Abstract
Personal RFID devices – found, e.g., in access cards and contactless credit cards – are vulnerable to unauthorized reading, owner tracking and different types of relay attacks. We observe that accessing a personal RFID device fundamentally requires moving it in some manner (e.g., swiping an RFID access card in front of a reader). Determining whether or not the device is in motion can therefore provide enhanced security and privacy; the device will respond only when it is in motion, instead of doing so promiscuously. We investigate extending the concept of min-entropy from the realm of random number generation to achieve motion detection on an RFID device equipped with an accelerometer. Our approach is quite simple and well-suited for use on low-cost devices because the min-entropy of an accelerometer’s distribution can be efficiently approximated. As opposed to alternative methods, our approach does not require any changes to the usage model expected of personal RFID devices.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bringer, J., Chabanne, H., Dottax, E.: HB++: a Lightweight Authentication Protocol Secure against Some Attacks. In: Security, Privacy and Trust in Pervasive and Ubiquitous Computing (2006)
Buettner, M., Prasad, R., Philipose, M., Wetherall, D.: Recognizing Daily Activities with RFID-Based Sensors. In: International Conference on Ubiquitous Computing (UbiComp) (2009)
Corporation, S.: SMARTCODE Solves the Privacy Issue Relating to Potential Unauthorized Reading of RFID Enabled Passports and ID Cards (2006)
Czeskis, A., Koscher, K., Smith, J., Kohno, T.: RFIDs and Secret Handshakes: Defending Against Ghost-and-Leech Attacks and Unauthorized Reads with Context-Aware Communications. In: ACM Conference on Computer and Communications Security (2008)
Electronics, M.: MMA7660FCR1 Freescale Semiconductor Board Mount Accelerometers (2009)
Gilbert, H., Robshaw, M., Seurin, Y.: HB#: Increasing the Security and Efficiency of HB+. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 361–378. Springer, Heidelberg (2008)
Hancke, G.: Practical Attacks on Proximity Identification Systems (Short Paper). In: IEEE Symposium on Security and Privacy, S&P (2006)
Holleman, J., Yeager, D., Prasad, R., Smith, J., Otis, B.: NeuralWISP: An Energy-Harvesting Wireless Neural Interface with 1-m Range. IEEE Transactions on Biomedical Circuits and Systems, BioCAS (2008)
Jiang, B., Roy, S., Sundara-Rajan, K., Philipose, M., Smith, J., Mamishev, A.: Energy Scavenging for Inductively Coupled Passive RFID Systems. IEEE Instrumentation and Measurement Technology Conference (2005)
Jiang, B., Smith, J., Philipose, M., Roy, S., Sundara-Rajan, K., Mamishev, A.: Energy scavenging for inductively coupled passive RFID systems. IEEE Transactions on Instrumentation and Measurement (2007)
Juels, A.: RFID Security and Privacy: A Research Survey. IEEE Journal on Selected Areas in Communications (2006)
Juels, A., Molnar, D., Wagner, D.: Security and Privacy Issues in E-passports. Security and Privacy for Emerging Areas in Communications Networks, Securecomm (2005)
Juels, A., Rivest, R.L., Szydlo, M.: The blocker tag: selective blocking of rfid tags for consumer privacy. In: ACM Conference on Computer and Communications Security, CCS (2003)
Juels, A., Syverson, P.F., Bailey, D.V.: High-power proxies for enhancing rfid privacy and utility. In: Danezis, G., Martin, D. (eds.) PET 2005. LNCS, vol. 3856, pp. 210–226. Springer, Heidelberg (2006)
Juels, A., Weis, S.A.: Authenticating Pervasive Devices with Human Protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)
Katz, J., Shin, J.S.: Parallel and Concurrent Security of the HB and HB+ Protocols. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 73–87. Springer, Heidelberg (2006)
Kfir, Z., Wool, A.: Picking Virtual Pockets using Relay Attacks on Contactless Smartcard. In: Security and Privacy for Emerging Areas in Communications Networks, Securecomm (2005)
Lester, T.S.J., Hartung, C., Agarwal, S., Kohno, T.: Devices That tell on You: Privacy Trends in Consumer Ubiquitous Computing. In: USENIX Security Symposium (2007)
O’Connor, M.: RFID Cures Concrete (2006)
Rieback, M.R., Crispo, B., Tanenbaum, A.S.: Rfid guardian: A battery-powered mobile device for rfid privacy management. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 184–194. Springer, Heidelberg (2005)
Sample, A., Yeager, D., Powledge, P., Smith, J.: Design of a Passively-Powered, Programmable Sensing Platform for UHF RFID Systems. In: IEEE International Conference on RFID (2007)
Sample, A., Yeager, D., Smith, J.: A capacitive touch interface for passive RFID tags. In: Proceedings of the 2009 IEEE RFID Conference (2009)
Segawa, N.: Behavior Evaluation of Sika Deer (Cervus Nippon) by RFID System. In: WISP Summit (2009)
Smith, J., Sample, A., Powledge, P., Mamishev, A., Roy, S.: A Wirelessly-Powered Platform for Sensing and Computation. In: Dourish, P., Friday, A. (eds.) UbiComp 2006. LNCS, vol. 4206, pp. 495–506. Springer, Heidelberg (2006)
Sutter, J.: CNN Article: Wallet of the future? Your mobile phone(2009), http://www.cnn.com/2009/TECH/08/13/cell.phone.wallet/index.html?eref=igoogle_cnn
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Saxena, N., Voris, J. (2010). Still and Silent: Motion Detection for Enhanced RFID Security and Privacy without Changing the Usage Model. In: Ors Yalcin, S.B. (eds) Radio Frequency Identification: Security and Privacy Issues. RFIDSec 2010. Lecture Notes in Computer Science, vol 6370. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16822-2_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-16822-2_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16821-5
Online ISBN: 978-3-642-16822-2
eBook Packages: Computer ScienceComputer Science (R0)