Information technology - RFID threat and vulnerability analysis

The scope of the Technical Report is to consider the threats and vulnerabilities associated with specific characteristics of RFID technology in a system comprising:
—   the air interface protocol covering all the common frequencies;
—   the tag including model variants within a technology;
—   the interrogator features for processing the air interface;
—   the interrogator interface to the application.
The Technical Report addresses specific RFID technologies as defined by their air interface specifications. The threats, vulnerabilities, and mitigating methods are presented as a toolkit, enabling the specific characteristics of the RFID technology being used in an application to be taken into consideration. While the focus is on specifications that are standardized, the feature analysis can also be applied to proprietary RFID technologies. This should be possible because some features are common to more than one standardized technology, and it should be possible to map these to proprietary technologies.
Although this Technical Report may be used by any operator, even for a small system, the technical details are better considered by others. In particular the document should be a tool used by RFID system integrators, to improve security aspects using a privacy by design approach. As such it is also highly relevant to operators that are not SME’s, and to industry bodies representing SME members.
Although this Technical Report may be used by any operator, even for a small system, the technical details are better considered by others. In particular the document should be a tool used by RFID system integrators, to improve security aspects using a privacy by design approach. As such it is also highly relevant to operators that are not SME’s, and to industry bodies representing SME members.

Informationstechnik - Analyse zur Bedrohung und Verletzlichkeit durch beziehungsweise von RFID

Technologies de l’information - RFID, analyse vulnérabilité et de menace

Informacijska tehnologija - RFID, analiza groženj in ranljivosti

Področje uporabe tega tehničnega poročila je obravnavanje groženj in ranljivosti, povezanih z določenimi lastnostmi tehnologije RFID v sistemu, vključno s: - protokolom radijskega vmesnika, ki obsega vse skupne frekvence; - označevanjem, vključno z različicami modelov v tehnologiji; - lastnostmi bralnikov za obdelavo radijskega vmesnika; - vmesnikom bralnika aplikacije. Tehnično poročilo obravnava določene tehnologije RFID, kot jih določajo njihove specifikacije radijskega vmesnika. Grožnje, ranljivosti in metode za njihovo ublažitev so predstavljene kot orodje, kar omogoča upoštevanje določenih lastnosti tehnologije RFID, ki so uporabljene v aplikaciji. Analiza lastnosti se osredotoča na standardizirane specifikacije, lahko pa se uporablja tudi za lastniške tehnologije RFID. To naj bi bilo mogoče, ker so nekatere lastnosti skupne več kot eni standardizirani tehnologiji in naj bi jih bilo mogoče povezati z lastniškimi tehnologijami. Čeprav lahko to tehnično poročilo uporablja kateri koli izvajalec, je bolje, če tehnične podrobnosti tudi v majhnem sistemu obravnavajo drugi izvajalci. Dokument naj bi bil zlasti orodje, ki ga uporabljajo integratorji sistema RFID za izboljšanje vidikov varnosti z uporabo pristopa vgrajene zasebnosti. Tako je tudi zelo uporaben za izvajalce, ki niso mala in srednje velika podjetja, in industrijska združenja, ki predstavljajo člane malih in srednje velikih podjetij.

General Information

Status
Published
Publication Date
03-Jun-2014
Current Stage
6060 - Definitive text made available (DAV) - Publishing
Start Date
04-Jun-2014
Due Date
25-Feb-2014
Completion Date
04-Jun-2014

Buy Standard

Technical report
TP CEN/TR 16670:2014 - BARVE
English language
70 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
Technical report
TP CEN/TR 16670:2014 - BARVNE fotografije v standardu!
English language
70 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-september-2014
Informacijska tehnologija - RFID, analiza groženj in ranljivosti
Information technology - RFID threat and vulnerability analysis
Informationstechnik - Analyse zur Bedrohung und Verletzlichkeit durch beziehungsweise
von RFID
Technologie de l’information - RFID, Analyse de vulnérabilité et de menace
Ta slovenski standard je istoveten z: CEN/TR 16670:2014
ICS:
35.040.50 Tehnike za samodejno Automatic identification and
razpoznavanje in zajem data capture techniques
podatkov
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

TECHNICAL REPORT
CEN/TR 16670
RAPPORT TECHNIQUE
TECHNISCHER BERICHT
June 2014
ICS 35.240.60
English Version
Information technology - RFID threat and vulnerability analysis
Technologies de l'information - RFID, analyse vulnérabilité Informationstechnik - Analyse zur Bedrohung und
et de menace Verletzlichkeit durch beziehungsweise von RFID

This Technical Report was approved by CEN on 20 January 2014. It has been drawn up by the Technical Committee CEN/TC 225.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United
Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2014 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TR 16670:2014 E
worldwide for CEN national Members.

