Implementation Attacks:

As with other areas in computer security the implementation of a marking system can provide more opportunities for attack than the marking technique itself. If the mark detection software is vulnerable it may be possible for attackers to deceive it.

Digimarc, one of the most widely used picture marking schemes was attacked using a weakness in the implementation. Users register an ID and password with the marking service. A debugger was used to break into the software which checks these passwords and disable the checking. The attacker can change the ID and this will change the mark of already marked images. The debugger also allowed bypassing of checks to see if a mark already existed and therefore allowed marks to be overwritten.

There is a general attack on mark readers which explores an image on the boundary between no mark having been found and one being detected. An acceptable copy of the image can be iteratively generated which does not include the mark.

Clearly the software used to implement steganographic techniques needs to be secure and ideas from other areas of computer security can be used to ensure this.

Text 5. Radio Frequency Identification (RFID)

I.Radio Frequency Identification (RFID) is a type of automatic identification system. The purpose of an RFID system is to enable data to be transmitted by a portable device, called a tag, which is read by an RFID reader and processed according to the needs of a particular application. The data transmitted by the tag may provide identification or location information or specifics about the product tagged, such as price, color, date of purchase, etc. The use of RFID in tracking applications first appeared during the 1980s even though RFID was developed by allied forces in WWII so radar operators could distinguish between friendly and enemy aircraft. A basic RFID system consists of three components: an antenna or coil, a transceiver (with decoder), a transponder (RF tag) electronically programmed with unique information. When an RFID tag passes through the electromagnetic zone, it detects the reader’s activation signal. The reader decodes the data encoded in the tag’s integrated circuit (silicon chip) and the data is passed to the host computer for processing. Principal areas of application for RFID that can be currently identified include: transportation and logistics, manufacturing and processing, security.

The basic feature of an RFID system is the automatic identification of items. In its simplest form, such identification can be binary, e.g., paid or not paid, useful for alerting. Modern tags allow hundreds of bits to be used for such an ID. There are four RFID use cases – alerting, monitoring, identification, and authentication – each can be subverted by a specific type of attack.

1. Authentication and Counterfeiting. Today, RFID-based smart-cards are already in widespread use as payment and travel systems, access control systems and most recently as national and international identification documents. In all cases, it is imperative that the authenticity of the RFID tag cannot be compromised. The widespread availability of writable or even reprogrammable tags means that the use of RFID alone does not offer enough protection from determined counterfeiters.

2.Identification and Sniffing. The core RFID privacy problem is that of unauthorized tag readout: with the help of wireless communication, third parties can in principle read the tags of personal items from large distances, and without any indication that such a readout is taking place. For example, we use RFID in travel documents, where a passport might disclose the citizenship of its bearer and thus allow the hacker to track its bearer. Clearly, this act of sniffing out the data on an RFID tag can only be prevented if tags disclose their identity only to authorized readers, i.e., those that are under the control of the item owner or another authorized party.

3.Monitoring and Tracking. It is important to realize that privacy can also be violated without actually identifying individual items. Once a specific tag or a set of tags can be associated with a particular person, the mere presence of this tag in a particular reader field already implies a location disclosure. And thus tags must either frequently update their ID in a non-predictable manner, or remain completely silent upon inquiries from illegitimate readers.

4.Alerting and Denial of Service. In its simplest form, an RFID tag simply announces its presence, e.g., to an anti-theft gate in a bookstore. Sold items get their embedded RFID tag killed at checkout so that only unpaid items will be detected. Current industry protocols already require compliant tags to offer a Kill-command that completely silences the tag once issued. Tag silencing offers significant privacy gains, yet it directly conflicts with many commercial security concerns, such as theft. A personal jamming device that prevents readers from “coming through” might work quite well.

II.Let’s classify the attacks which are possible to apply to RFID tags. We’ll divide them into 5 categories:

1. Physical Layer attacks. The physical layer in RFID communications is comprised of the physical interface and the RFID devices. This layer includes attacks that permanently or temporarily disable RFID tags as well as relay attacks. They are such attacks as Kill-command, passive interference, active jamming and relay attacks.

