Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

World's First "Unclonable" RFID Chip 320

An anonymous reader writes to tell us that a new RFID chip from Verayo claims to be unclonable through the use of the new Physical Unclonable Functions (PUF), sort of an electronic DNA for silicon chips. "Basic passive RFID chips can be easily cloned by copying the data residing on one chip to another. Verayo's PUF-based RFID chips cannot be cloned, and provide a very strong and robust authentication mechanism. No other chip or device can be disguised as the original chip, even if the data is copied from one Verayo RFID chip to another."
This discussion has been archived. No new comments can be posted.

World's First "Unclonable" RFID Chip

Comments Filter:
  • Yeah? (Score:5, Insightful)

    by WillKemp ( 1338605 ) on Monday September 08, 2008 @02:05PM (#24922445) Homepage

    Uncloneable today - cloned tomorrow...

    • Re:Yeah? (Score:5, Insightful)

      by morgan_greywolf ( 835522 ) on Monday September 08, 2008 @02:08PM (#24922491) Homepage Journal

      It's kind of like those 'unhackable' computers, networks and software we keep hearing about. *yawn* Wake me up when someone actually makes such a thing and it actually, you know, works.

    • Re:Yeah? (Score:5, Interesting)

      by NotBornYesterday ( 1093817 ) * on Monday September 08, 2008 @02:39PM (#24923095) Journal
      Okay, so according to TFA (yeah I know, not supposed to read it, yadda yadda yadda), it looks like the RFID device isn't authenticated by its ID, but by a series of challenge-and-response tokens it has that are also stored in some central database, which appear to increment as they are used.

      There appears to be a finite number of challenge-response pairs in the authentication database. How limited is that number? Are they also stored on board the RFID tag? Are they generated from the serial# and/or ID#?

      What is the length of the challenge, and of the response? Could a captured item (ie, passport) with such an RFID tag be brute-force interrogated (hit with a series of random-number "challenges" to see which might elicit stored "responses"), and counterfeited that way?

      Could this scheme be vulnerable to MITM-style attack?
      • Re:Yeah? (Score:5, Informative)

        by mollymoo ( 202721 ) on Monday September 08, 2008 @04:06PM (#24924329) Journal

        According to the manufacturer's site [verayo.com], up to 2^64 challenge-response pairs (each 64 bits). They aren't stored on board the tag, but generated on demand. The uniqueness comes from normal manufacturing variations, so they don't need expensive techniques to make each chip unique. With each tag before using it you capture however many challenge/response pairs you will need. The pairs should in theory should only be used once, but in practice I suppose that's up to the implementation, the tags will happily keep giving out the same[1] response to the same challenge. Given you need to interrogate the IC for each challenge/response before putting it in service, there will be a temptation to re-use keys to reduce the time for training the system for each key.

        The large number of challenge/response pairs possible makes cloning implausible (you'd need to capture all 2^64 pairs), until someone can reverse engineer the "algorithm" and find the hidden variables (manufacturing variations) which form the "key" for a particular tag. I'm sure someone will work out how to do that eventually, but given it seems to be an analogue "algorithm" with a potentially large number of hidden variables I don't know how easy it will be. It seems like a sufficiently interesting problem that researchers will be queuing up to try.

        [1] Apparently not always the same - there is some finite probability of the same tag giving different responses to the same challenge, but they have techniques to reduce this and its impact. The vagaries of analogue electronics at work.

        • Implausable to crack != Impossible to crack.


          MadTigger's 1st law Law of Cryptography: The harder you claim it is to crack, the more people will work to crack it.
        • Re:Yeah? (Score:5, Insightful)

          by Macman408 ( 1308925 ) on Monday September 08, 2008 @05:46PM (#24925839)

          More details can be found for the geekily-minded in their academic paper [verayo.com] (PDF warning!).

          Basically, it's a series of multiplexers. The challenge selects exactly what pair of paths through the multiplexers are taken, and the output is a 0 or 1 depending on which path is faster. Presumably, this then gets replicated or reused several times to make a multi-bit response. They show an LFSR [wikipedia.org] in their diagram, but don't explicitly say what they use it for - my guess would be they initialize it with the challenge, then use it to generate the programming bits to select a path through the multiplexers.

          So yeah, it's pretty difficult to manufacture a circuit that exactly matches it. And it would probably take too long to exhaustively try all challenges to discover what the responses are. However, I still see several possible weaknesses.

