1、BSI Standards PublicationPD CEN/TR 16672:2014Information technology Privacy capability features ofcurrent RFID technologiesPD CEN/TR 16672:2014 PUBLISHED DOCUMENTNational forewordThis Published Document is the UK implementation of CEN/TR 16672:2014.The UK participation in its preparation was entrust
2、ed to Technical Committee IST/34, Automatic identification and data capture techniques.A list of organizations represented on this committee can be obtained on request to its secretary.This publication does not purport to include all the necessary provisions of a contract. Users are responsible for
3、its correct application. The British Standards Institution 2014. Published by BSI Standards Limited 2014ISBN 978 0 580 83897 2ICS 35.240.60Compliance with a British Standard cannot confer immunity from legal obligations.This Published Document was published under the authority of the Standards Polic
4、y and Strategy Committee on 30 June 2014.Amendments/corrigenda issued since publicationDate T e x t a f f e c t e dPD CEN/TR 16672:2014TECHNICAL REPORT RAPPORT TECHNIQUE TECHNISCHER BERICHT CEN/TR 16672 June 2014 ICS 35.240.60 English Version Information technology - Privacy capability features of c
5、urrent RFID technologies Technologies de linformation - Fonctions de protection de la vie prive dans les technologies RFID actuelles Informationstechnik - Leistungsmerkmale fr den Schutz der Privatsphre in gegenwrtigen RFID-Technologien This Technical Report was approved by CEN on 20 January 2014. I
6、t has been drawn up by the Technical Committee CEN/TC 225. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia
7、, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATION EUROPISCHES KOMITEE FR NORMUNG CEN-CENELEC Management Centre: Avenue Marnix
8、 17, B-1000 Brussels 2014 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. CEN/TR 16672:2014 EPD CEN/TR 16672:2014CEN/TR 16672:2014 (E) 2 Contents Page Foreword 4 Introduction .5 1 Scope 6 2 Terms and definitions .6 3 Symbols and abbre
9、viations 7 4 Access protection features .7 4.1 General 7 4.2 Overview of access protection features 7 4.2.1 General 7 4.2.2 No protection 7 4.2.3 Password protection .7 4.2.4 Cryptographic protection 8 4.3 Application of access protection features 9 5 Features to protect Consumer Privacy. 10 5.1 Gen
10、eral . 10 5.2 Unique chip ID or Tag ID 10 5.3 Chip selection with random number. 10 5.4 Reduced read range on the tag . 10 5.5 Untraceable . 10 5.6 Hide 11 5.7 Kill 11 5.8 Destroy . 11 5.9 Remove 11 6 Features to protect Data Security . 11 6.1 Features to protect Read access to the tag data . 11 6.1
11、.1 Protection level . 11 6.1.2 “Normal“ Read access . 11 6.1.3 Read (Lock) protection . 11 6.1.4 Data protection using the TID 12 6.2 Features to protect Write access to the tag data 12 6.2.1 General . 12 6.2.2 Protection level . 12 6.2.3 “Normal“ Write access . 12 6.2.4 Write (Lock) protection 12 6
12、.2.5 Write protection using the TID 12 6.2.6 Write protection using a digital signature in User Memory . 13 7 Features for tag authentication . 13 7.1 General . 13 7.2 Verification using the Unique chip ID or Tag ID 13 7.3 Verification using the Unique chip ID or Tag ID with a digital signature 13 7
13、.4 Verification using a password . 13 8 Standards support of privacy capability features . 13 9 Proprietary features 17 Bibliography . 18 PD CEN/TR 16672:2014CEN/TR 16672:2014 (E) 3 Foreword This document (CEN/TR 16672:2014) has been prepared by Technical Committee CEN/TC 225 “AIDC Technologies”, th
14、e secretariat of which is held by NEN. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN and/or CENELEC shall not be held responsible for identifying any or all such patent rights. This Technical Report is one of a series of rel
15、ated deliverables, which comprise mandate 436 Phase 2. The other deliverables are: EN 16570, Information technology Notification of RFID The information sign and additional information to be provided by operators of RFID application systems EN 16571, Information technology RFID privacy impact assess
16、ment process EN 16656, Information technology - Radio frequency identification for item management - RFID Emblem (ISO/IEC 29160:2012, modified) CEN/TR 16684, Information technology Notification of RFID Additional information to be provided by operators CEN/TS 16685, Information technology Notificati
17、on of RFID The information sign to be displayed in areas where RFID interrogators are deployed CEN/TR 16669, Information technology Device interface to support ISO/IEC 18000-3 CEN/TR 16670, Information technology RFID threat and vulnerability analysis CEN/TR 16671, Information technology Authorisati
18、on of mobile phones when used as RFID interrogators CEN/TR 16673, Information technology RFID privacy impact assessment analysis for specific sectors CEN/TR 16674, Information technology Analysis of privacy impact assessment methodologies relevant to RFID PD CEN/TR 16672:2014CEN/TR 16672:2014 (E) 4
