World's First "Unclonable" RFID Chip

An anonymous reader writes to tell us that a new RFID chip from Verayo claims to be unclonable through the use of the new Physical Unclonable Functions (PUF), sort of an electronic DNA for silicon chips. "Basic passive RFID chips can be easily cloned by copying the data residing on one chip to another. Verayo's PUF-based RFID chips cannot be cloned, and provide a very strong and robust authentication mechanism. No other chip or device can be disguised as the original chip, even if the data is copied from one Verayo RFID chip to another."

Yeah?

[WillKemp]

Uncloneable today - cloned tomorrow...

Press release and marketing hype. 1st paragraph:

[BitterOldGUy]

Verayo launched the worldâ(TM)s first unclonable silicon chip â" the Vera X512H RFID chip. This new RFID chip is based on recently announced breakthrough technology called Physical Unclonable Functions (PUF). PUF technology is a type of electronic DNA or fingerprinting technology for silicon chips that makes each chip unclonable. Verayoâ(TM)s PUF-based RFID technology offers

So, is it unclonable?

Let's have a pool to see when it's cloned. I got by the end of the year by a Stanford student.

Re:Yeah?

[morgan_greywolf]

It's kind of like those 'unhackable' computers, networks and software we keep hearing about. *yawn* Wake me up when someone actually makes such a thing and it actually, you know, works.

Isn't that logically impossible?

[danaris]

Forgive me for my ignorance (and I haven't RTFA), but my understanding of RFID is the only way to tell what an RFID device is is by listening to it broadcast. Well, if you listen to a device broadcast enough, particularly if you listen in on a conversation between it and what it's supposed to talk to...doesn't it then become relatively simple to create your own RFID device that broadcasts all the same things as the original chip, and responds in all the same ways to input?

Seems to me it's just another instance of "DRM doesn't work," only in this case all the communication between supposedly secure nodes literally has to take place in the open air...

Dan Aris

Wrong Section

[trongey]

Shouldn't this article have been posted in the Humor section? I know I got a chuckle out of it.

Terrible marketing...

[Anonymous Coward]

"DNA" is unclonable why, exactly?

Re:Fairly straightforward

[Anonymous Coward]

The security thing is a no brainer - a good encryption would keep someone from wasting their time to get free subway passes.

The real kicker is cost and power. How strong a signal do you need to get the necessary power to calculate this stuff? And could you really afford to stick one of these things on every subway card? Adding complexity, to me, is defeating the purpose.

"Unclonable", eh?

[SamSim]

That sounds like a wager to me!

Re:Isn't that logically impossible?

[debatem1]

The very idea of a one time pad is that they don't cycle over time. If they do, it becomes an XOR cipher with a known period- trivially easy to break.

Also, a one time pad cannot securely gain pad length over the untrusted channel, since doing so would violate the 1:1 rule. Each character of new pad would have to be encrypted against- and thus consume- one character from the old pad.

Re:Isn't that logically impossible?

[Thelasko]

This would allow you to generate a new code for every communication, preventing your replay attack.

Already done. [wired.com] In fact, if there is an "unclonable" RFID chip, my money is on it being in cars before your passport.

Re:Isn't that logically impossible?

[DrSkwid]

How does that stop someone reading the private key from the RFID device using non-RF methods?

Re:Why is this automatically discredited?

[debatem1]

What they are claiming is not that the key can't be extracted from transmissions- a relatively humdrum requirement- but rather that unlimited physical access to the device cannot reveal the key, which I find dubious in the extreme. Add to that that there have been numerous devices that have claimed this in the past, only to fail miserably, and it seems pretty reasonable to assume that this will fail as well.

Authorizing ... please wait.

[meist3r]

So every one of these chips has to be synched with a central database? Good luck speeding up clocking times with that. And if there are multiple databases you surely could also circumvent one to make a chip work for you. Why not just give me a key for anything again? At least that can't be copied just by walking past my pocket.

Re:Fairly straightforward

[WolfWithoutAClause]

It's also completely broken if some organisation (for the sake of argument we'll call such an organisation 'a government') nobbles the manufacturer, so they ship chips that were made cloned at the factory.