          First, the challenge/response pairs that are stored (which are outside the RFID chip, used to verify that it is valid) must be selected randomly. If an attacker can reduce the number of possible challenges from 2^64 down to a much smaller number, it's no longer secure: he can interrogate the RFID chip for its responses to those challenges, and then program those into a new chip. It's not completely cloned, but as far as anybody can tell from the stored challenge/response pairs, it is identical.

          Second, the paper shows that about 11 bits out of every 128 are different each time you use the *same* challenge with the *same* chip. To catch most false negatives with the fewest false positives (ie highest security possible), the threshold would have to be probably only 104 correct bits out of 128. (The same challenge with different chips is close to the ideal of 64 changed bits out of 128 total). Presumably, these numbers are approximately halved when using 64-bit challenges and responses. This makes the chip weaker than something that really has 2^64 combinations; you don't have to get all 64 bits right, you just have to get maybe 52 of them right. In the paper, they suggest a threshold of 96 correct bits - or presumably 48-bits with the 64-bit implementation. That effectively knocks a good 5 orders of magnitude off the number of possible responses.

          Third, what's to stop somebody from figuring out the timing parameters of a particular RFID, and emulating the circuit? They say in the paper that they "scramble its output to thwart such 'model building' attacks." OK, how? Is this why the LFSR is in the design? Obviously, they're trying to prevent their competitors from copying their work, but are they also trying to get security through obscurity? We all know how well *that* works.

          Fourth, the challenge/response pairs have to be stored securely. If an attacker can get them, it's game over. Considering most companies still haven't figured out how to secure their customers' credit card numbers, the only thing keeping an attacker at bay is a lack of motivation. Make the payoff good enough, and this is probably the weak point in the system that would be hacked first.

          Fifth, if I'm a malicious supplier of RFID chips, I might be able to find two similar chips. I sell one to somebody else, and keep the second for my own malicious purposes. Since it doesn't have to be exactly identical (within a few bits is fine), and I can use the principles of the birthday attack [wikipedia.org], this shouldn't be a terribly difficult thing to do. Now, if I did my math right, a malicious supplier would have to buy around 83 million RFID chips to have a 50% chance of getting one pair that are considered to be matches, *if* the threshold is set at the most secure level possible. I'd bet a typical threshold would drop that by another order of magnitude or so. That's a lot of RFID tags, but given RFID's target (low-cost, high-volume), it's not so unreasonable.

          The paper, like many involving an actual company, lacks a lot o

    • Uncloneable means cloneable? What a country!
  • by Just Some Guy ( 3352 ) <kirk+slashdot@strauser.com> on Monday September 08, 2008 @02:05PM (#24922449) Homepage Journal

    And this time we really mean it!

    • by Osurak ( 1013927 ) on Monday September 08, 2008 @02:21PM (#24922743)

      And this time we really mean it!

      Anybody want a peanut?

  • by BitterOldGUy ( 1330491 ) on Monday September 08, 2008 @02:07PM (#24922467)

    Verayo launched the worldâ(TM)s first unclonable silicon chip â" the Vera X512H RFID chip. This new RFID chip is based on recently announced breakthrough technology called Physical Unclonable Functions (PUF). PUF technology is a type of electronic DNA or fingerprinting technology for silicon chips that makes each chip unclonable. Verayoâ(TM)s PUF-based RFID technology offers

    So, is it unclonable?

    Let's have a pool to see when it's cloned. I got by the end of the year by a Stanford student.

  • by danaris ( 525051 ) <danaris.mac@com> on Monday September 08, 2008 @02:08PM (#24922497) Homepage

    Forgive me for my ignorance (and I haven't RTFA), but my understanding of RFID is the only way to tell what an RFID device is is by listening to it broadcast. Well, if you listen to a device broadcast enough, particularly if you listen in on a conversation between it and what it's supposed to talk to...doesn't it then become relatively simple to create your own RFID device that broadcasts all the same things as the original chip, and responds in all the same ways to input?

    Seems to me it's just another instance of "DRM doesn't work," only in this case all the communication between supposedly secure nodes literally has to take place in the open air...

    Dan Aris

    • by corsec67 ( 627446 ) on Monday September 08, 2008 @02:17PM (#24922669) Homepage Journal

      You could have a more powerful RFID tag that has some computation ability. This would allow you to generate a new code for every communication, preventing your replay attack.

