Privacy Challenges in RFID Gildas Avoine, Universite Catholique de Louvain, Belgium. |
---|
Radio Frequency Identification (RFID) allows to identify and
authenticate objects or subjects without any physical nor
optical contact, using transponders - micro-circuits with an
antenna - queried by readers through a radio frequency
channel. This technology is one of the most promising of this
decade and is already widely used in applications such as
access cards, public transportation, payment cards, and
passports. This success is partly due to the steadily decrease
in both size and cost of passive transponders called tags.
The shared enthusiasm for RFID makes people think that everything is do-able with any kind of RFID, especially with low-cost tags. Reality is a bit different. In particular, the characteristics of this technology - ubiquity, low-resource, wireless - open a security breach that should be seriously considered. After a brief introduction about the technology, we will focus in this talk on the security threats. We will propose a classification and show that victims are not only the end-users but they can also be the systems' owners. We will see what is possible today in terms of security and what are the challenges we have to address. Among others, we will consider the following topics: impersonation, privacy, denial of service. DPM 2011 Program |