This tutorial will cover the basics of security and how it is used in RFID systems. This talk will begin with an overview of the use of symmetric key and asymmetric key ciphers to provide common security services for digital signatures, tag authentication, interrogator authentication, mutual authentication, and subsequent communication providing integrity and privacy. The discussion will continue with how these security services are used today in RFID for active systems (BLE) and passive systems (LF, HF/NFC, UHF). A high level look at logical and physical security attacks will be provided before moving to more in depth discussion on passive UHF security. Some national UHF standards will be discussed as well as international standards from GS1/EPCglobal and ISO. Security often depends upon the use random numbers and we look at RNG performance for some passive RAIN RFID devices. This talk will conclude with a survey of available RAIN RFID crypto devices.
- RFID security threats
- RFID security : a few use cases
- Cryptography basis
- Authentication protocols
- Secure communication protocols
- Passive UHF security
- EPC Gen2V2 and ISO 18000-63 security features for RAIN RFID
- ISO 29167 security services for RAIN RFID
- RNG performance for passive RAIN RFID devices
- Survey of available RAIN RFID crypto devices
Stéphanie Salgado received the M.S degree in Cryptography and Error Correcting Codes from the University of Limoges in 1998. Later she joined the smart card division of Schlumberger that became later on Gemalto. She held there several technical and management positions related to smart cards security. Her interests include software cryptographic libraries, secure OS, secure applets, physical attacks and associated countermeasures, payment systems, SIM cards, passport security etc… Since 2012, she leads the security and cryptography team of EM Microelectronic, a Swiss based semiconductor company and subsidiary of the Swatch Group. She focuses on constrained hardware cryptographic algorithms, and especially lightweight algorithms that fit RFID systems. She holds 15+ patents from security concepts to hardware implementations.
Jim Springer is a systems engineer at EM Microelectronic, a Swiss based semiconductor company and subsidiary of the Swatch Group. He has more than 40 years’ industry experience with 15 years in RFID. His activities include the definition and development of new integrated circuits for advanced RFID tags used in sensor, vehicle identification, and security applications. Jim is a long time contributor and active participant in the RFID standards community. He is currently the RFID Task Group chairman of the US Technical Advisory Group for ISO, co-project editor for ISO/IEC 24753 (RFID application protocol for sensor and battery tags), and project editor for ISO/IEC 18000-61 and ISO/IEC 18000-64 (passive UHF RFID air interface protocols) as well as ISO/IEC 29167-13 and ISO/IEC 19823-13 (RFID security services using Grain-128A cipher).