1、BSI Standards Publication PD CEN/TR 16672:2014 Information technology Privacy capability features of current RFID technologiesPD CEN/TR 16672:2014 PUBLISHED DOCUMENT National foreword This Published Document is the UK implementation of CEN/TR 16672:2014. The UK participation in its preparation was e
2、ntrusted to Technical Committee IST/34, Automatic identification and data capture techniques. A list of organizations represented on this committee can be obtained on request to its secretary. This publication does not purport to include all the necessary provisions of a contract. Users are responsi
3、ble for its correct application. The British Standards Institution 2014. Published by BSI Standards Limited 2014 ISBN 978 0 580 83897 2 ICS 35.240.60 Compliance with a British Standard cannot confer immunity from legal obligations. This Published Document was published under the authority of the Sta
4、ndards Policy and Strategy Committee on 30 June 2014. Amendments/corrigenda issued since publication Date T e x t a f f e c t e dPD CEN/TR 16672:2014TECHNICAL REPORT RAPPORT TECHNIQUE TECHNISCHER BERICHT CEN/TR 16672 June 2014 ICS 35.240.60 English Version Information technology - Privacy capability
5、 features of current RFID technologies Technologies de linformation - Fonctions de protection de la vie prive dans les technologies RFID actuelles Informationstechnik - Leistungsmerkmale fr den Schutz der Privatsphre in gegenwrtigen RFID-Technologien This Technical Report was approved by CEN on 20 J
6、anuary 2014. It has been drawn up by the Technical Committee CEN/TC 225. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland,
7、 Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATION EUROPISCHES KOMITEE FR NORMUNG CEN-CENELEC Management Centre:
8、 Avenue Marnix 17, B-1000 Brussels 2014 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. CEN/TR 16672:2014 EPD CEN/TR 16672:2014 CEN/TR 16672:2014 (E) 2 Contents Page Foreword 4 Introduction .5 1 Scope 6 2 Terms and definitions .6 3 Sy
9、mbols and abbreviations 7 4 Access protection features .7 4.1 General 7 4.2 Overview of access protection features 7 4.2.1 General 7 4.2.2 No protection 7 4.2.3 Password protection .7 4.2.4 Cryptographic protection 8 4.3 Application of access protection features 9 5 Features to protect Consumer Priv
10、acy. 10 5.1 General . 10 5.2 Unique chip ID or Tag ID 10 5.3 Chip selection with random number. 10 5.4 Reduced read range on the tag . 10 5.5 Untraceable . 10 5.6 Hide 11 5.7 Kill 11 5.8 Destroy . 11 5.9 Remove 11 6 Features to protect Data Security . 11 6.1 Features to protect Read access to the ta
11、g data . 11 6.1.1 Protection level . 11 6.1.2 “Normal“ Read access . 11 6.1.3 Read (Lock) protection . 11 6.1.4 Data protection using the TID 12 6.2 Features to protect Write access to the tag data 12 6.2.1 General . 12 6.2.2 Protection level . 12 6.2.3 “Normal“ Write access . 12 6.2.4 Write (Lock)
12、protection 12 6.2.5 Write protection using the TID 12 6.2.6 Write protection using a digital signature in User Memory . 13 7 Features for tag authentication . 13 7.1 General . 13 7.2 Verification using the Unique chip ID or Tag ID 13 7.3 Verification using the Unique chip ID or Tag ID with a digital
13、 signature 13 7.4 Verification using a password . 13 8 Standards support of privacy capability features . 13 9 Proprietary features 17 Bibliography . 18 PD CEN/TR 16672:2014 CEN/TR 16672:2014 (E) 3 Foreword This document (CEN/TR 16672:2014) has been prepared by Technical Committee CEN/TC 225 “AIDC T
14、echnologies”, the secretariat of which is held by NEN. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN and/or CENELEC shall not be held responsible for identifying any or all such patent rights. This Technical Report is one of
15、 a series of related deliverables, which comprise mandate 436 Phase 2. The other deliverables are: EN 16570, Information technology Notification of RFID The information sign and additional information to be provided by operators of RFID application systems EN 16571, Information technology RFID priva
16、cy impact assessment process EN 16656, Information technology - Radio frequency identification for item management - RFID Emblem (ISO/IEC 29160:2012, modified) CEN/TR 16684, Information technology Notification of RFID Additional information to be provided by operators CEN/TS 16685, Information techn
17、ology Notification of RFID The information sign to be displayed in areas where RFID interrogators are deployed CEN/TR 16669, Information technology Device interface to support ISO/IEC 18000-3 CEN/TR 16670, Information technology RFID threat and vulnerability analysis CEN/TR 16671, Information techno
18、logy Authorisation of mobile phones when used as RFID interrogators CEN/TR 16673, Information technology RFID privacy impact assessment analysis for specific sectors CEN/TR 16674, Information technology Analysis of privacy impact assessment methodologies relevant to RFID PD CEN/TR 16672:2014 CEN/TR