Re:Fairly straightforward

[BitZtream]

The whole thing is broken by simply stealing the RFID chip itself. Physical access implies complete access, its just a matter of how long it takes you to get to the data.

Re:Yeah?

[ultranova]

The algorithm may be hidden in the hardware, if it is not rock solid (and published) I give this technology a huge chance of failure.

An analogue algorithm using "manufacturing variations" means basically white noise in the circuit. Cloning that accurately might indeed be an extremely difficult and costly operation: you basically have to recreate the chip with tolerance of tiny fraction of the original tolerance (=very expensive), or use a massively powerful (=big, not something you can carry with you unnoticed) computer to simulate it.

Memo to marketing....

[TiggertheMad]

Implausable to crack != Impossible to crack.

moreover...

MadTigger's 1st law Law of Cryptography: The harder you claim it is to crack, the more people will work to crack it.

Re:Yeah?

[Macman408]

More details can be found for the geekily-minded in their academic paper [verayo.com] (PDF warning!).

Basically, it's a series of multiplexers. The challenge selects exactly what pair of paths through the multiplexers are taken, and the output is a 0 or 1 depending on which path is faster. Presumably, this then gets replicated or reused several times to make a multi-bit response. They show an LFSR [wikipedia.org] in their diagram, but don't explicitly say what they use it for - my guess would be they initialize it with the challenge, then use it to generate the programming bits to select a path through the multiplexers.

So yeah, it's pretty difficult to manufacture a circuit that exactly matches it. And it would probably take too long to exhaustively try all challenges to discover what the responses are. However, I still see several possible weaknesses.

First, the challenge/response pairs that are stored (which are outside the RFID chip, used to verify that it is valid) must be selected randomly. If an attacker can reduce the number of possible challenges from 2^64 down to a much smaller number, it's no longer secure: he can interrogate the RFID chip for its responses to those challenges, and then program those into a new chip. It's not completely cloned, but as far as anybody can tell from the stored challenge/response pairs, it is identical.

Second, the paper shows that about 11 bits out of every 128 are different each time you use the *same* challenge with the *same* chip. To catch most false negatives with the fewest false positives (ie highest security possible), the threshold would have to be probably only 104 correct bits out of 128. (The same challenge with different chips is close to the ideal of 64 changed bits out of 128 total). Presumably, these numbers are approximately halved when using 64-bit challenges and responses. This makes the chip weaker than something that really has 2^64 combinations; you don't have to get all 64 bits right, you just have to get maybe 52 of them right. In the paper, they suggest a threshold of 96 correct bits - or presumably 48-bits with the 64-bit implementation. That effectively knocks a good 5 orders of magnitude off the number of possible responses.

Third, what's to stop somebody from figuring out the timing parameters of a particular RFID, and emulating the circuit? They say in the paper that they "scramble its output to thwart such 'model building' attacks." OK, how? Is this why the LFSR is in the design? Obviously, they're trying to prevent their competitors from copying their work, but are they also trying to get security through obscurity? We all know how well *that* works.

Fourth, the challenge/response pairs have to be stored securely. If an attacker can get them, it's game over. Considering most companies still haven't figured out how to secure their customers' credit card numbers, the only thing keeping an attacker at bay is a lack of motivation. Make the payoff good enough, and this is probably the weak point in the system that would be hacked first.

Fifth, if I'm a malicious supplier of RFID chips, I might be able to find two similar chips. I sell one to somebody else, and keep the second for my own malicious purposes. Since it doesn't have to be exactly identical (within a few bits is fine), and I can use the principles of the birthday attack [wikipedia.org], this shouldn't be a terribly difficult thing to do. Now, if I did my math right, a malicious supplier would have to buy around 83 million RFID chips to have a 50% chance of getting one pair that are considered to be matches, *if* the threshold is set at the most secure level possible. I'd bet a typical threshold would drop that by another order of magnitude or so. That's a lot of RFID tags, but given RFID's target (low-cost, high-volume), it's not so unreasonable.

The paper, like many involving an actual company, lacks a lot o

Re:Yeah?

[Huwawa]

It's kind of like those 'unhackable' computers, networks and software we keep hearing about. *yawn* Wake me up when someone actually makes such a thing and it actually, you know, works.

Where do you keep hearing that?