privacy issues in rfid banknote protection schemes

Radio Frequency Identification (RFID) TechnologyThe Juels–Pappu Banknote Protection Scheme

Privacy Issues in the Juels–Pappu SchemeConclusion

Cardis, August 23-26, 2004

Privacy Issues in RFID Banknote Protection Schemes

Gildas Avoine

EPFL

Lausanne, Switzerland

ÉCOLE POLYTECHNIQUEFÉDÉRALE DE LAUSANNE

Gildas Avoine Privacy Issues in RFID Banknote Protection Schemes



Outline

Radio Frequency Identification (RFID) Technology

The Juels–Pappu Banknote Protection Scheme

Privacy Issues in the Juels–Pappu Scheme

Conclusion




Radio Frequency Identification (RFID) Technology




RFID Systems

reader

tag

tag

tag

tag

reader

database

Identification:-1- A reader broadcasts a request in its communication zone.-2- Each tag sends back its answer.-3- The answers are sent to the database.




Emergence of the RFID Technology

The RFID technology is not new, e.g., contactless smartcards werealready RFID devices (public transport, tollways).

The Auto-ID center has been created in 1999 at the MIT in or-der to promote and establish standards on small and cheap RFIDtechnology.




RFID Characteristics

Extremely limited storage and computation capabilities

Not tamper-resistant

No battery

Reader-to-Tag channel: up to 100 meters

Tag-to-Reader channel: up to a few meters




RFID Systems vs Bar-Code Systems

RFID tags could replace the bar-codes in the near future. RFIDtags and bar-codes differ from several points:

A tag can be remotely read without optical access.

Several tags can be read at the same time.

While a bar-code represents a lot of items, an RFID tag hasits own unique identifier.




Applications and Issues

These properties open the door to new applications:

Management of stocks and stocktakings

Speed up the checkouts in the shops

Libraries

Recycling

Anti-counterfeiting

Sensor networks

Pets identification

But they also open the door to new security issues, in particular theproblem of traceability.




The Juels–Pappu Banknote Protection Scheme




Why?

The European Central Bank said (rumor?) it wants to embedRFID tags into Euro notes.

To avoid banknote counterfeiting and to track illicit monetaryflows by authorized parties (e.g. airport controls), such thatbanknotes can not be traced by unauthorized parties.




Who?

Central bank (B) creates the banknotes and... hates forgers

Law enforcement agency (L) aims at tracking illicit monetaryflows

Banknote bearers want to preserve their privacy and......to earn as much money as possible

Merchants want to preserve their clients and therefore theyagree to collaborate to ensure the client’s privacy




How?

Serial number of a banknote is signed by B (anti-counterfeiting)

When requested, the tag of a banknote sends the encryptedvalue of the serial number and not the serial number itself(anti-traceability).

Periodic probabilistic re-encryptions of the serial number areperformed (by the merchants).

Re-encryptions require an optical contact with the banknote:a key, printed on the banknote, is needed to access the contentof the tag.

L can access the content of the tag without this key.




Tags’ requirements

Tags must have an EEPROM consisting of (at least) 780 bits.

Tags must supply the intructions read, write, keyed-read,and keyed-write.

RFIDγ: read / keyed-write δ: keyed-read / keyed-write




Banknote Creation by B

1 Select a serial number S and compute Σ = Sign(SKB,S ||den)

2 Compute an access-key D such that D = h(Σ)

3 Encrypt C = Enc(PKL,Σ||S , r) where r is a random number

4 Put C into γ-cell and r into δ-cell

5 Print S and Σ on the banknote

Optical S Σ


C r




Re-Encryption by Merchants

1 Read S and Σ and compute D = h(Σ)

2 Read C and keyed-read r using D

3 Check that Enc(PKL,Σ||S , r) = C

4 Choose randomly a new r and keyed-writes it into δ

5 Compute the new C := Enc(PKL,Σ||S , r) and put it into γ

Optical S Σ


C r




Banknote Tracing by L

1 Obtain freely C from cell γ

2 Decrypt C using SKL and obtain Dec(SKL,C ) = Σ||S3 Check whether or not Σ is a valid signature

Optical S Σ


C r




Encryption Scheme

Juels and Pappu suggest to use an ElGamal-based encryptionscheme (over elliptic curves).

Let G denote an elliptic-curve-based group with prime orderq and let P be a generator of G. Let SKL = x ∈R Zq be the lawenforcement private key and PKL = Y = xP the correspondingpublic key. A message m is encrypted with the ElGamal schemeunder the random number r as follows:

Enc(PKL,m, r) = (m + rY , rP).




Fujisaki/Okamoto Integration Method

With the Fujisaki/Okamoto secure integration method, a messagem is encrypted with the public key pk as follows:

E ∗(pk ,m) = (E asym(pk , r , h1(r ,m)) , E sym(h2(r),m))

Where

E sym(key ,mes) is a symmetric encryption of mes with key .

