Project:
Radio frequency identification (RFID) is a technology that promises to add convenience and efficiency to any interaction where a person or item needs to be authenticated. Examples already in use include the new e-passports and contact-less credit cards. The sensitive nature of information contained on these cards, or to which they grant access, has sparked considerable interest in RFID security. In most cards, authentication is based on unencrypted serial numbers, a method that is open to simple attacks. For example, with the new contact-less credit cards, it has been demonstrated that it is easy to eavesdrop on an RFID transaction and construct a counterfeit RFID card that can pose as the original card [1].
My project is to develop a novel method for detecting counterfeit radio frequency identification (RFID) cards from electromagnetic measurements. The central idea is to determine if physical differences between cards can be readily identified and quantified. Manufacturing processes have some degree of random error and the hope is that every card has a slightly different but specific set of hardware parameters that affect the electrical signals produced in a readily recognizable and quantifiable manner. The set of quantified abnormalities would be known as an electromagnetic (EM) signature.
The end result is that a successful counterfeited card would necessarily have to overcome two hurdles: reproducing the correct serial number and reproducing the correct electromagnetic signature. The second would be difficult in that the counterfeiter would need to have intimate knowledge of the internal circuitry and dimensions of the RFID to be counterfeited.
[1]Thomas S. Heydt-Benjamin et al. Vulnerabilities in first-generation RFID-enabled credit cards. RFID Consortium for Security and Privacy (http://www.rfid-cusp.org/), October 2006.
Math involved:
Signal processing and pattern recognition is involved in this project. Central to the signal processing is Fourier analysis, as it is a natural context within which to analyze electromagnetic fields and waves.
I plan to use a broad-band harmonic analysis of the signal in an effort to capture non-linearities. Below is an example of a the spectrum of a RFID transaction, from which I gather statistics about the spread of energy in the harmonics for various RFID cards corresponding to different models (m1-m4).
Our results indicate that we can successfully discriminate between different RFID card models, but have a difficult time distinguishing between individual cards of the same model. Future work will include looking at a wider range of features than simply energy at harmonics to see if it is possible to distinguish between individual RFID cards.
About Henry:
At the time of this research, Henry was in his fourth year of study as an Applied Mathematics and Electrical Engineering major. He is primarily interested in signal processing and plans to continue study in a Master’s program in Applied Mathematics.