• No results found

Implementing high-level Counterfeit Security using RFID and PKI

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Implementing high-level Counterfeit Security using RFID and PKI"

Copied!
19
0
0

Loading.... (view fulltext now)

Download now ( 19 Page )

Full text

(1)

Implementing high-level Counterfeit

Security using RFID and PKI

Drugs as example products

“RFID SysTech 2007” June, 13 Andreas Wallstabe, Hartmut Pohl

(2)

• Counterfeit Security

• Technologies RFID, PKI

• Anti-Counterfeiting by RFID and PKI

• Implementation, Hardware configuration

• Review und Future

(3)

Implementing high-level Counterfeit Security

Technology RFID / PKI

Anti-Counterfeit by RFID and PKI

Implementation/ Hardware

configuration

Review and Counterfeit

Security

Damage estimation of counterfeit drugs

Active substance concentration in Suspected

damage:

100%

0%

|

ÆHarmful ingredients (below 0%) Consumer (health) Company (financial)

Counterfeit drugs of

35 billion $ US in 2005

(4)

Implementing high-level Counterfeit Security

Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit Security Anti-Counterfeit by RFID and PKI

Counterfeit security

• Validation of an supposed identity by special features

• The counterfeiting effort must be worth more than the

feasible benefit and profit of the counterfeiter

Æ

Counterfeit secure

• Benefit/Profit:

– Financial

– Authority, Respect

– Damage against other

(5)

Counterfeit security rating

Implementing high-level Counterfeit Security

Kind of anti counterfeit feature

overt covert forensic

Authentication effort, Anti-counterfeit level

high

low print, holography, water mark

micro color particle, micro text, UV light

isotopes consistency, spectrum, DNA Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit Security Anti-Counterfeit by RFID and PKI

(6)

Implementing high-level Counterfeit Security

Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit Security

RFID Radio Frequency Identification

• Physical security

Static analysis:

Dummy-Structures / Memory usage / Protection layers / Scrambling

Dynamic analysis:

Passive monitoring / Voltage monitoring/

Frequency monitoring / Different kinds of memory

• Software security

Test routines for hard- and software/ Checksums/ Encapsulating / Deactivation / General processes Anti-Counterfeit

(7)

Implementing high-level Counterfeit Security

Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit Security

RFID Radio Frequency Identification

• Security aspects

+ considered: Transponder, Data transmission to the reader device

– not considered: Reader device, System development, Production,

Application, Social aspects

Anti-Counterfeit by RFID and PKI

(8)

PKI Public Key Infrastructure

• Public Key Infrastructure

– public verifiable (for everybody)

• Asymmetric encryption

• Digital signature

– Like a signature by hand (Germany 2001)

– Enables reliability Æ Authentication

Implementing high-level Counterfeit Security

Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit Security Anti-Counterfeit by RFID and PKI

(9)

Implementing high-level Counterfeit Security

Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit Security

Counterfeit security by RFID and PKI

• Available technologies

– TI and VeriSign

– Patent “product security system”

– Using transponder as memory

– Easy to clone

• Intelligent combination

– Storing the signature on the transponder

– Transponder becomes an intelligent part of the system

– Transponder is able to authenticate itself

Anti-Counterfeit by RFID and PKI

(10)

Counterfeit security by RFID and PKI

• Security rating of the combination

– Attacks: Communication/ Key/ Algorithm /Physically

• Resistance of RSA

(has to be verified continuously)

Implementing high-level Counterfeit Security

Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit Security Anti-Counterfeit by RFID and PKI

(11)

Hardware

• Microcontroller ATAM893

– 4-Bit, 4-KByte ROM, Current consumption 20μA

• Transponderinterface U3280M

– Contact less communication, Power supply

• Connection of components

– Adapter, Antenna, Capacitor, Starter-Kit T4xCx92

Implementing high-level Counterfeit Security

Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit Security Anti-Counterfeit by RFID and PKI

(12)

Implementing high-level Counterfeit Security

Transponder Components

Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit Security Anti-Counterfeit by RFID and PKI

(13)

