rfid - copy

Radio frequency Identification

Transforming Live, Inventing Future

A Seminar Report On

RFID

-Radio-Frequency Identification

By

KRUNAL PAVAR

DEPARTMENT OF COMPUTER ENGINEERING [2011-12]

1


A Seminar Report On

RFID-Radio-Frequency IdentificationIn partial fulfillment of requirements for the degree of

Bachelor of Engineering In Computer Engineering

SUBMITTED BY:

KRUNAL PAVARUnder the Guidance ofMr. DEVENDRA THAKOR

2


CERTIFICATEThis is to certify that the Seminar entitled RFID - Radio-Frequency Identification has been submitted by KRUNAL S. PAVAR under my guidance in partial fulfillment of the degree of Bachelor of Engineering in Computer Engineering of Gujarat Technical University during the academic year 2011-2012 (Semester-V).

Date: Place: Bardoli. Head, Computer Department ( )

I/c Principal (Dr. Jatin Desai)

3


AcknowledgementWe would like to take this opportunity to bestow our acknowledgement to all the persons who have directly or indirectly availed us in guiding our seminar. We are grateful to our college and university for giving us the opportunity to give seminar on this topic which will be the building a step for our bright future. The assiduous help presumed by Mr. DEVENDRA THAKOR - our seminar guide was the inevitable part of the successful consummation of our seminar. We sincerely thank him for his guidance and helpfulness through the hard and easy timing during the preparation of the seminar.

KRUNAL PAVAR

4


Sr. No1 1.1 Introduction What is Phishing?

Topic Name

Page No1 1 2 3 4 4 5 6 9 10 11 13 13 15 15 18 18 22 24 25 5

Early Phishing on AOL 1.2 Who is behind phishing & why? 1.3 2 2.1 Cross Site Scripting 2.2 Observing Customer Data 2.3 Rock Phish Kit 2.4 Spear Phishing 2.5 3 4 4.1 5 5.1 Technical Responses 5.2 Anti Phishing Software 5.3 6 8 9 What to do after being suffered Anti Fraud Organization Conclusion Preventive Measures (Anti Phishing) Social Responses How to spot Phishing Scam Recent Phishing Attempts Paypal Phishing Example Phishing Techniques Man in the Middle Attack


1. INTRODUCTIONWHAT IS RFID?RFID stands for Radio-Frequency Identification. The acronym refers to small electronic devices that consist of a small chip and an antenna. The chip typically is capable of carrying 2,000 bytes of data or less. The RFID device serves the same purpose as a bar code or a magnetic strip on the back of a credit card or ATM card; it provides a unique identifier for that object. And, just as a bar code or magnetic strip must be scanned to get the information, the RFID device must be scanned to retrieve the identifying information. It merely identifies the individual object not merrily only the type like barcode(one code for all one type of product) It Works on the basis of radio waves that are the part of electro-magnetic spectrum. Electro magnetic spectrum governs by Federal Communications Commission in U.S. and ETSI in Europe. RFID uses from that * L.F. :- 125 KHZ 134 KHZ * H.F :- 13.56 MHZ * UHF :- 860 MHZ 930 MHZ Choice of frequency by the manufacturer of the RFID on the basis of the how well is signal propagates in the Specific environment. Frequency also influences the size of the antennas and what power transmission levels can be used.

6


2. How RFID WorksHow does RFID work? A Radio-Frequency Identification system has three parts:

A scanning antenna A transceiver with a decoder to interpret the data A transponder - the RFID tag - that has been programmed with information.

The scanning antenna puts out radio-frequency signals in a relatively short range. The RF radiation does two things:

It provides a means of communicating with the transponder (the RFID tag) AND It provides the RFID tag with the energy to communicate (in the case of passive RFID tags).

(block diagram)

Antenna Asset/Tag AssetTa g Insert TCP/IP

Reader

Firmware

HostCustomers MIS Application Software

~Power

API

7

Radio frequency Identification This is an absolutely key part of the technology; RFID tags do not need to contain batteries, and can therefore remain usable for very long periods of time (maybe decades).

The scanning antennas can be permanently affixed to a surface; handheld antennas are also available. They can take whatever shape you need; for example, you could build them into a door frame to accept data from persons or objects passing through. When an RFID tag passes through the field of the scanning antenna, it detects the activation signal from the antenna. That "wakes up" the RFID chip, and it transmits the information on its microchip to be picked up by the scanning antenna. In addition, the RFID tag may be of one of two types. Active RFID tags have their own power source; the advantage of these tags is that the reader can be much farther away and still get the signal. Even though some of these devices are built to have up to a 10 year life span, they have limited life spans. Passive RFID tags, however, do not require batteries, and can be much smaller and have a virtually unlimited life span. RFID tags can be read in a wide variety of circumstances, where barcodes or other optically read technologies are useless.

