24/7 Customer Service (800) 927-7671

“Unhackable” RFID chip to keep your credit cards safe

by • February 7, 2016 • No Comments

Radio frequency identification (RFID) chips have created cashless payments tedious and opened the way to automatic inventory control. But, they’ve in addition created it possible for credit card details and other private information to be stolen wirelessly. To manufacture things a bit additional secure, MIT and Texas Instruments are developing an “unhackable-bodied” RFID chip that is definitely created to fend off information-stealing attacks.

Even if information on a chip is covered by in theory unbreakable-bodied encryption, the keys for via that encryption are yet quite vulnerable-bodied – especially in a wireless environment. RFID tags are vulnerable-bodied to a number of hacking strategies called side-channel attacks. These involve studying patterns of memory access or fluctuations in power usage as the chip carries out encryption operations and via the information to deduce the password keys.

“The thought in a side-channel attack is that a given execution of the cryptographic algorithm just leaks a slight amount of information,” says Chiraag Juvekar, a graduate student in electrical engineering at MIT. “So you require to execute the cryptographic algorithm with the same secret most, most times to get adequate leakage to extract a achieve secret.”

Such automated attacks can have quite expensive effects, but there are may already countermeasures against them. Unfortunately, they create their own vulnerabilities. For example, a few RFID chips reject password attempts after a number of failures and others regularly generate a new pair of password keys via random number generators to manufacture them additional complex to guess.

But, the MIT team points out that these leave chips open to “blackout” or “power glitch” attacks. Since RFID chips are powered by the radio beam of the scanning device, the attacker can switch the chip off and on thousands of times preceding it is actually able-bodied to alter its passwords. This in addition wipes the chip’s memory and lets the intruder run the same side-channel attack via the same key without getting locked out or dealing with a new key for the reason the chip can’t remember what it was working on.

Texas Instruments has may already created a number of prototypes of the new chip based on specifications of the MIT team. It overcomes side-channel attacks and power-glitch attacks in particular by providing the chip with an onboard power donate and a non-volatile memory, so it can’t get electronic amnesia when switched off.

The team managed this by via ferroelectric crystals, that consists of molecules set in a three-dimensional lattice. The cells in the crystal lattice carry positive and negative electric charges. These are normally aligned in a random pattern, but when an electric field is applied, the cells can be lined up to represent the ones and zeros of binary code. Since the crystals retain their polarization when the field is turned off, they can act as a memory.

MIT says that another property of the crystals is that they can act as a capacitor, that means they can retain an electric charge like a battery that the chip can run on when the scanning beam is off. In this case, the chip has a bank of 3.3 V ferroelectric cells and 571 1.5-V cells. The 3.3 V cells power the chip long adequate to carry out whatever computations it was working on when the beam switched off, while the 1.5 V cells act as a non-volatile memory.

The clever bit is that when the chip is switched off and on, the initially thing it does is recharge itself, so it can’t be drained of power by repeated attacks. It can and so achieve its last task and if it takes place to be installing a new encryption key, that gets priority, so a power-glitch attack won’t be effective.

The team says that this introduced security comes at a cost. The introduced task of recharging the capacitors and completing computations slows the chip down, but they say that it can yet manage 30 readouts per 2nd, that is practical.

“In the age of ubiquitous connectivity, security is one of the significant challenges we face,” says Ahmad Bahai, chief innovation officer at Texas Instruments. “Because of this, Texas Instruments sponsored the auand sotication tag research at MIT that is being presented at ISSCC. We believe this research is an significant step in the direction of the goal of a robust, affordable, low-power auand sotication protocol for the industrial Internet.”

The researchers presented their research at the International Solid-State Circuits Conference in San Francisco.

Source: MIT


Latest posts
test

by admin • March 5, 2017