Concern for mission critical systems...
By Tom Espiner
Published: 18 April 2006 08:15 GMT
Researchers say they have proven that effective attacks can be launched against RFID tags.
In tests, generation one standard RFID tags and readers were unable to function after they were overloaded with data, researchers at Edith Cowan University in Perth said in a report published this month.
Academics in the Scissec research group at Edith Cowan University warned: "Vulnerabilities in the newer UHF style of RFID tags have been found and are of concern for anyone trying to implement a RFID system that would have mission critical or human life issues involved in it."
Although many companies are trialling RFID tagging in their supply chain, the tags are not commonly used in life-critical situations today. However, the tags are used by the US military to track supplies.
Generation two standard RFID tags could also be disrupted, according to the researchers. Generation two tags are more sophisticated than generation one tags, and can operate at four different speeds.
RFID relies on tags being identified by readers when they are within range. Readers communicate with the tags by hopping between a number of channels within an allocated band of frequencies (902-928MHz). It was thought this provided security because the reader could hop between frequencies when encountering interference.
In the tests, the Australian researchers saturated the frequency range used by the tags, which prevented the tags from talking to the readers. The Australian researchers said in their report that the use of frequency hopping would not stop DoS attacks, as the tags themselves could not hop frequencies.
They demonstrated that from a range of one metre they could disrupt communications between tags and readers, putting the tag into a "communication fault state".
While the readers can hop frequencies in the allocated band range if they encounter interference, RFID tags cannot as they regard the entire band as one channel.
Last month, Dutch researchers announced the successful creation of a virus capable of infecting RFID tags.
Tom Espiner writes for ZDNet UK
Photos: Inside the RSA cybercrime war room
Legal Eye: Does Home Office online surveillance go too far? Photos: How computing cracks terrorist networks Photos: McKinnon "distraught" says family Analysis: A globetrotter's guide to cyber crime Opinion: What's the point of security? Analysis: How to catch a cyber criminal? Do it yourself
Analysis: What's the next malware threat?
Police turn to IT industry to help fight cybercrime
Opening communications…
The cost of cybercrime? $1tr
Businesses paying the price…
Corporate IT at risk from knocked-off electronics
What's inside your servers?
Monster users victims of data theft
Job hunters on hackers' radar
Is this the largest security breach ever?
Getting to the Heartland of data loss
Stories from around the web...
Q&A: The man behind Cisco's security CNET News.com
Laws to clamp down on cyber crime BBC News
Hacking made easy Washington Post
Compliance, not malware, drives IT budgets TechWeb.com via InformationWeek
UK security experts fear for loss of high-tech crime unit Times Online
Make your voice heard
silicon.com and the Bathwick Group have created an opportunity for business and IT executives to share their experience with each other and thus enhance their knowledge of the IT marketplace.
Join our research panel, and you'll be asked to participate in short surveys - and then will be privy to the answers of all your colleagues, as we send you tailored versions of the results.
Extras include complementary passes to silicon.com events and survey prizes such as iPods. Plus, there are the obvious networking opportunities with your fellow panellists.
For more about the Research Panel and how to join, click here
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
RSS Feeds