The tag need not be on the surface of the object (and is therefore not subject to wear) The read time is typically less than 100 milliseconds Large numbers of tags can be read at once rather than item by item.

8


APPLICATION

INTERROGATORDecoder Encoder

RF TAG

AIR INTERFACECOMMANDS

DEVICE COMMANDS APPLICATION COMMANDS APPLICATION RESPONSES DEVICE RESPONSES Logical Memory Command / Response Unit Tag Driver and Mapping Rules

Tag Physical Memory Logical Memory Map

3. How is RFID used inside a living body?9

Application Program Interface Application Program Interface

RESPONSES

DATA PROTOCOL PROCESSOR

PHYSICAL INTERROGATOR

ISO/IEC 15961

ISO/IEC 15962

ISO/IEC 15962 Annexes

Note: The Logical Memory Map in the Tag Physical Memory is given by the Tag architecture and the mapping rules in the Tag Driver. All the information in ISO/IEC 18000Memory is the Logical represented in the Logical Memory Map


RFID devices that are intended to be implanted inside a living body (like an animal or human being) have special requirements. They need to be encased in a special kind of casing that will not irritate or react with the living tissues that they are inserted into. The casing must also be transparent to the scanning radio-frequency beam that activates the chip. Some RFID vendors have created biocompatible glass for use in these applications. One potential problem with being placed within a living organism is that the tiny RFID device may move around under the skin. This can be avoided by using special materials that actually let the surrounding tissue grow up to the casing and bond with it. Because the radio-frequency waves that activate the microchip containing the identification number are only useful within a few feet (or less), the RFID chip is typically inserted very close to the surface of the skin. The placement of the device is usually done with a hypodermic-type needle. This method of insertion also dictates the shape and size of the device; implantable RFID devices are typically the size and diameter of a grain of rice. For dogs, the device is usually implanted between the shoulder blades. RFID tags have been placed inside cows; some discussion of having all cows implanted with RFID devices has resulted from the recent scare with mad cow disease. Dog owners have used RFID tags to identify their pets rather than tattoos (the more tradition

4. Is RFID Technology Secure and Private?10


Unfortunately, not very often in the systems to which consumers are likely to be exposed. Anyone with an appropriately equipped scanner and close access to the RFID device can activate it and read its contents. Obviously, some concerns are greater than others. If someone walks by your bag of books from the bookstore with a 13.56 MHz "snifter" with an RF field that will activate the RFID devices in the books you bought, that person can get a complete list of what you just bought. That's certainly an invasion of your privacy, but it could be worse. Another scenario involves a military situation in which the other side scans vehicles going by, looking for tags that are associated with items that only high-ranking officers can have, and targeting accordingly. Companies are more concerned with the increasing use of RFID devices in company badges. An appropriate RF field will cause the RFID chip in the badge to "spill the beans" to whomever activates it. This information can then be stored and replayed to company scanners, allowing the thief access - and your badge is the one that is "credited" with the access. The smallest tags that will likely be used for consumer items don't have enough computing power to do data encryption to protect your privacy. The most they can do is PIN-style or passwordbased protection.

5.History of RFID

11

Radio frequency Identification As we said that RFID had its origin in world war 2 ,and this is true . But it is very different from the RFID Today. First u.s Pattern for an active tag with rewritable memory Mario cardullo in 1973 Patterned for transponder for unlock a door without a key - charles Walton 1973 To secure nuclear materials and track cows Los Alamos National Laboratory IBM Engineers patented a UHF system for RFID in 1990 and sold that to Interact ,barcode system vendor. Team who tried to put low cost tags Dr. Sanjay sarma a robotic researcher at the Massachusetts Institute of technology(MIT) was researching the possibility of putting low cost tags on all products and tracking them through the supply chain. He and his colleague David Brock recognized that high cost of the tags was keeping adoption rates low. They received first support from the Kevin Ashton of Protector and Gamble . Then they were joined by the father of the barcode Alan Hagerman. And they both agreed to launch the Auto id center at MIT with funding from the UCC , Gillette, p & g center was launched in 1999. The breakthrough idea was the marriage of low cost chips and ubiquitous (everywhere) networks. Alien technologies (inexpensive chips) + Raise Corporation (inexpensive antennas) and announced that low cost tag is possible. In the previous days there are no industry standards for the RFID so tag of one mfg. can not be detected by the reader of the different mfg , but now it is solved after 2004 since when gen -2 tags where came in existence.

