built-in 
anticollision protocols. Readers check for nearby tags by proceeding 
down a tree of possible names. Juels proposed a tag that responds to all 
of them, slowing the system down and confusing it as to which tags are 
actually present.

The shortcomings: tags have no power source and can only be read in the 
right orientation; they have very little data storage, ruling out 
complex security policies; and changing the policy after widespread 
distribution would be a "nightmare".

The prototype RFIDGuardian is currently in its third version of hardware 
and software, and by now it's a single PCB with all the functionality 
build into it.

"It sends out some random noise in the time slots when an RFID tag is 
going to be speaking," she says. "Because the jamming signal is so short 
and selective in can block only one tag and let others speak." Building 
the prototype took her team about six months and wasn't, she says, 
technically all that difficult.

"The only thing at the beginning was that we didn't know if we would get 
tag spoofing/jamming to work." This was, she says, another problem with 
Juels' proposal: most people can't make their own silicon to create a 
jamming tag.

Rieback's ultimate goal is to implement the device in a single chip that 
could be affordable for consumers. "The idea is it could eventually be 
integrated into a PDA or cellphone," she says.

The version in progress will incorporate Bluetooth so that a Java applet 
on a cellphone can control the device and display its output on the 
cellphone screen. Currently, seven are in production destined to be 
given away to other researchers. Rieback hopes that seven or eight 
months from now she'll be able to open-source the entire project.

For Rieback, enhancing privacy isn't a primary goal but it is a welcome 
by-product. "I see myself first as a scientist. It makes me happy that 
what I'm working on can have a positive impact in terms of privacy, but 
only being an activist has its limitations. People aren't going to 
believe you that something is broken until you show it to them. I try 
not to be too preachy =E2=80=93 I just try to show things scientifically and 

Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Subscribe to InfoSec News 

Site design & layout copyright © 1986-2014 CodeGods