Title: On the security of RFID devices against implementation attacks

Authors: Michael Hutter, Thomas Plos, Martin Feldhofer

Addresses: Institute for Applied Information Processing and Communications, Graz University of Technology, Inffeldgasse 16a, 8010 Graz, Austria. ' Institute for Applied Information Processing and Communications, Graz University of Technology, Inffeldgasse 16a, 8010 Graz, Austria. ' Institute for Applied Information Processing and Communications, Graz University of Technology, Inffeldgasse 16a, 8010 Graz, Austria

Abstract: Radio-Frequency Identification (RFID) is a wireless technology that already plays an important role in security-related applications. As soon as cryptographic features are integrated into RFID-enabled devices, the issue of implementation security becomes highly important. Implementation attacks exploit potential weaknesses of such devices and allow the extraction of sensitive information like secret keys. In this paper, we evaluate the efficiency of implementation attacks by conducting side-channel attacks and fault analysis on both High Frequency (HF) and Ultra-High Frequency (UHF) RFID tags. The results of our investigations disclose the potential vulnerability of RFID-tag implementations against practical attacks. Furthermore, this paper shows possible countermeasures that are optimised for resource-restricted devices like passive RFID tags.

Keywords: RFID security; radio-frequency identification; implementation attacks; power analysis; electromagnetic analysis; side-channel analysis; fault analysis; passive RFID tags.

DOI: 10.1504/IJSN.2010.032209

International Journal of Security and Networks, 2010 Vol.5 No.2/3, pp.106 - 118

Available online: 17 Mar 2010 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article