12


5.1 Changes came in RFID technology ID System due to introduction of generation - standards It establishes a single UHF specification so gen-2 reader can read all compliant tags. Products built to the gen-2 standards are expected to work with each other in any area of the world. Provides increased security due to advanced encryption technology in gen-2 standards. Provides faster read speeds .

5.2 New features of Gen-2 ID System Faster and more flexible read speeds 13

Radio frequency Identification Robust tag counting Dense reader operating modes to mitigate reader interference. Reader session to manage parallel counting by multiple readers. Enhanced security and privacy Extensibility to higher function systems.

Very Important Clause Of EPC GLOBAL for RFID SystemThat the technology will not be used to tag human beings except in two scenarios : Hospitals and Defense. In December 2004, EPC Global approved and released its second generation that makes possible the interoperability of EPC Systems and creates single converged standard.

EPCManage by EPC Global Organization Electronic product code that replace UPC universal product code used in Bar Code. Total of 96 bits 14

Radio frequency Identification 28 bits of General Manager number 24 bits of object class 36 bits of serial number 8 bits of header for uniqueness This allow total 30,939,155,745,879,204,468,201,375 Unique item under the EPC System Protocols Defined by the EPC Global and ISO Protocol EPC Generation 1 Class 0 EPC Generation 1 Class 1 EPC Generation 2.0 Class 1 Write once read many write once read many Capabilities Read Only, Preprogrammed

6 . Architecture Tag Middle Ware Reader : Queries the tag to obtain information. 15


Tag

16


Tag conforms to the international organization for standardization(ISO)/IEC 14443 standard ,uses Triple data encryption standards and SHA-1 cryptography and operates at 13.56 MHz. Tag contains Encoding /Decoding Circuiting Memory Antenna Power Supply Communication Controls RFID units are in a class of the radio devices known as transponders. Transponder = Transmitter + Receiver

How tag works in RFID system?

17

Radio frequency Identification Transponder listens for a radio beacon and sends a beacon of its own as a reply. More Complicated systems may transmit a single letter or digit back to the source, or send multiple strings of letters and numbers. Advance systems may do a calculation or verification process and include encrypted radio transmission to prevent eavesdroppers from obtaining the information being transmitted.

Various Forms of the tag :Chip: Smallest unit of the tag Tag : Used for the larger devices Label: used for the devices that contain an RFID device

Passive Tags:Near field:

no battery or other power source Contains resonant circuit capable of enough power to the tag so that it can

absorbing power from The Readers antenna. supplies . send a Response.

Active Tags:

owns power source usually an internal battery

Semi Passive Tags:

Tags have a battery to power the memory circuitry ,rely on near

field to power the radio circuits during receiving and sending data.

Chip less tags:

they have no integrated circuit instead they encode unique patterns

encode the data that is Reflected back to readers chip less tags are read only the data is permanent. It is very chip Compare to other types of the tags. Drawback is that no international standards for chip less Tags up to 30% of rfid tag is of this type. Uses surface acoustic wave technology, by this read range can be extended up to 100 feet. 18


Tags classified by programming methodspre-encoded tags 19

Radio frequency Identification write once read many erasable tags read write tags data base on tags : containing the entire data record pertaining to a particular item. Tags classified by physical form factors Inlays , adhesive inlays , labels or as converted products.

Variations:Memory Size (16 bits - 512 k Bytes +) Read-Only, Read/Write or WORM Arbitration (Anti-collision) Ability to read/write one or many tags at a time Frequency 125KHz - 5.8 GHz Physical Dimensions Thumbnail to Brick sizes Price ($0.50 to $250)

20


The Tags

Tags can be attached to almost anything: Products like food packet, cosmetics.. vehicles company assets or personnel items such as luggage, laundry people, livestock, or pets high value electronics

such

as computers, TVs.

Middleware21

Radio frequency Identification This is the software manages the readers and the data coming from the tags and passes it to the backend database system. Reader Middleware backend Function such as basic filtering and data integration and control. Back end : Sql , Mysql, Oracle..

READER (Interrogator or transceivers) Antenna System interface : RS 232 serial port or Ethernet jack Cryptographic encoding and decoding circuitry Power supply or battery Communication control circuitry Antenna : Reader having integrated antenna : Hand held devices Larger System : separate antenna . Readers and in particular their antenna arrays can be different sizes from postage stamp sized to large devices with panels that are several feet wide and high.

