Electronics

"Unhackable" RFID chip to keep your credit cards safe

Researchers have designed an RFID chip that prevents so-called side-channel attacks
Researchers have designed an RFID chip that prevents so-called side-channel attacks
View 1 Image
Researchers have designed an RFID chip that prevents so-called side-channel attacks
1/1
Researchers have designed an RFID chip that prevents so-called side-channel attacks

Radio frequency identification (RFID) chips have made cashless payments commonplace and opened the way to automatic inventory control. However, they've also made it possible for credit card details and other private information to be stolen wirelessly. To make things a bit more secure, MIT and Texas Instruments are developing an "unhackable" RFID chip that's designed to fend off information-stealing attacks.

Even if information on a chip is covered by supposedly unbreakable encryption, the keys for using that encryption are still very vulnerable – especially in a wireless environment. RFID tags are vulnerable to a number of hacking strategies called side-channel attacks. These involve studying patterns of memory access or fluctuations in power usage as the chip carries out encryption operations and using the information to deduce the password keys.

"The idea in a side-channel attack is that a given execution of the cryptographic algorithm only leaks a slight amount of information," says Chiraag Juvekar, a graduate student in electrical engineering at MIT. "So you need to execute the cryptographic algorithm with the same secret many, many times to get enough leakage to extract a complete secret."

Such automated attacks can have very expensive consequences, but there are already countermeasures against them. Unfortunately, they produce their own vulnerabilities. For example, some RFID chips reject password attempts after a number of failures and others regularly generate a new pair of password keys using random number generators to make them more difficult to guess.

However, the MIT team points out that these leave chips open to "blackout" or "power glitch" attacks. Since RFID chips are powered by the radio beam of the scanning device, the attacker can switch the chip off and on thousands of times before it's able to change its passwords. This also wipes the chip's memory and lets the intruder run the same side-channel attack using the same key without getting locked out or dealing with a new key because the chip can't remember what it was working on.

Texas Instruments has already constructed a number of prototypes of the new chip based on specifications from the MIT team. It overcomes side-channel attacks and power-glitch attacks in particular by providing the chip with an onboard power supply and a non-volatile memory, so it can't get electronic amnesia when switched off.

The team managed this by using ferroelectric crystals, which consists of molecules set in a three-dimensional lattice. The cells in the crystal lattice carry positive and negative electric charges. These are normally aligned in a random pattern, but when an electric field is applied, the cells can be lined up to represent the ones and zeros of binary code. Since the crystals retain their polarization when the field is turned off, they can act as a memory.

MIT says that another property of the crystals is that they can act as a capacitor, which means they can retain an electric charge like a battery that the chip can run on when the scanning beam is off. In this case, the chip has a bank of 3.3 V ferroelectric cells and 571 1.5-V cells. The 3.3 V cells power the chip long enough to carry out whatever computations it was working on when the beam switched off, while the 1.5 V cells act as a non-volatile memory.

The clever bit is that when the chip is switched off and on, the first thing it does is recharge itself, so it can't be drained of power by repeated attacks. It can then complete its last task and if it happens to be installing a new encryption key, that gets priority, so a power-glitch attack won't be effective.

The team says that this added security comes at a cost. The added task of recharging the capacitors and completing computations slows the chip down, but they say that it can still manage 30 readouts per second, which is practical.

"In the age of ubiquitous connectivity, security is one of the paramount challenges we face," says Ahmad Bahai, chief technology officer at Texas Instruments. "Because of this, Texas Instruments sponsored the authentication tag research at MIT that is being presented at ISSCC. We believe this research is an important step toward the goal of a robust, low-cost, low-power authentication protocol for the industrial Internet."

The researchers presented their research at the International Solid-State Circuits Conference in San Francisco.