19、Introduction In response to the growing deployment of RFID systems in Europe, the European Commission published in 2007 the Communication COM (2007) 96 RFID in Europe: steps towards a policy framework. This Communication proposed steps which needed to be taken to reduce barriers to adoption of RFID
20、whilst respecting the basic legal framework safeguarding fundamental values such as health, environment, data protection, privacy and security. In December 2008, the European Commission addressed Mandate M/436 to CEN, CENELEC and ETSI in the field of ICT as applied to RFID systems. The Mandate M/436
21、 was accepted by the ESOs in the first months of 2009. The Mandate addresses the data protection, privacy and information aspects of RFID, and is being executed in two phases. Phase 1, completed in May 2011, identified the work needed to produce a complete framework of future RFID standards. The Pha
22、se 1 results are contained in the ETSI Technical Report TR 187 020, which was published in May 2011. Phase 2 is concerned with the execution of the standardisation work programme identified in the first phase. This Technical Report provides privacy and security characteristics that apply to the rele
23、vant standards. Furthermore it provides an overview of these standards and their respective support of the described features. PD CEN/TR 16672:2014CEN/TR 16672:2014 (E) 5 1 Scope The scope of the Technical Report is to identify technical characteristics of particular RFID air interface protocols tha
24、t need to be taken into consideration by operators of RFID systems in undertaking their privacy impact assessment. It also provides information for those operators who provide RFID-tagged items that are likely to be read by customers or other organizations. This Technical Report provides detailed pr
25、ivacy and security characteristics that apply to products that are compliant with specific air interface protocols, and also to variant models that comply with such standards. The Technical Report also identifies proprietary privacy and security features which have been added to tags, which are prob
26、lematic of being implemented in open systems which depend on interoperability between different devices. Such proprietary solutions, whilst being technically sound, in fact impede interoperability. The gap analysis thus identified can be used to encourage greater standardization. 2 Terms and definit
27、ions For the purposes of this document, the following terms and definitions apply. 2.1 authentication process of determining whether an entity or data is/are who or what, respectively, it claims to be. Note 1 to entry: The types of entity authentication referred-to in this document are Tag authentic
28、ation, Interrogator authentication, and Tag-Interrogator mutual authentication 2.2 key value used to influence the output of a cryptographic algorithm or cipher 2.3 KeyID numerical designator for a secret key 2.4 password secret value sent by an Interrogator to a Tag to enable restricted Tag operati
29、ons 2.5 permalock lock status that is unchangeable EXAMPLE The memory location is permanently locked or permanently unlocked. 2.6 tag authentication means for an Interrogator to determine, via cryptographic means, that a tags identity is as claimed 2.7 TID tag ID unique tag identifier PD CEN/TR 1667
30、2:2014CEN/TR 16672:2014 (E) 6 3 Symbols and abbreviations For the purposes of this document, the following symbols and abbreviations apply. UII Unique Item Identifier 4 Access protection features 4.1 General This clause identifies several features used to protect access as part of the communication
31、protocol between the interrogator and the tag. 4.2 contains an overview of possible access protection features. 4.3 describes how the protection features can be applied. 4.2 Overview of access protection features 4.2.1 General This subclause contains a general overview of possible features to protec
32、t the access to “resources“ on a tag, like access to data in memory, secret keys, flags, configuration settings etc. The list is presented in an order-ranking of approximate increasing protection level. NOTE The ranking is approximate, because not all features are available in some RFID technologies
33、, and there are associated features that influence the degree of protection, such as read distance and timeouts. 4.2.2 No protection The lowest protection level is no protection. If there is no protection, all resources on the tags are freely accessible and can be read and alerted by any interrogato
34、r that has access to the tag. This does depend on the interrogator and the tag supporting the same air interface protocol. 4.2.3 Password protection 4.2.3.1 General Access to the resources on the tag can be protected with an access password. In this document the password protection should only be co
