April 13, 2006 2:20 PM PDT

RFID vulnerable to attacks, researchers say

Researchers say they have proven that effective attacks can be launched against radio frequency identification tags.

In tests, standard "Generation 1" RFID tags and readers were unable to function after they were overloaded with data, researchers at Edith Cowan University in Perth, Australia, said in a report published this month.

"Vulnerabilities in the newer UHF style of RFID tags have been found and are of concern for anyone trying to implement an RFID system that would have 'mission critical' or human life issues involved in it," warned academics in the SCISSEC research group at the university.

Although many companies are testing RFID tagging in their supply chain, the tags are not commonly used in life-critical situations. However, the tags are used by the U.S. military to track supplies.

"Generation 2" standard RFID tags could also be disrupted, according to the researchers. Generation 2 tags are more sophisticated than Generation 1 tags, and can operate at four different speeds.

RFID relies on tags being identified by readers when they are within range. Readers communicate with the tags by hopping between a number of channels within an allocated band of frequencies. It was thought this provided security because the reader could hop between frequencies when encountering interference.

In the tests, the Australian researchers saturated the frequency range used by the tags, which prevented the tags from talking to the readers. The Australian researchers said in their report that the use of frequency hopping would not stop denial-of-service attacks, as the tags themselves could not hop frequencies.

They demonstrated that from a range of about 3 feet, they could disrupt communications between tags and readers, putting the tag into a "communication fault state."

While the readers can hop frequencies in the allocated band range if they encounter interference, RFID tags cannot, as they regard the entire band as one channel.

Last month, Dutch researchers announced the successful creation of a virus capable of infecting RFID tags.

Tom Espiner of ZDNet UK reported from London.

See more CNET content tagged:
RFID, RFID tag, tag, researcher, frequency


Join the conversation!
Add your comment
Oh No
So they flood the spectrum the tags use to communicate and they are suprised when they dont work?

The same logic applies to any radio communications - flood the frequencies with noise and they dont work, its called radio jamming <a class="jive-link-external" href="http://en.wikipedia.org/wiki/Radio_jamming" target="_newWindow">http://en.wikipedia.org/wiki/Radio_jamming</a>
Posted by Aiing (1 comment )
Reply Link Flag
Jamming not the same thing
In jamming, when the frequencies are cleared, communications return to normal. In this case, the tags remain in a fault state even after the saturation is cleared.
Posted by Trane Francks (936 comments )
Link Flag
Knowing the security problem in UK; aRoboform genated password p2p (closed)
RFID is new to making a pledge to the Queen.
Posted by Pop4 (88 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.