Security in a UHF RFID tag

Do we need security in an RFID tag? What do we even mean by security?
In the UHF tags available today there really is no security, in fact in many of the RFID tags that are used in applications today, there is no security. It is not needed, and so there has been no attempts to include it.
The one area that this not true is in the area of financial transactions where the predominant standard is ISO/IEC 14443. This standard (the basis of NFC, Near Field Communications) is a High Frequency (13.56 MHz) standard that includes the capability for encryption of the information on a tag. This capability does not exist for UHF tags – at the moment.
There have been many meetings of the UHF RFID experts to talk about how to add true security to a UHF RFID system.
This majority of RFID applications do not need security. The unique number stored in the tag means nothing to someone reading the tag unless they have access to the databases that explain the meaning of the number. However, some applications want to have more information stored in the tag and some of that information may be sensitive. Hence the need for security.
There are several areas that require the use of security. These include untraceability, loss-identification and/or protection, memory-locking, and privilege-management. To allow some of these to be implemented we also need to add file-management capability.
In order to achieve security, the tag and the reader have to prove to each other that they are allowed to talk. This is called authentication and it is a necessary process before the tag tells the reader any information. This is the first stage of the secure process.
There are several parts to the Authentication process. The tag must declare and prove that it is capable of secure communications. The interrogator must declare that not only is it capable but that it is allowed to access certain information on the tag. There may be information on the tag that not all interrogators are allowed to access, and so there must be a method of creating privilege based access and hence file areas on the tag.
Once the tag and interrogator have authenticated each other, then the secure communication can start. By secure communication we mean the "real-time" encryption of the data that passes between the tag and interrogator. This is not the storing of encrypted data, it is the process where the tag has the ability to encrypt anything it communicates to an interrogator.
The implications of having an encryption engine on board a passive tag are obviously very wide. The loss of power to the tag during the encryption process means that the data does not get secured and transmitted, so a lot of work has to go into the design of these new tags.
One of the areas that the experts have been looking at is what encryption routines should be available.  The group has decided that there should be no restrictions as some applications may only require very simple security while others may need the power of an AES type encryption. the idea is to not include the encryption algorithm informatuon in the air interface standard but to create another document where all the algorithms are detailed.  The manufacturer of the tags would then be able to decide which encryption suite his tags will support.
In ISO, the air interface for UHF type C (ISO/IEC 18000-63) will be the first standard to be created for a secure RFID system. The basis for the security is already included in ISO/IEC 29167-1 which is currently in ballot.  The specific information for each type of tag is then included in the air interface standards (ISO/IEC 18000 series). The standard that will specify the security suites has not yet been decided, but there is a proposal that ISO/IEC 29167 be the home for these suites.
Not all tags will require security, and the extra cost for the tags will not be something that all applications can bear so these specifications will all be optional.
The work has begun to create the standards for this concept, but it will not be complete for a while. In fact we will probably not see the standards published until late in 2012. As the work progresses, I will update the blog with information.

The standards of an RFID system

If you visit What is RFID you will see a basic introduction into the building blocks of an RFID system. But you may now want to know what this means as far as standards are concerned. The page on SC 31 shows all of the RF standards that SC 31 is working on. This includes RFID, RTLS (Real Time Locating Systems), and MIIM (Mobile Item Identification and Management) from both the hardware and data side. We will look at the RFID side to give examples of how the standards system works.

Going back to our three parts of an RFID system:

  1. A tag (or multiple tags), also called as transponder
  2. A reader or interrogator together with antenna
  3. Supporting infrastructure (hardware and software).

We need to see how these parts are covered by the standards.

The first thing that we have to consider is the tag and how it communicates with the reader. This is usually called the Air Interface standard. In RFID the main standard is ISO/IEC 18000 and its various parts. The standard is broken down by frequency to try to simplify the amount of information

  • ISO/IEC 18000 – Air Interface
    • Part 1: Reference architecture and definition of parameters to be standardized
    • Part 2: Parameters for air interface communications below 135 kHz
    • Part 3: Parameters for air interface communications at 13,56 MHz
    • Part 4: Parameters for air interface communications at 2,45 GHz
    • Part 6: Parameters for air interface communications at 860 MHz to 960 MHz
    • Part 7: Parameters for active air interface communications at 433 MHz

Next we have to consider how the data is stored on the tag and how it is interpreted by the reader. This is where we look to:

  • ISO/IEC 15961 – Data protocol
    • Part 1: Application interface
    • Part 2: Registration of RFID data constructs
    • Part 3: RFID data constructs
    • Part 4: Application interface commands for battery assist and sensor functionality
  • ISO/IEC 15962 – Data protocol: data encoding rules and logical memory functions
  • ISO/IEC 15963 – Unique Identification for RF Tag 

Next we need to consider how we talk to the reader and pass the information into the system and infrastructure. The following standards cover this area:

  • ISO/IEC 24791 – Software system infrastructure
    • Part 1: Device management
    • Part 2: Data management
    • Part 3: Application management
    • Part 4: Application interface
    • Part 5: Device interface

There are many other standards that are being worked on by SC 31 but the above breakdown shows the various divisions from a system use point of view.

Finally the work of WG 7 is on File Management and Security. This group is defining the necessary steps to store more information on an RFID tag and how we implement a real security system that can help to protect that data.