19、16672:2014 (E) 4 Introduction In response to the growing deployment of RFID systems in Europe, the European Commission published in 2007 the Communication COM (2007) 96 RFID in Europe: steps towards a policy framework. This Communication proposed steps which needed to be taken to reduce barriers to
20、adoption of RFID whilst respecting the basic legal framework safeguarding fundamental values such as health, environment, data protection, privacy and security. In December 2008, the European Commission addressed Mandate M/436 to CEN, CENELEC and ETSI in the field of ICT as applied to RFID systems.
21、The Mandate M/436 was accepted by the ESOs in the first months of 2009. The Mandate addresses the data protection, privacy and information aspects of RFID, and is being executed in two phases. Phase 1, completed in May 2011, identified the work needed to produce a complete framework of future RFID s
22、tandards. The Phase 1 results are contained in the ETSI Technical Report TR 187 020, which was published in May 2011. Phase 2 is concerned with the execution of the standardisation work programme identified in the first phase. This Technical Report provides privacy and security characteristics that
23、apply to the relevant standards. Furthermore it provides an overview of these standards and their respective support of the described features. PD CEN/TR 16672:2014 CEN/TR 16672:2014 (E) 5 1 Scope The scope of the Technical Report is to identify technical characteristics of particular RFID air inter
24、face protocols that need to be taken into consideration by operators of RFID systems in undertaking their privacy impact assessment. It also provides information for those operators who provide RFID-tagged items that are likely to be read by customers or other organizations. This Technical Report pr
25、ovides detailed privacy and security characteristics that apply to products that are compliant with specific air interface protocols, and also to variant models that comply with such standards. The Technical Report also identifies proprietary privacy and security features which have been added to ta
26、gs, which are problematic of being implemented in open systems which depend on interoperability between different devices. Such proprietary solutions, whilst being technically sound, in fact impede interoperability. The gap analysis thus identified can be used to encourage greater standardization. 2
27、 Terms and definitions For the purposes of this document, the following terms and definitions apply. 2.1 authentication process of determining whether an entity or data is/are who or what, respectively, it claims to be. Note 1 to entry: The types of entity authentication referred-to in this document
28、 are Tag authentication, Interrogator authentication, and Tag-Interrogator mutual authentication 2.2 key value used to influence the output of a cryptographic algorithm or cipher 2.3 KeyID numerical designator for a secret key 2.4 password secret value sent by an Interrogator to a Tag to enable rest
29、ricted Tag operations 2.5 permalock lock status that is unchangeable EXAMPLE The memory location is permanently locked or permanently unlocked. 2.6 tag authentication means for an Interrogator to determine, via cryptographic means, that a tags identity is as claimed 2.7 TID tag ID unique tag identif
30、ier PD CEN/TR 16672:2014 CEN/TR 16672:2014 (E) 6 3 Symbols and abbreviations For the purposes of this document, the following symbols and abbreviations apply. UII Unique Item Identifier 4 Access protection features 4.1 General This clause identifies several features used to protect access as part of
31、 the communication protocol between the interrogator and the tag. 4.2 contains an overview of possible access protection features. 4.3 describes how the protection features can be applied. 4.2 Overview of access protection features 4.2.1 General This subclause contains a general overview of possible
32、 features to protect the access to “resources“ on a tag, like access to data in memory, secret keys, flags, configuration settings etc. The list is presented in an order-ranking of approximate increasing protection level. NOTE The ranking is approximate, because not all features are available in som
33、e RFID technologies, and there are associated features that influence the degree of protection, such as read distance and timeouts. 4.2.2 No protection The lowest protection level is no protection. If there is no protection, all resources on the tags are freely accessible and can be read and alerted
34、 by any interrogator that has access to the tag. This does depend on the interrogator and the tag supporting the same air interface protocol. 4.2.3 Password protection 4.2.3.1 General Access to the resources on the tag can be protected with an access password. In this document the password protectio
