Passive radio frequency identification (RFID) tags, which do not have on-tag power sources, have become the standard mechanism for identifying countless objects. Currently, two security-related capabilities are missing from these tags: authentication and transfer-of-ownership.
In this project, the PIs propose to re-define the authentication of an RFID tag from being something the tag knows to being something the tag is.
In particular, the PIs explore methods to measure the response times of passive RFID tags, which are unique due to manufacturing variances, and use these measured times to uniquely identify (and authenticate) their corresponding tags. (Note that using measured response times is better, in identifying passive RFID tags, than using baseband radio frequency signals because the former does not require high-bandwidth and expensive measuring equipment.) The PIs explore how to augment the functionality of measuring the response times of RFID tags into regular RFID readers. They also develop classification algorithms for comparing the enrolled response times with the observed response times.
The PIs also develop privacy-preserving protocols to perform transfer-of-ownership of RFID tags based on the lightweight authentication algorithm described above. The PIs also develop new hardware primitives for transferring ownership of an RFID tag by manipulating the measured response time of the tag in a controlled way such that it is still a function of manufacturing variances.
Summary Radio frequency identification (RFID) systems provide information to users about objects with RFID tags. A threat to an RFID system is for an attacker to clone a tag such as those contained in identification documents like passports. Drs. Dale R. Thompson and Jia Di at the University of Arkansas have developed methods to verify the identity of passive RFID tags to prevent cloning of tags. They measure the wireless electronic features of an RFID tag to recognize the identity, or verify the claimed identity, of the tag. They use the term RFID fingerprinting to describe this technique that has many different names in the literature including signal fingerprinting, radio frequency (RF) fingerprinting, RF identification, radiometric identification, and physical-layer identification. Intellectual Merit Methods to measure, identify, and transform wireless electronic features into a signal fingerprint were developed. In addition, multiple matching algorithms for comparing the enrolled fingerprint with the observed fingerprint were investigated. Timing-based features were used instead of power-based features because they were more effective. This fingerprinting method does not require any pre-stored password because it is based on what a tag "is" rather than what secret a tag "knows." Moreover, this method can be applied to existing passive tags without any hardware modification. A prototype hardware primitive for transferring ownership of the tag by manipulating the signal fingerprint in a controlled way was developed and tested. Broader Impacts Signal fingerprinting has a broader impact into the area of secure mobile computing. Signal fingerprinting can be used to verify the identity of mobile computing devices that emit a wireless signal like smart phones, laptops with WiFi, Bluetooth devices, and sensor networks. Mobile computing devices have limited computation power and energy sources, which makes the use of traditional security methods less efficient. Signal fingerprinting can augment the traditional security methods with another layer of security based on the unique way that a device talks for a more secure mobile computing environment.