      If the list of request-responses was a true one time pad, then they might actually have some fairly good security from a radio attack, but the number of queries to the rfid tag would be finite.

      If they use any kind of cipher, then it is very much open to attack.

    • Not for Active (Score:5, Informative)

      by brunes69 ( 86786 ) <slashdot.keirstead@org> on Monday September 08, 2008 @02:18PM (#24922689) Homepage

      What you are talking about is a passive RFID device, like most offense keycards from the 80's and early 90s. RFID nowadays is more complex, with the devices having a small computer chip in it that is actually powered up by the RFID. Having this chip allows secure encryption between the device and the terminal such that sniffing in on the conversation should get you no further than sniffing on a properly negotiated SSH session will.

      The hole in the scheme of course is, if the crook gets his hands on the keyfob for a short period of time, it is the same as having your SSH private key, and he can clone the chip in the keyfob and return the original without you even knowing.

      This company is saying they have a new chip that incorporates physical properties of the chip itself int the encryption somehow such that cloneing it would be recognizable.

      • Even if they use physical properties of the chip you can still clone it. Your clone will simply contain a digital copy of the physical information, instead of actually measuring it every time like the original chip.

    • by repvik ( 96666 )

      If it makes it necessary to listen to many conversations between a reader and the RFID chip, that'll atleast make it impossible for someone to clone my chip by passing me on the street...

    • Well, sure... too a point. It could use some sort of one-time-pad authentication, or time-based encryption signature, which would make cloning it more difficult. Perhaps even much more difficult. Thing is, they could just mean that it cannot be cloned without taking it apart to get to whatever signature system it uses. --Has not read TFA--
    • Well, if you listen to a device broadcast enough, particularly if you listen in on a conversation between it and what it's supposed to talk to...doesn't it then become relatively simple [...]

      To me, that's like saying SSH is easy to crack if you can just listen in on it... but the whole idea is that the (encrypted) conversation can be eavesdropped upon without compromising the data being exchanged.

      Not sure how exactly the PUF thing is supposed to work, but it's imaginable to "generate" unique keys based on anything, even physical imperfections in the chips... the account is then somehow setup (say, when you activate your credit card or whatever) without ever exposing the key itself (only the ch

      • by maxume ( 22995 ) on Monday September 08, 2008 @02:29PM (#24922913)

        The chip is characterized at the factory by sending it challenges and recording the responses. Later, the chip is issued one of the recorded challenges and the response is compared to the factory response.

        If the challenge-response is done in such a way that it can be recorded, then each challenge is only good the first time it is used.

        There is some possibility that the behavior they are exploiting is not as robust as they think and that the response characteristics of the chip could be determined from a limited number of challenges (and then emulated), but on the surface, it looks pretty reasonable, especially for situations with a limited number of challenges (so authenticating an event ticket with it is great, but maybe not so much an ID).

      • Re: (Score:3, Informative)

        by Otto ( 17870 )

        And that's basically what they do. It's a challenge-response mechanism. See here: http://www.verayo.com/solutions.html [verayo.com]

        So naturally it's unclonable in the trivial sense, but of course it may be vulnerable to a cryptographic attack.

        What gets me though is that challenge/response mechanisms have been in RFID devices for ages. What's new about this one?

        Note that they claim "Unlimited number of challenge response pairs for each chip" which just sounds freakin' strange to me.

        • Seems to me that a naive way to do it would be to construct a linear feedback shift register with a period much longer than the expected number of transactions. Like.. expecting 10,000 transactions over the lifetime of the key fob? Make the period billions of words long.

          The challenge is then fed in as the starting value, cycled a certain number of times, and the output is sent back.

          Of course, the processing on the back end in verifying the output, as well as establishing millions of unique LSFR sequences

    • by OmniGeek ( 72743 ) on Monday September 08, 2008 @02:25PM (#24922831)

      In theory (crypto theory), this can be done if the parties communicating have a shared secret piece of data and a crypto algorithm, resistant to reverse-engineering from outside, that enables them to exchange that secret data without eavesdropping, man-in-the-middle attacks, or a brute-force cracking of the crypto algorithm.

