Still and Silent: Motion Detection for Enhanced RFID Security and Privacy without Changing the Usage Model


Saxena N., Voris J.

6th Workshop on Radio Frequency Identification Security, İstanbul, Turkey, 8 - 09 June 2010, vol.6370, pp.2-21 identifier

  • Publication Type: Conference Paper / Full Text
  • Volume: 6370
  • City: İstanbul
  • Country: Turkey
  • Page Numbers: pp.2-21

Abstract

Personal RFID devices found, e.g., in access cards and contactless credit cards are vulnerable to unauthorized reading, owner tracking and different types of relay attacks. We observe that accessing a personal RFID device fundamentally requires moving it in some manner (e.g., swiping an RFID access card in front of a reader). Determining whether or not the device is in motion can therefore provide enhanced security and privacy; the device will respond only when it is in motion, instead of doing so promiscuously. We investigate extending the concept of min-entropy from the realm of random number generation to achieve motion detection on an RFID device equipped with an accelerometer. Our approach is quite simple and well-suited for use on low-cost devices because the min-entropy of an accelerometer's distribution can be efficiently approximated. As opposed to alternative methods, our approach does not require any changes to the usage model expected of personal RFID devices.