22


Readers (interrogators) can be at a fixed point such as Entrance/exit Point of sale Warehouse Readers can also be hand-held, or wireless

Wireless

Batch

Fixed Station

23


Applications Tracking and tracing of items: Airline baggage , items in inverntory, shiping containers etc Electronic payment: automatic toll payment , automatic payment for the fuel ex. Petrol pumps. Access control : mostly used to differentiate people base on their post ex. Card swap system Also used in military operation along with biometric data, nuclear and chemical plants Telemetric : this was introduced in April 2004 aimed at bringing greater safety and new wireless ] Application to u.s. roads. Works on the platform called dedicated short range Communication. set aside a 75-MHz block of radio bandwidth and operates at 5.9 GHz

24


Portal applications

Bill of Lading Material Tracking

25


Limited number items at forklift speeds 8 X 10 doorways Electronic receipt & dispatch Wrong destination alert Electronic marking Pallet/container item tracking

26


Conveyor/assembly line

Read / Write Operations Less human power required Higher Accuracy than Bar Code

RFID in library27


Radio Communication Risks

28

Radio frequency Identification Interference : when encounters other radio transmissions on the same or nearby frequencies

from other electrical equipment such as other readers ,fluorescent lights ,bug zappers ,malfunctioning or poorly shielded equipment ,spark plugs or cordless telephones . Most cordless telephones today work at 900 MHZ which can cause interference with UHF RFID readers. Others work at 2.45 GHZ, which can interfere with microwave RFID readers. Attenuation : opaque objects and materials located between source and receiver will weaken

the signal further thus increasing attenuation. Multi path distortion : Occurs when radio waves reflects off nearby objects such as walls ,furniture ,appliances coins in u r pocket , or forklifts . Several copies of the same signal can reach the receiver at slightly different times, creating reception problems . In a related scenario , two or more tags may send signal on the same frequency to a reader ,which can create delays on the same frequency to a reader , which can create delays. this occurs because neither signal is received correctly and both must be resent. This can be managed by careful design. Placement and tuning antennas, analysis of ambient electronic noise ,location of antennas and readers ,management of traffic around read zones ,careful setting power levels ,and of course ,selection of equipment and tag performance all play a role.

Frequency selectionREAD RANGE 29

Radio frequency Identification READ SPEED COST ABILITY TO PENETRATE OPAQUE MATERIALS Retailer mandates in us and Europe specified a system conforming to EPC global s standards. Uhf passive tags in specified way. U.S. DOD EPC global system for item level tagging and nonstandard active tags for pallets and cases. Boeing : no commercially available tags meet their requirements. Boeing has announced that Intelleflex will provide the tags they have specified. IATA : specification for baggage handlings using UHF tags and ISO-18000-6-c standards for air interface and ISO 15692 to describe data compression and the tags command set. Food and drug administration : UHF and HF BOOK Industry standards development : EPC Global UHF RFID systems.

Possible attacks on rfid system tags Spoofing 30

Radio frequency Identification Insert Replay Dos Manipulating tag data RF Dump by Lukas Grunwald in 2004 Written in suns Java language Scan thru ACG brand reader attached to the serial port of a computer. RF Dump PDA for use on PDAs such as HP iPAQ pocket pc. Written in Perl and run on pocket pcs running on the Linux operating system. Attack on Middleware Occur at any point between the reader and the backend. Weakest point is the LAN. Sniffing valid data use in replay attack , or injecting data into the LAN causing a DOS attack . Also allow unauthorize transmissions. Attack on Backend Less prone to attack Blended attack : attacker attack the RF interface of a retailer with a custom virus tag , which might be tunnel through the Middleware ,ultimately triggering the backend to dump credit card numbers to an unknown internet site via an anonymous server. Per tag .40 to .70 $ It merely depends more on the area of its application and how far it will able to read the tags. Return on investment Team who tried to put low cost tags Dr.Sanjay sarma a robotic researcher at the Massachusets Institute of technology(MIT) was researching the possibility of putting low cost tags on all products and tracking them through the supply chain. He and his colleague David Brock recognized that high cost of the tags was keeping adoption rates low. They received first support from the Kevin Ashton of Protector and Gamble . Then they were joined by the father of the barcode Alan Haberman. And they both agreed to launch the Auto id center at MIT with funding from the UCC , Gillette, p & g center was launched in 1999. The breakthrough idea was the marriage of low cost chips and ubiquitous (everywhere) networks.