35、n should only be considered as it is protecting the consumers privacy. To use this feature a copy of the password needs to be stored in the memory of the tag. When an interrogator requests access to a resource, it first has to provide the password. The tag will compare the password that is provided
36、by the interrogator with the copy of the password that is stored in memory. If both copies match the interrogator is “authenticated“ and the tag will provide the interrogator with access to the requested resource. The tag could also store the “authenticated“ status in a flag. A general weakness of t
37、he password feature is that for it to be functional, few stakeholders need to be aware of its value. As such, passwords have limited contribution in open systems where the organization responsible for encoding the tag (for example a product manufacturer) has limited knowledge of the specific organiz
38、ation that will read a particular tag (e.g. which retail store). A technical weakness of the password feature is that the password needs to be transmitted over the air. Therefore it can easily be intercepted by an intruder, who can then use the password later to also get access PD CEN/TR 16672:2014
39、CEN/TR 16672:2014 (E) 7 to the same resource. An increased level of protection can be provided if the password is transmitted in segments, thus requiring more than one interception to capture the entire password. A practical limitation of password protection is the possibility to find the password w
40、ith a “brute force“ attack; the interrogator can simply try to find the password starting with binary “0“ and then increase the password by “1“ after the tag rejects the request, until it has found the right password. The protection level of the password feature is a function of its length given tha
41、t all the communication is at the binary level. A brute force attack on an 8-bit password can be achieved in 255 attempts, while a 32-bit password requires 4.3 billion attempts, or over 2 billion attempts on average. While modern computers can process tens of thousands of passwords a second, a brute
42、 force attack on an RFID tag requires a new command to be generated each time and is therefore limited by the air interface speed. Also, unlike cracking a password to access a computer system, a password found in one RFID tag might have limited value. Practically this means that the password feature
43、s has the best value if it needs to be used only once. 4.2.3.2 Password protection with security timeout The protection level of the password feature can be improved by implementing a security timeout. The tag can introduce a time delay before it replies to the interrogator. A long delay will result
44、 in a brute force attack taking a long time. There are various possibilities, like a configurable delay or a delay that increases with the number of failed requests. 4.2.3.3 Password protection with cover coding Cover coding can be used to improve the protection against incepting the password over t
45、he air. It obscures information that it is transmitting to a tag. To cover-code a password, an interrogator first requests a random number from the tag. The interrogator then performs a bit-wise XOR of the password with this random number, and transmits the cover-coded string to the tag. The tag unc
46、overs the password by performing a bit- wise XOR of the received cover-coded string with the original random number and then compares the values of both copies. XOR based cover coding can be implemented in a state machine, and therefore in a passive tag. 4.2.4 Cryptographic protection 4.2.4.1 Genera
47、l Cryptographic protection can be used if the tag is equipped with a processor to perform a cryptographic calculation and has memory to store a secret key. Before requesting access to a resource, an interrogator first needs to request a random number from the tag. The interrogator needs to encrypt t
48、he random number with the secret key and return the encrypted secret key to the tag. The tag will use the on-board cryptographic processor to decrypt the received data with the secret key that is stored in its memory and compare the result with the random number that it has initially generated. If t
49、he numbers match the interrogator is “authenticated“ and the tag will provide the interrogator with access to the resource. The tag could also store the “authenticated“ status in a flag. An inverse process is that the interrogator sends a random challenge, the tag encrypts it and sends back the encrypted data to the interrogator. In this case the interrogator decrypts it and can check the originality of the tag. A tag could have several secret keys stored on the tag. In that case an interrogator needs to indicate which key needs