2. Network - Transport Layer attacks. This layer includes all the attacks that are based on the way the RFID systems are communicating and the way that data are transferred between the entities of an RFID network (tags, readers). It includes attacks on tags (cloning, spoofing), reader attacks (impersonation, eavesdropping) and network protocol attacks.

3.Application Layer attacks. This layer includes all the attacks that target information related to applications and the binding between users and RFID tags. Such attacks employ unauthorized tag reading, modification of tag data and attacks in the application middleware such as buffer overflows and malicious code injections.

4. Strategic Layer attacks. This layer includes attacks that target organization and business applications, taking advantage the careless design of infrastructures and applications. More specifically this layer includes competitive espionage, social engineering, privacy and targeted security threats.

5. Multilayer Attacks. A lot of attacks that target RFID communication are not confined to just a single layer. In this category attacks affect several layers including the physical, the network-transport, the application and the strategic layer. In particular this layer includes covert channels, denial of service, traffic analysis, crypto and side channel attacks.

Now we discuss possible ways to counter these attacks. In order to safeguard RFID systems against low-tech attacks such as permanently or temporarily disabling tags, traditional countermeasures should be used, such as increased physical security with guards, locked doors and cameras. Unauthorized use of KILL commands could be prevented, for example, with effective password management. For the protection against relay attacks possible approaches could be the encryption of the RFID communication or the addition of a second form of authentication such as a password or biometric information. However, this requirement definitely eliminates the convenience and advantages of RFID communication. Through appropriate data collection, it is possible to detect cloned RFID tags. Alternatively, cloning attacks can be mitigated via challenge response authentication protocols. These should also support robust anti-brute force mechanisms. In order to defend against passive eavesdropping attacks encryption mechanisms could be used to encrypt the RFID communication. Spoofing and impersonation could be combated by using authentication protocols or a second form of authentication such as one-time passwords, PINs or biometrics. Network protocol attacks could be countered by hardening all components that support RFID communication, using secure operating systems, disabling insecure and unused network protocols and configuring the protocols used with the least possible privileges. In order to defend against unauthorized tag reading and tag modification on the Application Layer, controlling access to RFID tags should be our focus. One approach proposed was the use of aluminum-lined wallets to protect RFID payment cards and e-passports against unauthorized reading. However since the sniffing of confidential data can nevertheless be performed at the time of actual use, the approach does not seem to be very effective. Encryption techniques, authentication protocols or access control lists may provide an alternative solution. More specifically, approaches based on symmetric key encryption, public key encryption, hash functions, mutual authentication or even non-cryptographic solutions such as pseudonyms, have been proposed. Attacks in Strategic Layer Attacks layer can be defended by using any of the countermeasures employed against attacks included in the other layers. More precisely, for privacy and targeted security threats a broad range of technical solutions have been proposed, including killing or temporarily silencing tags, blocking access to unauthorized readers, relabeling or clipping tags, using pseudonyms, distance measurement and encryption techniques. Covert channels attacks are difficult to detect and defend against. The owners and users of RFID tags have no knowledge that their tags have been compromised and that they are used for a covert channel attack. Foiling these attacks is an open research issue. However, a possible mechanism to combat them should focus on reducing the availability of memory resources in an RFID tag. Denial of Service attacks and traffic analysis are severe security threats in all types of networks including wired. While theoretically these types of attacks can be countered the scarce resources of RFID tags make their defense problematic and remain an open research issue. Crypto attacks can be eliminated through the employment of strong cryptographic algorithms following open cryptographic standards and using a key with sufficient length.

Due to the increasingly wider deployment of RFID systems, their security is more critical than ever. In this paper, we tried to discover some structure within the universe of possible attacks that can affect such systems. By considering the point of attack, its systemic effects and countermeasures jointly, we can obtain a more coherent view of the threats and what must be done to counter them. In this paper, we classified attacks based on the layer that each is taking place and we discussed possible countermeasures that can be used to combat these attacks. We discriminated them to attacks deployed in the physical layer, the application layer, the strategic layer and multilayer attacks. Finally, we point out for which attacks further research is necessary in order to achieve adequate defense against them.