31

Radio frequency Identification Alien technologies (inexpensive chips) + Rafsec Corporation (inexpensive antennas) and announced that low cost tag is possible. References RFID Security by Frank Thornton,John Kleinschmidt, Brad hains, Anand M.Das, Hersh Bhargava , Anita Campbell Site : www.syngress.com , Book id in our library : 005.8 THO T002933 RFID Implementation by Dennis E. Brown President , Rfid Runner Tata McGraw-Hill Edition , Book id in our library : 658.787 BRO T0028684 Proceeding of manlibnet (national level conference held at nirma for library science)

Advantages

32

Radio frequency Identification RFID tags and barcodes both carry information about products. However, there are important differences between these two technologies:

Barcode readers require a direct line of sight to the printed barcode; RFID readers do not require a direct line of sight to either active RFID tags or passive RFID tags. RFID tags can be read at much greater distances; an RFID reader can pull information from a tag at distances up to 300 feet. The range to read a barcode is much less, typically no more than fifteen feet.

RFID readers can interrogate, or read, RFID tags much faster; read rates of forty or more tags per second are possible. Reading barcodes is much more time-consuming; due to the fact that a direct line of sight is required, if the items are not properly oriented to the reader it may take seconds to read an individual tag. Barcode readers usually take a half-second or more to successfully complete a read.

Line of sight requirements also limit the ruggedness of barcodes as well as the reusability of barcodes. (Since line of sight is required for barcodes, the printed barcode must be exposed on the outside of the product, where it is subject to greater wear and tear.) RFID tags are typically more rugged, since the electronic components are better protected in a plastic cover. RFID tags can also be implanted within the product itself, guaranteeing greater ruggedness and reusability.

Barcodes have no read/write capability; that is, you cannot add to the information written on a printed barcode. RFID tags, however, can be read/write devices; the RFID reader can communicate with the tag, and alter as much of the information as the tag design will allow.

RFID tags are typically more expensive than barcodes, in some cases, much more so.

Advantage over barcode

33

Radio frequency Identification Dynamic data Line of sight Read range Storage capacity Multiple reads Survivability Programmability Accuracy Serialization Read rates In the previous days there are no industry standards for the RFID so tag of one mfg. can not be detected by the reader of the different mfg , bcoz different mfg. are using the same frequency and encoding technique.

Common Problems with RFIDSome common problems with RFID are reader collision and tag collision. Reader collision occurs when the signals from two or more readers overlap. The tag is unable to respond to simultaneous queries. Systems must be carefully set up to avoid this problem. Tag collision occurs when many tags are present in a small area; but since the read time is very fast, it is easier for vendors to develop systems that ensure that tags respond one at a time. Security, privacy and ethics problems with RFID The following problems with RFID tags and readers have been reported. The contents of an RFID tag can be read after the item leaves the supply chain An RFID tag cannot tell the difference between one reader and another. RFID scanners are very portable; RFID tags can be read from a distance, from a few inches to a few yards. This allows

34

Radio frequency Identification anyone to see the contents of your purse or pocket as you walk down the street. Some tags can be turned off when the item has left the supply chain; see zombie RFID tags. RFID tags are difficult to remove RFID tags are difficult to for consumers to remove; some are very small (less than a halfmillimeter square, and as thin as a sheet of paper) - others may be hidden or embedded inside a product where consumers cannot see them. New technologies allow RFID tags to be "printed" right on a product and may not be removable at all (see Printing RFID Tags With Magic Ink). RFID tags can be read without your knowledge Since the tags can be read without being swiped or obviously scanned (as is the case with magnetic strips or barcodes), anyone with an RFID tag reader can read the tags embedded in your clothes and other consumer products without your knowledge. For example, you could be scanned before you enter the store, just to see what you are carrying. You might then be approached by a clerk who knows what you have in your backpack or purse, and can suggest accessories or other items. RFID tags can be read a greater distances with a high-gain antenna For various reasons, RFID reader/tag systems are designed so that distance between the tag and the reader is kept to a minimum (see the material on tag collision above). However, a high-gain antenna can be used to read the tags from much further away, leading to privacy problems. RFID tags with unique serial numbers could be linked to an individual credit card number At present, the Universal Product Code (UPC) implemented with barcodes allows each product sold in a store to have a unique number that identifies that product. Work is proceeding on a global system of product identification that would allow each individual item to have its own number. When the item is scanned for purchase and is paid for, the RFID tag number for a particular item can be associated with a credit card number.

35


COSTTo setup RFID technology in a library with 25000 books it costs nearly 1,50,000 Rs. To setup RFID technology for one distribution centre it nearly cost 4,00,00,000 Rs. It merely depends more on the area of its application and how far it will able to read the tags

Reference:RFID Security by Site: www.syngress.com RFID Implementation by www.rfidgazette.org www.rfidbuzz.com www.rfidvirus.org 36


37

rfid - copy

Documents

rfid radio

rfid radio

rfid chip

rfid device

rfid workshow

radiofrequency signals

technology rfid tags

active rfid tags