Paper 2007/330
Remote Power Analysis of {RFID} Tags
Yossi Oren
Abstract
We describe the first power analysis attack on passive RFID tags. Compared to standard power analysis attacks, this attack is unique in that it requires no physical contact with the device under attack. The power analysis can be carried out even if both the tag and the attacker are passive and transmit no data, making the attack very hard to detect. As a proof of concept, we use power analysis to extract the kill passwords from Class 1 EPC tags operating in the UHF frequency range. Tags from several major vendors were successfully attacked. Our attack can be extended to HF tags and to remote fault analysis. The main significance of our attack is not in the discovery of kill passwords but in its implications on future tag design -- any cryptographic functionality built into tags needs to be designed to be resistant to power analysis, and achieving this resistance is an undertaking which has an effect both on the price and on the performance of tags. (this is my Master's thesis, carried out under the supervision of Prof. Adi Shamir. It may be considered as the extended version of the article "Remote Password Extraction from RFID Tags", recently published in IEEE Transactions on Computers and indexed as http://dx.doi.org/10.1109/TC.2007.1050 or as http://ieeexplore.ieee.org/iel5/12/4288079/04288095.pdf)
Metadata
- Available format(s)
-
PDF
PS
- Publication info
- Published elsewhere. Remote Password Extraction from RFID Tags, IEEE Transactions on Computers 56(9):1292--1296, September 2007
- Keywords
- cryptanalysispower analysisside-channel attacksRFID
- Contact author(s)
- yossi oren @ weizmann ac il
- History
- 2007-08-22: received
- Short URL
- https://ia.cr/2007/330
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2007/330,
author = {Yossi Oren},
title = {Remote Power Analysis of {{RFID}} Tags},
howpublished = {Cryptology {ePrint} Archive, Paper 2007/330},
year = {2007},
url = {https://eprint.iacr.org/2007/330}
}