Contents Page
Foreword .4
Introduction .5
1 Scope .6
2 Terms and definitions .6
3 Symbols and abbreviations .9
4 Threats and Attack scenarios . 10
4.1 Introduction . 10
4.2 Attacks to an RFID System with a Fake Reader . 11
4.3 Attacks to a RFID system with a Fake Tag . 12
4.4 Attacks to a RFID system with a Fake Reader and a Fake Tag . 12
4.5 Attack to a Real Tag with a Fake Reader and a Fake Tag . 13
4.6 Attack to a Real Tag with a Fake Reader . 13
4.7 Attack to a Real Reader with a Fake Tag . 13
5 Vulnerabilities . 14
5.1 Introduction . 14
5.2 Denial of service . 14
5.3 Eavesdropping . 14
5.4 Man in the Middle . 15
6 Mitigation measures . 15
6.1 Introduction . 15
6.2 Mitigation measures for secured RFID Devices . 15
6.2.1 Mitigation measures for tags . 15
6.2.2 Mitigation measures for readers . 15
6.2.3 Mitigation measures for the Air Interface Protocol . 15
6.3 Mitigation measures against attacks . 15
6.3.1 Introduction . 15
6.3.2 Eavesdropping . 15
6.3.3 Skimming . 15
6.3.4 Relay attack . 16
6.3.5 Denial of Service . 16
7 Conclusions . 16
Annex A (informative) Attack scenarios . 18
A.1 Amusement parks takes visitors to RFID-land . 18
A.1.1 Introduction . 18
A.1.2 Threat scenarios . 18
A.1.3 DPP objectives of relevance . 19
A.1.4 Security objectives of relevance . 19
A.1.5 Privacy objectives of relevance . 20
A.2 Purpose of Use and Consent . 20
A.2.1 Purpose 1 . 20
A.2.2 Purpose 2 (with explicit consent) . 21
A.2.3 Purpose 3 (with no explicit consent . 21
A.3 Multi-tag and purpose RFID environment for Healthcare . 22
A.3.1 Scenario description - Emergency. 22
A.3.2 The hospital RFID environment . 22
A.3.3 Arrival at the hospital . 23
A.3.4 Treatment at the hospital . 24
A.3.5 The value of the drug prescribed . 24
A.3.6 Returning home . 24
A.3.7 The home RFID environment . 24
A.3.8 Drug repeat prescription and out of date drug recycling . 25
Annex B Original Test Set ups and Results . 26
B.1 Test Area . 26
B.2 Equipment . 26
B.3 Overview of the Tests . 27
B.3.1 Introduction . 27
B.3.2 Range tests . 27
B.3.3 Write Tests . 27
B.3.4 Illicit Reading . 27
B.3.5 Eavesdropping . 28
B.3.6 Detection inside buildings . 28
B.3.7 Combined EAS/RFID systems . 28
B.4 Test procedures and results . 28
B.4.1 General . 28
B.4.2 Reading range . 30
B.4.3 Write range . 37
B.4.4 Illicit reading . 41
B.4.5 Eavesdropping . 46
B.4.6 Detection inside buildings . 47
B.4.7 Combined EAS/RFID system . 48
B.5 Analysis of results . 48
B.6 Conclusions . 49
Annex C Additional Test Set ups and Results . 50
C.1 Introduction . 50
C.2 Scope of tests . 50
C.3 Documenting the results . 50
C.4 Equipment required for additional tests . 50
C.5 Description of tests . 51
C.5.1 Activation distance for HF system . 51
C.5.2 Activation distance for UHF system . 52
C.5.3 Eavesdropping tests for HF system . 53
C.5.4 Eavesdropping tests for UHF system . 55
C.6 Test results . 56
C.6.1 Equipment utilised during the tests . 56
C.6.2 Description of Tests .
...