      This is quite hard to do properly in general, as the plethora of lousy cryptosystems attests. It *can* be done if one has enough processing power (tough for RFID chips that operate from microwatts of someone else's broadcast RF energy) and a good enough encryption algorithm (see "lousy cryptosystems" above).

      Of course, if you can duplicate the data content and algorithms of the RFID chip, say by physically dismantling it layer-by-layer with a destructive analysis, you can clone it even if you don't know the shared secret. The article is claiming (without ANY credible evidence, BTW) to have somehow made this impossible, presumably by creating some random-but-repeatable property in the chip that cannot be extracted by analysis for reproduction in a cloned chip. Unless they've come up with something VERY effective, I'd bet on this system being cracked within months just like all the other RFID schemes. The lack of description or references to how their system works smells like bad crypto and security-by-obscurity to me.

    • by Tetsujin ( 103070 ) on Monday September 08, 2008 @02:28PM (#24922897) Homepage Journal

      Forgive me for my ignorance (and I haven't RTFA), but my understanding of RFID is the only way to tell what an RFID device is is by listening to it broadcast. Well, if you listen to a device broadcast enough, particularly if you listen in on a conversation between it and what it's supposed to talk to...doesn't it then become relatively simple to create your own RFID device that broadcasts all the same things as the original chip, and responds in all the same ways to input?

      Seems to me it's just another instance of "DRM doesn't work," only in this case all the communication between supposedly secure nodes literally has to take place in the open air...

      Dan Aris

      Well, I don't know if I can answer your question in terms of the technical limitations of RFID - but in general, your argument ignores the possibility that RFID data is being encrypted.

      For instance: suppose the subway fare system uses a set of encryption keys - some of these keys will be stored on the fare cards (the RFID devices) and some will be stored in the machines that interact with these cards...

      Now suppose the interaction starts with one of these machines broadcasting, looking for a fare card... In some part of the initial handshaking the machine sends out a transaction number - encoded using an encryption key that fare cards can decode. In all further communication that transaction number is part of the encryption key used by the fare card.

      You can listen in on this transaction, but you can't do anything with it unless you can decode the messages... You can't replicate the transaction because your response has to include the transaction ID given to you by the gate machine...

      So in the context of an "uncloneable" chip - you could create another chip that pretends to have the same "Physical Uncloneable Functions" - but that depends on first knowing exactly what they are... If it's handled in a static way and not encoded, that's pretty easy. If it's handled in a way that one RF exchange only gets you one part of the data you'd need to replicate the thing - or if the data you'd need to replicate the chip is encrypted, then that makes the problem substantially harder...

      Fundamentally, though, I believe you're correct - if it can be made once, it can be made again... The trick is to make it difficult to do that.

      • by DrSkwid ( 118965 )

        blah blah blah I have one of the keys in my possession, the method, no matter how many bits, is right there in my key - the RFID device.

    • by It doesn't come easy ( 695416 ) on Monday September 08, 2008 @02:41PM (#24923119) Journal
      Not to defend the claim (the claim is obviously marketing hype) but when they say cloned they mean you can't take a one of their RFID chips and change it to be identical to another one of their chips (to be read by their scanners, etc.). Adding a computer or more circuitry doesn't count because it would not be a clone (even if it generated the same responses).

      However, obviously with enough money and resources you could copy one of their chips and turn out another RFID chip that would be identical. It may not even take that much effort or money (I'm sure we'll hear about what it takes soon enough).

      If they had claimed that it would be prohibitively expensive or time-consuming to clone one of their chips then maybe I could believe them. But to claim unclonable is in a word unbelievable.
      • Re: (Score:3, Informative)

        by darthwader ( 130012 )

        Actually, no that's exactly what they are claiming. The nature of a PUF is that you cannot copy it (at least not with any reasonable amount of work).

        The system works by what is basically garbage that is intentionally and randomly introduced into the circuit. You might be able to take the chip apart and look at where the garbage is, but with current technology (or foreseeable technology), you cannot make another chip with the garbage in exactly (down to an atom's width or less) the same place. And the pos

  • Wrong Section (Score:5, Insightful)

    by trongey ( 21550 ) on Monday September 08, 2008 @02:08PM (#24922499) Homepage

    Shouldn't this article have been posted in the Humor section? I know I got a chuckle out of it.

