News Category

Technical support

skype

email

phone

rfid163

tech@chafon.com

+8618620323425

Contact us

skype

email

phone

angela.chafon

sales@chafon.com

+86-15976893202

Alibaba

RFID News

From:chafanViews:275Date:2020-06-05

 A primary RFID security concern is the illicit tracking of RFID tags. Tags, which are world-readable, pose a risk to both personal location privacy and corporate/military security. Such concerns have been raised with respect to the United States Department of Defense's recent adoption of RFID tags for supply chain management.[90] More generally, privacy organizations have expressed concerns in the context of ongoing efforts to embed electronic product code (EPC) RFID tags in consumer products. This is mostly as result of the fact that RFID tags can be read, and legitimate transactions with readers can be eavesdropped, from non-trivial distances. RFID used in access control, payment and eID (e-passport) systems operate at a shorter range than EPC RFID systems but are also vulnerable to skimming and eavesdropping, albeit at shorter distance.

A second method of prevention is by using cryptography. Rolling codes and challenge-response authentication (CRA) are commonly used to foil monitor-repetition of the messages between the tag and reader; as any messages that have been recorded would prove to be unsuccessful on repeat transmission. Rolling codes rely upon the tag's id being changed after each interrogation, while CRA uses software to ask for a cryptographically coded response from the tag. The protocols used during CRA can be symmetric, or may use public key cryptography.

Unauthorized reading of RFID tags presents a risk to privacy. Unauthorized readers can potentially use RFID information to identify or track packages, consumers, carriers, or the contents of a package. Several prototype systems are being developed to combat unauthorized reading, including RFID signal interruption, as well as the possibility of legislation, and 700 scientific papers have been published on this matter since 2002. There are also concerns that the database structure of Object Naming Service may be susceptible to infiltration, similar to denial-of-service attacks, after the EPCglobal Network ONS root servers were shown to be vulnerable.