UMass Amherst Research Advances RFID Security

Three researchers at the University of Massachusetts Amherst have come up with a way to improve security on RFID devices using existing technologies and without increasing the size of the small gadgets.

RFID tags are used in a wide range of applications today, from building security to inventory tracking. They use passive systems that respond to radio antennas that read their memory. According to a release from UMass Amherst, "This technology, while convenient, can be susceptible to breaches in security; for example, credit cards that use RFID technology are vulnerable to thieves who, with the appropriate equipment, can read information from the card without the victim ever taking it out of a pocket."

In order to combat this, the UMass Amherst researchers--Wayne Burleson, Kevin Fu, and Dan Holcomb--came up with a method that uses random numbers so that each message transmitted by an RFID tag is unique. It uses "specialized software" that allows tag readers to "extract unique data from the tags' existing hardware."

“We believe we’re the first to show how a common existing circuit can both identify specific tags and protect their data,” Burleson said in a prepared statement. “The key innovation is applying the technology to RFID tags, since they’re such tiny devices with very small memories. An RFID tag has the unusual property that it’s powered up and down by an external source because it doesn’t have a battery. We exploit the powering up process and allow the tag’s physical properties to do the work.”

According to the research, when powered up, RFID devices undergo a fluctuation in their memory cells unique to each individual device. Hence, individual devices can be identified, and cloned devices can be detected as such.

The researchers said their work is still preliminary. Further research will be conducted through a new collaboration between UMass Amherst's computer science and electrical and computer engineering departments, dubbed Trusted Reliable Embedded Networked Devices and Systems (TRENDS).

The research was originally published by the RFID Consortium for Security and Privacy (link below) following the Conference on RFID Security, which was held this summer.

Read More:

About the Author

David Nagel is the former editorial director of 1105 Media's Education Group and editor-in-chief of THE Journal, STEAM Universe, and Spaces4Learning. A 30-year publishing veteran, Nagel has led or contributed to dozens of technology, art, marketing, media, and business publications.

He can be reached at [email protected]. You can also connect with him on LinkedIn at https://www.linkedin.com/in/davidrnagel/ .


Featured