E asym(key ,mes, rand) is an asymmetric encryption of meswith key and a random value.

h1 and h2 denote hash functions.

In our case, E asym is the ElGamal encryption scheme and E sym isthe ⊕ operation.




Privacy Issues in the Juels–Pappu Scheme




Attacks

Pickpocketing attack

Denial of service attack

Sleeping and dead banknotes

Cookies threat

Access-key tracing

Data recovery attack

Ciphertext tracing




Access Key Tracing

Goal: Tracing a banknote that the attacker saw once.

Sketch: If the attacker can have an optical contact with thebanknote once then thanks to the access-key D (which is a statickey) he is able to trace the banknote by just trying to readthe δ-cell: the tag responds if and only if the key D is the goodone; we determine so whether or not the banknote is the traced one.

Moral of the story: As soon as a tag owns a unique access-key andresponds if and only if the key sent by the reader is the good one,this key can be used to trace the tag.




Data Recovery Attack

Goal: Obtaining the serial number of the banknote without opticalaccess.

Sketch:

Step 1: Obtaining the access-key D and then the randomnumber r which is stored in the δ-cell;

Step 2: Exploiting a misapplication of the secure integrationmethod of Fujisaki and Okamoto used with a probabilistic en-cryption scheme, in order to recover S and Σ.




Data Recovery Attack (Step 1)

A merchant who is willing to re-encrypt the banknote sends theaccess-key D = h(Σ) (obtained by optical reading): the attackercan just eavesdrop this (static) key (channel from reader-to-tag ismuch easier to eavesdrop than the tag-to-reader channel).




Data Recovery Attack (Step 2)

By (freely) reading the γ-cell, we obtain C = Enc∗(PKL,m, r)where m = Σ||S . We have:

Enc∗(PKL,m, r) = (E asym(pk , r , h1(r ,m)) , E sym(h2(r),m))

= (Enc(PKL, r , h1(r ||m)) , h2(r)⊕mh2(r)⊕m︸︷︷︸ξ

)

We have Σ||S = ξ ⊕ h2(r) where ξ, r , and h2 are known (r issupplied by Step 1).

Moral of the story: We should never use the Fujisaki/Okamotointegration method with a probabilistic encryption scheme whenthe random value is public.




Ciphertext Tracing (Example)

“Bar X wishes to sell information about its patrons to local Mer-chant Y. The bar requires patrons to have their drivers’ licensesscanned before they are admitted [...].At the same time, Bar Xscans the serial numbers of the RFID tags of banknotes carried byits patrons, [...] Merchant Y similarly records banknote serial num-bers of customers from RFID tags. Bar X sells to Merchant Y theaddress and birth-date data it has collected [...]. In cases where BarX and Merchant Y hold common serial numbers, Merchant Y cansend mailings directly to customers [...].”




Ciphertext Tracing

We consider firstly a milder version of the attack: bar X cannot readthe optical data on the banknotes of his customers. But, he storesin a database all the γ-values (i.e., C = Enc(PKL,Σ||S , r)) thathe is able to collect matched with the name and address of theirhandlers. Merchant Y also reads the γ-values of his clients andstores them. Bar X and merchant Y can merge their databases: ifa γ-value appears in both databases, they can be almost sure thatit is the same client.




Ciphertext Tracing

We consider now a stronger attack: when bar X gives back changeto a client, he re-encrypts banknotes with a fixed random number,denoted r0 also known by merchant Y.

When a customer arrives in Merchant Y’s store, Y reads theγ-values of the customer’s banknotes and computes Σ0 using r0

(thanks to the misapplication of the integation method). He thencomputes D0 = h(Σ0) and tries to read δ with D0; if the tagagrees this means that r0 was the appropriate random number andmerchant Y can be almost sure that this client comes from Bar X.

Note that Merchant Y does not “touch” the banknotes here: hehas just to scan the people when their pass through the store doorfor instance.




Ciphertext Tracing

Moral of the story: Since re-encryptions cannot be performedwith sufficient frequency, it is possible to trace the tags with the(encrypted) RFID values universally readable (even if this attackercannot obtain the plain value).

Note that even with a higher frequency, the attack still remains ifthe re-encryptions are performed by the merchants, and not by theusers themselves.




Conclusion




Conclusion

Several mistakes have been done in the design of this scheme.In this state, the scheme is null and void and should not be used.

The fact that the re-encryption comes from an external entity(and not the tag itself) allow to trace the tag between twocorrect re-encryptions (i.e., performed by honest parties)and brings out potential weaknesses: [Henri, Muller], [Golle,Jakobsson, Juels, Syverson], and [Saito, Ryou, Sakurai]

The fact that a predetermined access-key is used transforms thetag into an oracle which says whether or not it is the tracedtag.




Conclusion (Cont.)

Only few works tried to prove the security or to exhibitweaknesses in the existing RFID protocols.

Formalization of the privacy and of the adversary model.


privacy issues in rfid banknote protection schemes

Documents