Building a Hack-Proof RFID ChipContactless Payment Card Security Will Benefit, Expert Says
Scientists at MIT have designed and tested a new type of RFID chip that's harder to hack. That's good news for any device that employs the wireless chips, including "smart" identity badges, burglar alarms and inventory tracking labels.
But the most immediate use will likely be for payment cards, given the skyrocketing adoption of cards with RFID chips for contactless payments in many parts of the world. The UK Cards Association trade body, for example, reports that U.K. contactless payments increased by 220 percent from November 2014 to November 2015.
"Don't be surprised if this technology starts to appear on a card near you in the not-so-distant future," says Alan Woodward, a University of Surrey computer science professor, in a blog post (see ATM: Is Contactless the Future?).
The MIT researchers publicly debuted their research at this week's International Solid-State Circuits Conference in San Francisco, reporting that their new chip design is more resistant to side-channel attacks. That's a cryptographic term referring to being able to crack a crypto system not via brute force, but thanks to a flaw in how it's been physically implemented.
Attackers with physical access to a device can study its power-usage patterns and potentially deduce the encryption keys being stored in memory. "We have known for many years how computer memory can be gleaned even when using the strongest encryption such as the Advanced Encryption Standard," says Woodward, who also advises the EU's law enforcement intelligence body - Europol - on cybersecurity matters. "This was recently exemplified when it was discovered that some virtual machines could extract data via leakage from other virtual machines that share the same physical platform" (see Amazon Downplays Cloud Breach Threat).
Even small information leaks can undermine the security of a chip, device or payment card, and leave global supply chains at greater risk from counterfeiting. "The idea in a side-channel attack is that a given execution of the cryptographic algorithm only leaks a slight amount of information," says Chiraag Juvekar, a Ph.D. student at MIT who's the lead author on the new research paper, in a blog post. "So you need to execute the cryptographic algorithm with the same secret many, many times to get enough leakage to extract a complete secret."
To defend against such attacks, RFID chipmakers have previously used a random-number generator to regularly generate new keys, synchronized to a central server that does the same. That way, even if a fraudster can get physically close enough to eavesdrop on the device - wirelessly, in the case of RFID chips - they won't be able to gather enough information to crack a secret key before it gets replaced by a new one.
But this software-based approach is still susceptible to a "power glitch" attack, the MIT researchers warn, which involves repeatedly cutting power to the chip right before it cycles the secret key, which occurs every 3.1 milliseconds. As a result, attackers can keep repowering the device indefinitely - such power is typically provided by a chip scanner - which would make the chip continue to use the same secret key.
"In practice you have to go through this cycle thousands of times, assuming there is no changing of the keys, in order to determine memory contents," Woodward says. "It's non-trivial but has been demonstrated."
Battling Power-Glitch Attacks
The MIT researchers' new RFID chip design, however, adds two defenses against such attacks: on-chip capacitors to provide a continuous energy source, and "nonvolatile" memory that will store whatever computations the chip is working on, even if there's a power cut. As a result, once power gets restored, computation resumes. "If that computation was an update of the secret key, it will complete the update before responding to a query from the scanner," the MIT researchers say. "Power-glitch attacks won't work."
Both Japanese automotive components manufacturer Denso and chipmaker Texas Instruments helped sponsor the MIT research. Texas Instruments reports that it's built multiple RFID chip prototypes to the researchers' specifications, and that they work as intended.
Woodward says protecting RFID chips against physical-proximity hack attacks is good news, given the increased use of such chips. "As they are used to store increasing amounts of sensitive - particular personal - data such leakage is an obvious place for hackers to target," he says. "And of course, the rise of contactless payment systems has brought a whole new impetus to this form of attack."