Austrian researchers improve RFID data security in an open IoT environment
chrispeng [ad_1]
A research team from the Institute of Applied Information Processing and Communication at Graz University of Technology has developed a prototype RFID-based system designed to protect the security of RFID data in an open Internet of Things network. The researchers said that the technology can use VPN software to provide security for sensor and RFID data. The UHF EPC RFID tag they developed uses its own communication channel, Internet Protocol Security (IPSec) protocol, and can be authenticated before the RFID reader responds.
IPSec is a tool to ensure the security of IP network communications. The protocol suite establishes a confidential and integrity-protected connection between the label and the Internet through a VPN connection. The study found that it is feasible to run the IPsec stack on the EPC Gen 2 tag, which provides a secure end-to-end connection between the tag and the Internet. In this way, the card reader can be used as a router that transmits IP data packets from the tag.
This research was funded by the Austrian Science Foundation (FWF), with the goal of using RFID technology safely in an open environment. Researchers predict that with the gradual promotion of applications, the security of RFID chips will receive increasing attention. They cited examples of smart cars and toys that could be hacked.
At present, the RFID system is usually closed. After the data is read, it is usually only accessed by a small number of authorized users. In the future, the Internet of Things environment will be more open, and RFID readers will act as a bridge between tags and the Internet. This will put the data in a larger and more open environment.
The researchers said that in order to ensure the security of RFID data in an open environment, some active development of RFID systems is needed. Hannes Gross, a researcher at the university, said: “Connecting every object and device to the Internet without considering security and privacy is very stupid. This will bring a lot of bad consequences.”
Gross believes that existing security solutions will encounter many problems in large open environments. The encryption process requires larger chips, larger tags, may be more expensive, and will slow down the reading time. The researchers’ replacement tag prototype PIONEER uses the ISO/IEC 29167 standard protocol and IPsec, allowing tags to transmit data in encrypted form.
Gross said: “In this project, we use RFID tags with built-in sensors as part of a secure and open IoT infrastructure.” The researchers analyzed the necessary security and privacy features and how they can be seamlessly integrated into existing Internet infrastructure. They also determined the required security features between the reader and the tag.
Gross said: “By analyzing different IoT scenarios and their potential risks, we came to a conclusion that in an open IoT system, card readers are not secure and need to be treated as potential attackers.” The common assumptions in the system are contrary, such as the Electronic Product Code Information Service (EPCIS), where the card reader is used to identify the RFID tag and send it back to the back-end system for processing.
The research team found that in an open IoT environment, tags are responsible for protecting their own communication channels in order to authenticate themselves and the card reader, and protect tags and data security. Gross said that there are billions of possible communication partners (other devices) in an open IoT system, so sharing and maintaining passwords is not realistic. Therefore, they need more complex encryption techniques based on public key cryptography.
The ISO/IEC 29167 standard provides a variety of encryption suites, which brings some security. Before this standard was introduced, UHF tags could be cloned by simply reading the EPC identifier and memory. In addition, the 32-bit ACCESS password cannot provide sufficient protection to prevent misappropriation.
The project focuses on designing an open IoT system based on RFID technology, where tags can be used in untrusted and potentially malicious environments. Gross said: “We spent a lot of time thinking about what features and encryption services need to be added to protect sensitive data and exchange information securely over the Internet.” The team’s goal is not only to provide tag security, but also to ensure that hackers successfully steal When the key of one or more tags is used, the entire system does not crash.
PIONEER tags integrate IPsec protocol into standard tags through a self-designed encryption suite. The reader translates the communication between IoT devices and PIONEER tags by packaging IPsec requests and responses into EPC Gen 2 commands. In this project, the researchers also connected different sensors (such as temperature and humidity sensors) to the PIONEER tag.
[ad_2]
