RFID: Time is the key to increased chip security with TARDIS
Lao Tzu, the famous Chinese philosopher, once said, “time is a created thing.” Interestingly, this 2,500 year old saying -- which was initially said in response to an observation regarding the shortcomings of the human perspective on time management -- is still relevant today, especially when discussing new technological developments as related to radio-frequency identification (RFID).
RFID chips, essentially small artificial homing beacons, are embedded in a variety of products and used to both actively and passively track everything from military firearms to government issued passports, to bank sponsored credit cards to electronics equipment, including the computer you are using to read this article.
More novel, but soon to be more mainstream, uses of these chips include scenarios in which they are embedded within people and animals for a variety of legitimate (and not-so-legitimate) purposes. Like most other devices that communication on a wireless spectrum and provided with pervasive access to our infrastructure, there are extensive concerns around the security of such devices. This is where the concept of time becomes exceptionally relevant.
RFID chips, which are self-contained environments, have problems with time. More specifically, because of their short battery lives, they are often designed without a permanent component that tracks time.
To some, this simply sounds like an inconvenience that results in a few late appointments. However, it causes much larger problems, mainly because it makes a lot of security related functions – including logging – difficult to utilize. This means that forensics and security protocols, which examine interactions with an RFID chip (or validate such interactions), have no historic baseline to scrutinize patterns and behaviors of interests that may indicate malicious intent.
However, according to recent research there is an answer that fits within the architecture of the RFID universe. This new technology, which was revealed at the USENIX Security Symposium, creates a virtual clock on an existing RFID chip. It does this without making physical modifications to the chip, neither increasing the size of the device by adding a formal battery component nor affecting the performance of other critical functions.
Researchers behind this innovation are calling it Time and Remanence Decay in SRAM (TARDIS). Among them is Kevin Fu, who is a professor of computer science at the University of Massachusetts Amherst, along with other academics from Dartmouth College, UMass and the University of California. TARDIS, besides being the name of the time machine used by BBC’s Doctor Who, is a new process that takes advantage of the existing wireless communication flow between the RFID chip and an outside party in a rather innovative way.
When communication occurs, the chip receives a wireless charge that over time slowly degrades. The degradation of power over time which occurs in all artificially powered devices, for example a cell phone losing its charge even when not turned on, can be measured and predicted and thus serve as a tracking mechanism for time.
Ironically, the academics involved are capitalizing on an existing device deficiency to “fix” another deficiency in a creative fashion that only requires another 50 lines of code. Because of the benefits of TARDIS, RDIF chips can now be fully integrated into tracking scenarios in a more secure fashion and with a greater amount of flexibility.
For example, between public video cameras, personal portable wireless devices, and identification/financial cards embedded with RFID technologies, it is possible to track the movements of an individual in a real-time fashion. Those movements are tied to behaviors (like purchases) while triggering alerts and other actions that permit observing actors to watch the subject (or a device in their possession) in a subtle fashion, all while providing a time stamp at every touch-point in the process.
In addition to making tracking more efficient, the ability to tell time also makes RFID chips more secure, especially against brute-force attacks. If a chip is hit with a signal many times in a short period, it will receive a charge each time. The next time an RFID reader scans it, before wiping the SRAM, it reads the amount of time elapsed between the charges. If the reader detects a lot of power-ups close together, it can then deduce that the chip may be under attack. In Fu's words, “this is one of the first cases I’m aware of where SRAM remanence is a good thing.”
When Lao Tzu spoke regarding time he was quoted as saying, “Time is a created thing. To say 'I don’t have the time,' is like saying, 'I don’t want to.'" Innovation isn’t a sometime thing. Innovation, like time, is a managed opportunity that has to be proactively engaged, so a perceived “set-back” in one discipline – like power seepage – can become a brilliant answer to a problem in a complimentary domain.