RSA Security to unveil a ''Blocker tag''
February 23, 2004
eweek.com: RSA Keeps RFID Private:
RSA Security Inc. will unveil a finished version of its RFID "Blocker Tag" technology that prevents radio-frequency identification tags from being read.The Spy blog explains how such a device could work:
The technology, which RSA plans to demonstrate at its namesake conference this week in San Francisco, is one of the industry's first attempts to secure the anticipated oceans of consumer tracking data to be gathered by the tiny radio-powered tags. [...]
How does the reader distinguish one RFID tag from its neighbours within range ? The reader interrogates the RFID tags to ask "whose serial number starts with a 1 in the first position ?" Those RFID tags which do not meet this test then remain silent, and ignore the rest of the interrogation sequence, whilst the rest of them transmit a "yes that is correct" answer back to the reader and then await a similar question about the next digit in their binary serial number. The process is repeated until the reader has identified each of the RFID tags in range.There is a paper published at the RSA Labs' homepage explaining the process in more detail:
The idea of RSA Labs RFID blocker device is to essentially construct an RFID tag (or more probably something somewhat larger and more expensive at this stage) which mimics the "yes" answers transmitted by the RFID tags when the reader asks about a particular digit of the RFID tag's serial number.
If the RFID tag blocker device always answers "yes", or answers "yes" in a random manner, then the RFID reader believes that there are thousands or millions of RFID tags within range and cannot reliably distinguish between any real RFID tags that you are carrying and the false RFID tag serial numbers it is apparently reading.
Authors: Ari Juels, Ronald L. Rivest and Michael Szydlo
Abstract: We propose the use of "selective blocking" by "blocker tags" as a way of protecting consumers from unwanted scanning of RFID tags attached to items they may be carrying or wearing. While an ordinary RFID tag is a simple, cheap (e.g. five-cent) passive device intended as an "electronic bar-code" for use in supply-chain management, a blocker tag is a cheap passive RFID device that can simulate many ordinary RFID tags simultaneously. When carried by a consumer, a blocker tag thus "blocks" RFID readers. It can do so universally by simulating all possible RFID tags. Or a blocker tag can block selectively by simulating only selected subsets of ID codes, such as those by a particular manufacturer, or those in a designated "privacy zone."
We believe that this approach, when used with appropriate care, provides a very attractive alternative for addressing privacy concerns raised by the potential (and likely) widespread use of RFID tags in consumer products.
We also discuss possible abuses arising from blocker tags, and means for detecting and dealing with them.
Posted by andersja