SLOVENSKI STANDARD
01-september-2014
Informacijska tehnologija - RFID, analiza groženj in ranljivosti
Information technology - RFID threat and vulnerability analysis
Informationstechnik - Analyse zur Bedrohung und Verletzlichkeit durch beziehungsweise
von RFID
Technologie de l’information - RFID, Analyse de vulnérabilité et de menace
Ta slovenski standard je istoveten z: CEN/TR 16670:2014
ICS:
35.020 Informacijska tehnika in Information technology (IT) in
tehnologija na splošno general
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

TECHNICAL REPORT
CEN/TR 16670
RAPPORT TECHNIQUE
TECHNISCHER BERICHT
June 2014
ICS 35.240.60
English Version
Information technology - RFID threat and vulnerability analysis
Technologies de l'information - RFID, analyse vulnérabilité Informationstechnik - Analyse zur Bedrohung und
et de menace Verletzlichkeit durch beziehungsweise von RFID

This Technical Report was approved by CEN on 20 January 2014. It has been drawn up by the Technical Committee CEN/TC 225.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United
Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2014 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TR 16670:2014 E
worldwide for CEN national Members.

Contents Page
Foreword .4
Introduction .5
1 Scope .6
2 Terms and definitions .6
3 Symbols and abbreviations .9
4 Threats and Attack scenarios . 10
4.1 Introduction . 10
4.2 Attacks to an RFID System with a Fake Reader . 11
4.3 Attacks to a RFID system with a Fake Tag . 12
4.4 Attacks to a RFID system with a Fake Reader and a Fake Tag . 12
4.5 Attack to a Real Tag with a Fake Reader and a Fake Tag . 13
4.6 Attack to a Real Tag with a Fake Reader . 13
4.7 Attack to a Real Reader with a Fake Tag . 13
5 Vulnerabilities . 14
5.1 Introduction . 14
5.2 Denial of service . 14
5.3 Eavesdropping . 14
5.4 Man in the Middle . 15
6 Mitigation measures . 15
6.1 Introduction . 15
6.2 Mitigation measures for secured RFID Devices . 15
6.2.1 Mitigation measures for tags . 15
6.2.2 Mitigation measures for readers . 15
6.2.3 Mitigation measures for the Air Interface Protocol . 15
6.3 Mitigation measures against attacks . 15
6.3.1 Introduction . 15
6.3.2 Eavesdropping . 15
6.3.3 Skimming . 15
6.3.4 Relay attack . 16
6.3.5 Denial of Service . 16
7 Conclusions . 16
Annex A (informative) Attack scenarios . 18
A.1 Amusement parks takes visitors to RFID-land . 18
A.1.1 Introduction . 18
A.1.2 Threat scenarios . 18
A.1.3 DPP objectives of relevance . 19
A.1.4 Security objectives of relevance . 19
A.1.5 Privacy objectives of relevance . 20
A.2 Purpose of Use and Consent . 20
A.2.1 Purpose 1 . 20
A.2.2 Purpose 2 (with explicit consent) . 21
A.2.3 Purpose 3 (with no explicit consent . 21
A.3 Multi-tag and purpose RFID environment for Healthcare . 22
A.3.1 Scenario description - Emergency. 22
A.3.2 The hospital RFID environment . 22
A.3.3 Arrival at the hospital . 23
A.3.4 Treatment at the hospital . 24
A.3.5 The value of the drug prescribed . 24
A.3.6 Returning home . 24
A.3.7 The home RFID environment . 24
A.3.8 Drug repeat prescription and out of date drug recycling . 25
Annex B Original Test Set ups and Results . 26
B.1 Test Area . 26
B.2 Equipment . 26
B.3 Overview of the Tests . 27
B.3.1 Introduction . 27
B.3.2 Range tests . 27
B.3.3 Write Tests . 27
B.3.4 Illicit Reading . 27
B.3.5 Eavesdropping . 28
B.3.6 Detection inside buildings . 28
B.3.7 Combined EAS/RFID systems . 28
B.4 Test procedures and results . 28
B.4.1 General . 28
B.4.2 Reading range . 30
B.4.3 Write range . 37
B.4.4 Illicit reading . 41
B.4.5 Eavesdropping . 46
B.4.6 Detection inside buildings . 47
B.4.7 Combined EAS/RFID system . 48
B.5 Analysis of results . 48
B.6 Conclusions . 49
Annex C Additional Test Set ups and Results . 50
C.1 Introduction . 50
C.2 Scope of tests . 50
C.3 Documenting the results . 50
C.4 Equipment required for additional tests . 50
C.5 Description of tests . 51
C.5.1 Activation distance for HF system . 51
C.5.2 Activation distance for UHF system . 52
C.5.3 Eavesdropping tests for HF system . 53
C.5.4 Eavesdropping tests for UHF system . 55
C.6 Test results . 56
C.6.1 Equipment utilised during the tests . 56
C.6.2 Description of Tests .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.