Source: MIT

11 comments
RyanScott
I'm wondering what application needs to read data from the chip twenty times per second or more?
Mel Tisdale
About time, too. Can we please have the same level of protection on the internet?
JoeB
"Unhackable"? Haven't we heard that word used thousands of times before the item has been hacked? If man can make it 'unhackable' then man can 'hack' it...
Rocky Stefano
@Mel. Card not present security for credit/debit cards has been available for a decade. Problem is that the EMV working group won't acknowledge it until our patents expire. http://www.identita.com/products/acoustic
Daishi
After some quick searching I wasn't able to find a detailed breakdown of the information exchanged between the EVM chip and the terminal but there are multiple back and fourth exchanges that happen over a period of time for information that changes from one transaction to the next. If this is true combined with the need to be in very close proximity it would pretty difficult for a nearby party to intercept enough data to create usable cloned card. I assumed it to be the case but it's comforting that the card doesn't simply broadcast static information. IMHO most credit card fraud today is the fault of the industry for not having a better method than having websites store them in clear text. It would be very simple when a website makes a credit card transaction with a credit card number for the bank to provide them with a temporary token to use for future transactions that would be useless to anyone who accesses their database and steals it. It's pretty inexcusable that websites store millions of clear text credit card numbers because when their database is hacked the numbers are sold and people can use the data to print "clone" cards that are good for about $1000 in transactions before fraud is detected and the card is locked. An extremely basic level of effort is all that is needed to prevent 98% of this type of fraud and it would be far less complex than the above mentioned efforts to secure EVM chips. An attack where you intercept the initial transaction would still yield a card but far fewer than attacks that manage to obtain the entire credit card database which happen about once per week it seems. There are lots of methods to secure the process beyond that too but the industry mostly has itself to blame for not doing more to protect against this.
Oun Kwon
What about an implantable programmable chip for the body?
JoeHollinger
We must ask ourselves "Just because we can; should we?" when it comes to technological developments that solve, or help solve a particular problem for personal and business applications. I hope you are aware that our corrupt government, and its United Nations counter partners, want to eventually implant an RFI chip in the brains of every human being. This chip will be assigned a number and the individual will be known by that number forever. That number will be assigned to every account, record, etc. associated with the chip bearer. These accounts will include medical, financial, and personal. Once the numbering and implantation schemes are completed we will become a cashless society. All of a persons wealth will be in his or her numbered account. The government will have access to everyone's account and have authority to make deposits and withdrawals from all of a person's accounts. The RFI chips will include an explosive device that can be used when a person is determined to be of no further use by the entities in control of mankind. This will include commissions of crime, health, age, political status, etc.. Since man will no longer be in control of his destiny at that time, those in charge will be able to dispose of unwanted persons without an explosion in their brains. Simply by taking a person's number out of the habitations database that person will cease to exist in all respects. They will no longer have an account dependent on their assigned chip number from which to draw for anything to support their lives. They will no longer be able to access shelter, food, healthcare, transportation, clothing, anything and everything. They will starve to death as a nothing unrecognized in the World and disappear as if having never existed. So, should technology supporting development of an unhackable RFI chip be developed in the first place? As long as man can do something to preserve himself and his existence he must have the ability for doing so. Giving governments a control mechanism that peoples, subject to tyranny and oppression, cannot counter in some way is not a good idea. Attempts to produce a means that will protect a person's credit and medical information is not worth the risk of giving run amok governments a tool for controlling people and erasing all chances of those people being able to resist and overcome unjust controls.
Daishi
@Oun Kwon I think that's already a thing. Some RFID chips are read-only, others are read-write. People have been implanting RFID chips in pets for years. It's certainly possible to do this with humans too but is it a good idea? Here is a 2006 article about a company that implanted RFID chips in employees: http://www.cnn.com/2006/TECH/07/10/rfid/ One use I could sort of see is using an RFID key for doorlocks without needing to carry keychain. From the 2006 article they listed their technology as being the size of a grain of rice. If I could use a grain of rice sized RFID key for everything from my house, to my car, to work I might consider it but if it became popular the idea of criminals and thieves cutting out peoples RFID chips is a little scary.
T N Args
If you are going to write "unhackable" in quote marks, then you should do the same for "safe".
Stephen N Russell
Mass produce for all Bank, Finance & ID cards alone Credit & debit esp To deter Hacking & ID theft alone