rfidanalysis.org
RSA Laboratories The Texas Instruments DST tag is a cryptographically enabled RFID transponder used in several wide-scale systems including vehicle imobilizers and the ExxonMobil SpeedPass system. This page serves as an overview of our successful attacks on DST enabled systems. A preliminary version of the full academic paper describing our attacks in detail is also available below.
Videos About RFIDs and the Texas Intruments DST Radio-Frequency IDentification (RFID) is a general term for small, wireless devices that emit unique identifiers upon interrogation by RFID readers. Ambitious deployment plans by Wal-mart and other large organizations over the next couple of years have prompted intense commercial and scientific interest in RFID. The form of RFID device likely to see the broadest use, particularly in commercial supply chains, is known as an EPC (Electronic Product Code) tag. This is the RFID device specified in the Class 1 Generation 2 standard recently ratified by a major industry consortium known as EPCglobal. EPC tags are designed to be very inexpensive -- and may soon be available for as little as five cents/unit in large quantities according to some projections. They are sometimes viewed in effect as wireless barcodes: They aim to provide identification, but not digital authentication. Indeed, a basic EPC tag lacks sufficient circuitry to implement even symmetric-key cryptographic primitives. The term RFID, however, denotes not just EPC tags, but a spectrum of wireless devices of varying capabilities. More sophisticated and expensive RFID devices can offer cryptographic functionality and therefore support authentication protocols. One of the most popular of such devices is known as a Digital Signature Transponder (DST). Manufactured by Texas Instruments, DSTs are deployed in several applications that are notable for wide-scale deployment and the high costs (financial and otherwise) of a large-scale security breach. These include: RFID Transponders At left, an ExxonMobile SpeedPass both inside and outside its casing. The small chip is embedded into the plastic head of the key. This number includes systems with fixed-code transponders that provide no cryptographic security, as well as newer models equipped with DSTs. Immobilizers deter vehicle theft by interrogating an RFID transponder embedded in the ignition key as a condition of enabling the fuel-injection system of the vehicle. The devices have been credited with significant reductions in auto theft rates, as much as 90%. A DST consists of a small microchip and antenna coil encapsulated in a plastic or glass capsule. It is a passive device, which is to say that it does not contain an on-board source of power, but rather receives its power from the interrogation signal transmitted by the reading device via electromagnetic inductance. This design choice allows for a compact design and long transponder life. A DST contains a secret, 40-bit cryptographic key which is field-programmable via RF command. In its interaction with a reader, a DST emits a factory-set (24-bit) identifier, and then authenticates itself by engaging in a challenge-response protocol. The reader initiates the protocol by transmitting a 40-bit challenge. The DST encrypts this challenge under its key and returns a 24-bit response. It is thus the secrecy of the key that ultimately protects the DST against cloning and simulation. Data is entered using the keyboard at front, and results are read off the LEDs on each board. From bottom, a battery, a uninteruptible power supply, a small form factor PC with data aquisition card, and a BNC breakout box. The encryption algorithm used in the TI DST tags is an unpublished, proprietary cipher that uses a 40-bit key. The algorithm was designed in the early 1990's by engineers at Texas Intruments, but is still being deploying in current systems. By today's standards, a 40-bit key is unacceptably short: advances in computing power have made such keys succeptable to brute-force key guessing attacks. Therefore, the actual security of the DST system rests with the secrecy of the proprietary algorithm used in the tags. One of the most important principles in cryptographic design states, however, that the security of a system should be based only on the secrecy of the keys, never on the secrecy of the algorithm. We used some new special-purpose cryptanalytic techniques to reconstruct the algorithm used in the DST tags, by simply observing the responses that actual DST tags computed when presented with a large number of specially chosen challeneges. Using this black-box reverse-engineering method, we were able to implement a software program that, when given the same challenge and key as an actual tag, would compute the same response. Our next step was to recover the secret key from a deployed DST device, using a brute-force key search. Unfortunately, it would have taken more than 2 weeks for our software implementation to find a key when running on 10 very fast PCs. We therefore implemented our key-search on a field programmable gate array (FPGA). The FPGA evaluation board we used is available online for under $200 in single quantities with all of the neccesary development software and cabling. Our implementation cracks 32 keys in parallel on a single FPGA running at 100MHz At this rate, a single FPGA is expected to crack a key in just over 10 hours. To decrease this key-cracking time even furthur, we connected 16 FPGAs together at a total cost of under $3,500. Texas Instruments provided us with 5 DST tags whose keys we did not know. The 16-way parallel cracker was able to recover all 5 keys in well under 2 hours. We are currently developing and testing even faster and cheaper methods for recovering DST keys and will update this page with these results when they become available.
After recovering a key, in order to attack a real DST system, we needed to create a radio device that could speak the same protocol as a hardware DST tag. This device would allow us to quickly extract the information needed to recover a key from a target DST device, and once the key was cracked, completely emulate the DST to a legitimate reader. To accomplish this, we equipped a small and easily portable PC with a Measurement Computing digital-to-analog conversion (DAC) board; this board is also capable of analog-to-digital conversion. The DAC board can perform 12-bit A/D conversions on an input signal at a rate of 125 MHz and can perform D/A conversions and generate an output signal at a rate of 1 MHz We connected the input and output channels on our DAC board to an antenna tuned to the correct frequency range. We wrote modulation and demodulation software routines to decode and produce the analog AM signals transmitted by the TI reader as well as FM-FSK analog signals transmitted by the transponders. Using these routines, our equipment can eavesdrop on the communication protocol between a DST reader and transponder, or participate actively in a protocol by emulating either device.
To validate our attack, we extracted the key from our own SpeedPass token and simulated it in our independent programmable RF device. We purchased gasoline successfully at an ExxonMobil station multiple times in the course of a single day using this digital simulator. Similarly, we recovered the cryptographic key from a DST in the ignition key of our 2005 model Ford Escape SUV. By simulating the DST, we spoofed the immobilizer authentication system and started the vehicle with a bare ignition key, that is, with one that possessed no DST at all. Viewed another way, we created the pre-conditions for hot-wiring the vehicle. Practical Signifigance Our attack on the DST cipher by no means implies wholesale dismantling of the security of the SpeedPass network, nor easy theft of automobiles. The cryptographic challenge-response protocols of DST devices constitute only one of several layers of security in these systems. The SpeedPass network has on-line fraud detection mechanisms loosely analogous to those employed for traditional credit-card transaction processing. Thus an attacker that simulates a target DST cannot do so wit...
|
http://csua.com/feed/