1. Field of the Technology
The disclosure relates to the field of methods of using RFID tags in secure transactions and communications.
2. Description of the Prior Art
Recent emergence of RFID tags capable of performing public key operations has enabled some new applications in commerce (e.g., RFID-enabled credit cards) and security (e.g., ePassports and access control badges). While the use of public key cryptography in RFID tags mitigates many difficult security issues, certain important usability-related issues remain, particularly, when RFID tags are used for financial transactions or bearer identification. What is need is some kind of user-involved techniques for secure user-to-tag authentication, transaction verification, reader expiration & revocation checking, as well as association of RFID tags with other personal devices.
Radio Frequency Identification (RFID) is a wireless technology mainly used for identification of various types of objects, e.g. merchandize. An RFID tag is a purely passive device—it has no power source of its own. Information stored on an RFID tag can be read by a special device called an RFID reader, from some distance away and without requiring line-of-sight alignment (in contrast to barcodes). Although RFID technology was initially envisaged as a replacement for barcodes in supply chain and inventory management, its many advantages have greatly broadened the scope of possible applications. Current and emerging applications range from visible and personal (e.g., toll transponders, passports, credit cards, access badges, livestock/pet tracking devices) to stealthy tags in merchandize (e.g., clothes, pharmaceuticals and books/periodicals).
The costs and capabilities of RFID tags vary widely depending on the target application. At the high end of the spectrum are the tags used in e-Passports, electronic ID (e-ID) Cards, e-Licenses, and contactless payment instruments. Such applications involve relatively sophisticated tags each costing a few dollars. Even though they are powerful enough to perform sophisticated public key cryptographic operations, there remain security and privacy issues when these tags are used as a means of payment or owner/bearer identification.
User authentication is a fundamental problem that has received a great deal of attention in the security community, for several decades. Solutions range from simple modifications to the standard PIN/password entry techniques to schemes that require more complicated cognitive tasks from users. Authentication of users to passive devices (such as RFID tags) is a very recent issue. The first solution was proposed by Czeckis, et al. In it, users authenticate to an accelerometer-equipped RFID tag by moving or shaking it (or the wallet containing it) in a certain pattern. However, this method assumes that RFID tags are equipped with an accelerometer, and requires users to memorize movement patterns. Also, it is prone to passive observer attacks.
A similar technique called “PIN-Vibra” was suggested by Saxena, et al. for authenticating to an accelerometer-equipped RFID tags using a mobile phone. In it, a vibrating mobile phone is used to lock or unlock RFID tags. While the usability of PIN-Vibra seems promising, it has a some drawbacks: (1) high error rates—accelerometers on tags cannot perfectly decode PINs encoded in phone vibrations, (2) user's phone must be present and functional (e.g., not out of battery) whenever the tag has to be used, and (3) accelerometer-equipped RFID tags are relatively expensive and do not lend themselves to other applications that would help amortize their cost.
Current literature and systems that address the transaction verification and amount fraud problem use data mining, machine learning techniques, and out-of-band communication; most banks verify transactions via alternate communication mediums such as email or telephone. A complete survey of modern fraud detection techniques for Card Present (a.k.a, off-line) and Card not Present (a.k.a, on-line) transactions is due to Kou, et al.
Three popular prior art methods to verify the status of a public key certificate (PKC) are: Certificate Revocation Lists (CRLs), Online Certificate Status Protocol (OCSP) and Certificate Revocation System (CRS).
CRLs are signed lists of revoked certificates periodically published by certification or revocation authorities (CAs or RAs). Usage of CRLs is problematic in RFID systems as they require the tag to have a clock in order to determine whether a given CRL is sufficiently recent. The communication overhead can be quite high if the number of revoked entities is large.
OCSP is an online revocation checking method that reduces storage requirements for all parties involved, while providing timely revocation status information. Although well suited for large connected networks, it is a poor fit for RFID systems as it requires constant connectivity between readers and OCSP responders. Furthermore, the need for a two-round challenge-response protocol with OCSP responders may make it susceptible to adverse effects of network congestion and slow turnaround times.
CRS offers implicit, efficient, and compact proofs of certificate revocation. However, it is unworkable in the RFID context as it also requires verifiers (RFID tags) to have a clock. Despite much prior work in RFID security and certificate revocation, coupled with the fact that the problem had been spotted by researchers, little has been done to address reader PKC revocation and expiration checking problems. Only very recently, Nithyanand, et al. proposed a method that entails user involvement and DERT-s to determine PKC validity. Although this prior work includes a preliminary usability study, it used a mock-up implementation of DERT-s on mobile phones.
A number of device security association/pairing methods have been proposed over the last several years. They use various out-of-band (OOB) channels in the process of secure connection establishment, and as a result, yield different usability characteristics. However, because of the nature of very basic displays that can be integrated into RFID tags, only visual text-based methods are appropriate for DERT-s.