35、nsidered as it is protecting the consumers privacy. To use this feature a copy of the password needs to be stored in the memory of the tag. When an interrogator requests access to a resource, it first has to provide the password. The tag will compare the password that is provided by the interrogator
36、 with the copy of the password that is stored in memory. If both copies match the interrogator is “authenticated“ and the tag will provide the interrogator with access to the requested resource. The tag could also store the “authenticated“ status in a flag. A general weakness of the password feature
37、 is that for it to be functional, few stakeholders need to be aware of its value. As such, passwords have limited contribution in open systems where the organization responsible for encoding the tag (for example a product manufacturer) has limited knowledge of the specific organization that will rea
38、d a particular tag (e.g. which retail store). A technical weakness of the password feature is that the password needs to be transmitted over the air. Therefore it can easily be intercepted by an intruder, who can then use the password later to also get access PD CEN/TR 16672:2014CEN/TR 16672:2014 (E
39、) 7 to the same resource. An increased level of protection can be provided if the password is transmitted in segments, thus requiring more than one interception to capture the entire password. A practical limitation of password protection is the possibility to find the password with a “brute force“
40、attack; the interrogator can simply try to find the password starting with binary “0“ and then increase the password by “1“ after the tag rejects the request, until it has found the right password. The protection level of the password feature is a function of its length given that all the communicat
41、ion is at the binary level. A brute force attack on an 8-bit password can be achieved in 255 attempts, while a 32-bit password requires 4.3 billion attempts, or over 2 billion attempts on average. While modern computers can process tens of thousands of passwords a second, a brute force attack on an
42、RFID tag requires a new command to be generated each time and is therefore limited by the air interface speed. Also, unlike cracking a password to access a computer system, a password found in one RFID tag might have limited value. Practically this means that the password features has the best value
43、 if it needs to be used only once. 4.2.3.2 Password protection with security timeout The protection level of the password feature can be improved by implementing a security timeout. The tag can introduce a time delay before it replies to the interrogator. A long delay will result in a brute force at
44、tack taking a long time. There are various possibilities, like a configurable delay or a delay that increases with the number of failed requests. 4.2.3.3 Password protection with cover coding Cover coding can be used to improve the protection against incepting the password over the air. It obscures
45、information that it is transmitting to a tag. To cover-code a password, an interrogator first requests a random number from the tag. The interrogator then performs a bit-wise XOR of the password with this random number, and transmits the cover-coded string to the tag. The tag uncovers the password b
46、y performing a bit-wise XOR of the received cover-coded string with the original random number and then compares the values of both copies. XOR based cover coding can be implemented in a state machine, and therefore in a passive tag. 4.2.4 Cryptographic protection 4.2.4.1 General Cryptographic prote
47、ction can be used if the tag is equipped with a processor to perform a cryptographic calculation and has memory to store a secret key. Before requesting access to a resource, an interrogator first needs to request a random number from the tag. The interrogator needs to encrypt the random number with
48、 the secret key and return the encrypted secret key to the tag. The tag will use the on-board cryptographic processor to decrypt the received data with the secret key that is stored in its memory and compare the result with the random number that it has initially generated. If the numbers match the
49、interrogator is “authenticated“ and the tag will provide the interrogator with access to the resource. The tag could also store the “authenticated“ status in a flag. An inverse process is that the interrogator sends a random challenge, the tag encrypts it and sends back the encrypted data to the interrogator. In this case the interrogator decrypts it and can check the originality of the tag. A tag could have several secret keys stored on the tag. In that case an interrogator needs to indicate which key needs to be used for authenti