Hardware Reference
In-Depth Information
How RFID works
RFID works by exchanging messages between a reader and tag by radio waves. RFID tags
consist of an aerial (a loop of wire), a capacitor to store electricity and a small silicon chip.
The silicon chip is actually a small computer processor! This demonstrates just how small
computers have become and how they are everywhere!
An ingenious feature of the system is that the tags do not need their own power source to
transmit. They can receive their energy by radio waves from the reader when they are irst
placed nearby. The radio waves also contain a message from the reader that it wants to read
the tag. The tag stores the energy and uses it to compute a response and then transmit it
back to the reader. In the simple case this message is a ixed number, but more sophisticated
tags contain read/writable
nonvolatile memory
(memory that stores state even without power)
to store data. In the most sophisticated tags, their computer processor performs a calculation
in the tag. This allows the tag to perform challenge-response authentication.
Challenge-Response Authentication
One problem with authentication is the threat of
replay attacks
- that is, that an attacker
may copy the secret reply given to a system. An example of this might be watching a user
type in a password, and then typing it in to impersonate that user. A solution is never to
reveal the secret information. This may seem impossible at irst, but can be implemented if
a challenge is set that can be achieved only if the subject possesses the secret information.
In everyday life you might want to know if someone knows the same secret you do but
don't want to reveal the secret to him or her. In this situation you ind a question that a per-
son can only answer if he or she knows the secret, yet the two of you don't actually share
the secret itself. In computing this is known as
challenge-response authentication.
The more sophisticated RFID tags have a processor to answer questions posed by the
reader. In this case the question is usually numbers that the tag has to do a sum with
together with the secret number it is storing. If the tag transmits the correct number back,
the reader is sure that the tag knows the secret. The next time the tag is presented to the
reader a different challenge will be issued, which makes it very dificult to copy the tag.