  • From the same folks that brought you the unsinkable ship.
  • by jimicus ( 737525 ) on Monday September 08, 2008 @02:12PM (#24922569)

    Most obvious mechanism is that the chip has sufficient intelligence to be able to cryptographically identify itself using public key cryptography, and the keypair is embedded on the chip at the manufacturing stage.

    Would work beautifully, but it's completely broken the day someone manages to get the private key out of it.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      The security thing is a no brainer - a good encryption would keep someone from wasting their time to get free subway passes.

      The real kicker is cost and power. How strong a signal do you need to get the necessary power to calculate this stuff? And could you really afford to stick one of these things on every subway card? Adding complexity, to me, is defeating the purpose.

    • by Lumpy ( 12016 )

      the 1-wire iButton does this. they have a cryptographic version that is uncloneable and will self destruct if you try to open it.

      It's probably that tech simply repackaged.

    • Re: (Score:3, Insightful)

      It's also completely broken if some organisation (for the sake of argument we'll call such an organisation 'a government') nobbles the manufacturer, so they ship chips that were made cloned at the factory.

    • Re: (Score:3, Insightful)

      by BitZtream ( 692029 )

      The whole thing is broken by simply stealing the RFID chip itself. Physical access implies complete access, its just a matter of how long it takes you to get to the data.

  • by jeffmeden ( 135043 ) on Monday September 08, 2008 @02:15PM (#24922637) Homepage Journal

    You conduct overheard conversations all the time and have no issue with considering them "secure": namely via SSL/TLS encryption. All that's necessary to create an RFID that can't be completely duplicated is for the chip to hold on to more information than it broadcasts, and then only reveal that information in a clever way (asymmetric encryption). A well coded challenge-response handshake can allow the reader and chip to conduct a conversation that is 'unique' and cannot be easily duplicated later on. Sure, there is the potential for it to be improperly coded, or downright misrepresented. However, don't count it as a failure before it's even seen the light of day.

    • by jimicus ( 737525 )

      The thing about SSL is that it depends on one particular piece of information - the private key - not being available to the general public because it's stored on the server that you're connecting to and (provided the server is properly secured, backups notwithstanding) never leaves it.

      However, with the RFID chip you're distributing the private key along with the public key. All you can do is hope that no enterprising hacker ever finds a way of getting at the private key.

      Of course, we're assuming that this

    • by debatem1 ( 1087307 ) on Monday September 08, 2008 @02:36PM (#24923041)
      What they are claiming is not that the key can't be extracted from transmissions- a relatively humdrum requirement- but rather that unlimited physical access to the device cannot reveal the key, which I find dubious in the extreme. Add to that that there have been numerous devices that have claimed this in the past, only to fail miserably, and it seems pretty reasonable to assume that this will fail as well.
      • by cduffy ( 652 )

        What they are claiming is not that the key can't be extracted from transmissions- a relatively humdrum requirement- but rather that unlimited physical access to the device cannot reveal the key, which I find dubious in the extreme.

        Has anyone cloned a Crypto iButton?

    • by DrSkwid ( 118965 )

      If I had physical access the the server you're talking to I could clone it, poison your DNS and then serve you anything from the server.

      Talking out of your arse doesn't make this thing unclonable.

    • Sure, there is the potential for it to be improperly coded, or downright misrepresented. However, don't count it as a failure before it's even seen the light of day.

      The first 100 times I heard of similar schemes, I thought maybe they were onto something. The second 900 times, I grew skeptical.

  • duh! (Score:4, Interesting)

    by MobyDisk ( 75490 ) on Monday September 08, 2008 @02:18PM (#24922685) Homepage

    From the illustration, it looks like a simple challenge response mechanism. All I have to say is: duh!

    So they finally added some form of authentication. This is what smart cards were supposed to be when I first heard about them 10 years ago. Simple RFID was never intended to be used for something secure: it was meant to replace bar codes or magnetic strips.

  • Sure, it can allegedly stop them from being cloned, but what about read?
  • The gauntlet has been thrown down.
  • So, how do they manufacture these things? Obviously there must be a way to copy them.
  • "Unclonable", eh? (Score:3, Insightful)

    by SamSim ( 630795 ) on Monday September 08, 2008 @02:23PM (#24922783) Homepage Journal
    That sounds like a wager to me!
  • If it is predictable, then there's a series of characters its expected to send under a given condition and it can be cloned.

