6 August 2012—A new technology to be unveiled later this week at the USENIX Security Symposium creates a short-duration “clock” on batteryless radio-frequency identification (RFID) chips, rendering their cryptographic systems much less vulnerable to attack, the researchers say.
The clock operates over spans of seconds to minutes after an RFID chip is charged up from an RFID reader or other ambient radio-wave energy. As a result, even after the radio signal is removed, the clock endows the RFID chip with the ability to know when its security keys may be in danger.
Kevin Fu, professor of computer science at the University of Massachusetts Amherst, is one of the researchers behind Time and Remanence Decay in SRAM (TARDIS). “We’re using this circuit in a way that was designed to be memory, but we’re turning it into what’s effectively an hourglass,” says Fu, who developed the technology with five graduate students and faculty from UMass, Dartmouth College, and the University of California, Berkeley.
Fu says the inspiration for the discovery came from studies by Berkeley team member Dan Holcomb, who is a graduate student in Berkeley’s department of electrical engineering and computer sciences. Holcomb was exploring the properties of static RAM (SRAM), the main memory in microprocessors and a kind that loses its data when the power is off. He discovered that powered-down SRAM decays from its powered-up state in predictable patterns. If you gather enough SRAM bits, the group discovered, the statistics of the memory’s decay to its zero-power state enables it to be used as an ersatz hourglass.
Having a clock can be very useful in defending against brute-force attacks that may try to guess the chip’s passwords hundreds or thousands of times per second. A TARDIS-enabled chip—requiring no new hardware and representing fewer than 50 lines of additional code—would receive a power-up from, say, a nearby RFID reader. Instead of wiping the SRAM clean, the device would first read off the state of the SRAM, which would be partially decayed from the last time the chip was powered up. Comparing the percentage of decayed bits to a precompiled table would enable TARDIS to read off the time elapsed since the previous power-up.
How does that help? “There are different kinds of attacks,” says David Blaauw, professor of electrical engineering and computer science at the University of Michigan, who was not involved in the study. “But all of them involve repeated, multiple accesses. And the more you can access this thing quickly, the higher your chances are to crack it.”
If the time that TARDIS detects is seconds or more, the chip is probably safe. But if the time between power-ups is just milliseconds, and there have been many failed attempts to communicate with the chip within recent memory, then TARDIS would conclude the chip may be under attack.
Unlike cruder present-day RFID defense measures—such as France’s e-passports that punish every successive failed RFID read with an increasingly longer lag, causing frustrating wait times for travelers and customs officials—TARDIS would theoretically permit standard occasional communications but severely constrain the tsunami of failed attempts that are the hallmark of a hostile attack.
Fu says that the phenomenon of SRAM remanence is usually seen as a chip weakness that must be defended: Attackers may conceivably be able to read off some bits from a chip after its power shuts down. But, Fu says, “this is one of the first cases I’m aware of where SRAM remanence is a good thing.”
Battery- or capacitor-powered clocks might achieve the same end, but Srini Devadas, a professor of electrical engineering and computer science at MIT, says that adding them to an RFID chip that costs 5 U.S. cents would be too pricey. TARDIS, he says, represents a smart, zero-cost solution.
Dennis Sylvester, professor of electrical engineering and computer sciences at the University of Michigan, says the technology is still new enough for TARDIS to help increase the adoption of RFIDs in the world at large. “We need to be ahead of the curve and not wait for everybody’s smart credit cards to be cracked,” he says. “The companies that are going to put out RFID cards are going to need assurances that these things are safe. So I think TARDIS is more of a necessary condition for RFID applications to really take off.”
About the Author
Contributing editor Mark Anderson reported on You Tube’s film festival in the July 2012 issue of IEEE Spectrum. He is the author of The Day the World Discovered the Sun, which was the subject of an interview on Spectrum’s “Techwise Conversations” podcast.