Software

• qForth and MARC 4 are stack oriented

• 4-Bit Microcontroller, no libraries for multiplication with overflow,

Modulo, Encryption

• Rare resources, proper signature generation

• RSA algorithm for a 8-Bit signature / key realized

• Program sequence

– Receiving challenge / Signature generation (RSA) / Send response

Implementing high-level Counterfeit Security

Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit Security Anti-Counterfeit by RFID and PKI

(14)

Implementing high-level Counterfeit Security

Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit

Security

Use Case Example

• Transponder with RSA algorithm and private key is

attached to a drug

• The public key is distributed in a public directory

• Drug is sold in a pharmacy store

• Customer can proof identity (authentication) on a terminal

or at home with the help of the public key

• Check is possible for everybody without knowing any

password

OK!

Anti-Counterfeit by RFID and PKI

(15)

Rating

Implementing high-level Counterfeit Security

Kind of anti counterfeit feature

overt covert forensic

Authentication effort, Anti-counterfeit level

high

low print, holography, water mark

micro color particle, micro text, UV light

isotopes consistency, spectrum, DNA Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit Security Anti-Counterfeit by RFID and PKI

(16)

Implementing high-level Counterfeit Security

Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit Security Anti-Counterfeit by RFID and PKI

RFID security level

Unique Identification (UID)

ID: Object Name Service (ONS)

Password protected ID

Encrypted stored information: program and data

Encrypted communication

Public Key Infrastructure, digital signature

Process (Security level: 1=low / 6=high)

Identification

Authentication

1

2

3

4

5

6

(17)

Implementing high-level Counterfeit Security

Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit Security Anti-Counterfeit by RFID and PKI

RFID security level

Unique Identification (UID)

ID: Object Name Service (ONS)

Password protected ID

Encrypted stored information: program and data

Encrypted communication

Public Key Infrastructure, digital signature

Process (Security level: 1=low / 6=high)

Identification

Authentication

1

2

3

4

5

6

Cloning

Management

Passive

Management

(18)

Implementing high-level Counterfeit Security

Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit Security

Conclusion

• New kind of method

• Low price per item

• Resources available (max. 128 / 256 Bit)

• Flexible check for every user possible

– Supplier/ POS/ Drugstore

• High security level

(The allocation is one to one)

• Implementation within the next 5 - 10 years

Anti-Counterfeit by RFID and PKI

(19)

Implementing high-level Counterfeit Security

Thank you for attention

Technology RFID / PKI Implementation/ Hardware configuration Review and Counterfeit Security

Andreas Wallstabe andreas.wallstabe(at)smail.inf.fh-bonn-rhein-sieg.de Anti-Counterfeit

References

Download now ( PDF - 19 Page - 235.44 KB )

Related documents

Unit 1 Nata de Coco.id.En

According Astrawan (in Mubarak et al., 2014) formation Nata de Coco glucose uptake occurs because the process of solution of sugar or sugar in the coconut water by the cells

Physical variables influencing macro-invertebrate assemblages in epiphytic bromeliads in the rain forest of Belize

The aim of the current study was to access the entire height gradients in the canopy to sample epiphytic bromeliads of the genus Aechmea associated with a single tree species – the

Free trade: a major factor in U.S. farm income

One prime example of the consequences of the U.S. farm production controls and subsidies was the sharp decline in the usage of domestic cotton. In 1930, prior to tile acreage

The role of intuition in executive strategic decision making

Since not all strategic decisions have the same level of importance, decision makers can approach them in different ways, for example executives are expected to utilize more rational

Analyzing Divisia Rules Extracted from a Feedforward Neural Network

(For this encoding The rule generator produces rules describ- of the Divisia dataset, there were 75 train- ing each range separately, so each rule file cor- ing

SUBTITLING AND DUBBING SONGS IN MUSICAL FILMS

I n this article we have provided various insights into some of the constraints that determine the translation for dubbing and subtitling of the musical film My Fair Lady, which

Drugs: new psychoactive substances and prescription drugs

Norman Baker: Look, I do not know whether you think the best use of my time as Drugs Minister is to revisit decisions already taken, whenever those have been considered by the

Masters of Science in Microbiology and Immunology 2013/2014

In this course, doctoral graduate students are scheduled to present either a research article or their own work in a 50 min seminar (allowing for 10 min discussion).. Masters