    Otherwise it is random and can not be differentiated from others.
  • by brennz ( 715237 ) on Monday September 08, 2008 @02:25PM (#24922825)
    August 4, 2009
    Hackers at the annual DEFCON conference have announced they have succeeded in cloning the "unclonable" RFID chip. Jerry "Botnet" Goldblatt led the effort in defeating the security on the RFID chip. According to Jerry, "Cloning the 'unclonable' RFID chip was even easier than breaking Oracle's 'unbreakable' Linux. It just goes to show that marketing runs IT." The team is now accepting donations of Red Bull, Grey Goose and Hawaiian skunk as they add a module to metasploit to further simplify the attack.
    • Re: (Score:3, Funny)

      by MarkGriz ( 520778 )

      The team is now accepting donations of Red Bull, Grey Goose and Hawaiian skunk as they add a module to metasploit to further simplify the attack.

      Later that day.... "The team is now accepting donations for their legal defense fund."

  • So, is it unclonable like the Titanic was unsinkable?

  • by cutecub ( 136606 ) on Monday September 08, 2008 @02:26PM (#24922841)

    The use of language is strange.

    Unclonable: cannot be cloned
    DNA: a molecule that clones itself.

    Its not the best choice of marketing metaphor.

    Its like saying that an event is possibly inevitable.


    • on a strict grammatical basis, you have a point.
      In terms of how scientists actually use the words "clonable" and "unclonable": clonable means you can get copies of the original DNA molecule to replicate inside a new cell, either from the same organism or a different organism.
      In many cases, DNA that is quite happy in one cell type is not happy in another; this was a big problem in the human genome project, as most of the work was done with human dna cloned into E coli, and there is a lot of human dna that is

  • by quo_vadis ( 889902 ) on Monday September 08, 2008 @02:49PM (#24923227) Journal
    This chip utilizes PUFs (so called Physically Unclonable Functions). These are currently a hot topic of research, especially in the secure embedded computing community.

    The fundamental idea is that a PUF should produce a unique value for a chip, in a repeatable fashion, with a side effect that modification of the chip will be detectable.

    PUFs are of 4 main types -
    1. Optical - These are the oldest forms of PUFs. They started with physicists trying to use chips as diffraction gratings. You shine a laser at the silicon vias and record the signature of light. These require depackaging the chip in question and are mostly impractical
    2. Silicon - Usually implemented as long delay lines, but are sensitive to environmental conditions (mainly temperature & injected faults) There remains an ongoing research attempt to make these better (less reliant on environmental factors)
    3. Coating - These are currently considered one of the best forms of PUFs. The topmost layer of the chip has some embedded metal flakes. The bottom layer of the chip has a capacitance sensor. Since the distribution of the metal flakes is random, the capacitance is random and unique to each chip (the resolution of the capacitance sensor is tuned to ensure this). This method has the added advantage that the minute someone tries to attack the chip, by depackaging it, the capacitance changes and the chips data (usually the secret key for an encryption cipher such as AES/DES) can be wiped. The main problem is that it adds a few extra fab steps , which means it increases the cost. Additionally, the first calibration costs more money to do.

    4. Intrinsic - These are the current area of research. In particular for FPGAs. As any hardware designer knows, RAM cells are initalized to random values, but most FPGAs have some small logic which resets them all to zero. If we remove that logic, we have a chip, which has a whole bunch of random numbers, which will usually initialize the same way, based on process variation etc. This technique has been shown for FPAGs and will probably be brought over soon to full scale chips.

    In order to keep this short, i have omitted a lot of references, but you can find more info, about intrinsic PUFS here [ieee.org].

    Actually Phillips does a lot of research with PUFs and I am surprised that Verayo claims to be the first maker of PUF based chips.
    • by quo_vadis ( 889902 ) on Monday September 08, 2008 @04:10PM (#24924395) Journal
      I realize its bad form to reply to my comment, but I would like to add a bit about how authentication works using PUFs

      When the chip is manufactured, the device creator records the original response of the chip to a series of challenges and calls this reponse vector r'. When a chip is powered up, it energizes the PUF circuitry and records the output into the internal PUF value register(k). Next, when the chip (usually a passive RFID) needs to be authenticated, the external party sends a challenge. The challenge (c) is processed through some encryption mechanism (called f() )using the key (the saved PUF register value) to produce a response(r).(For those keeping track at home, r = f(c,k)). This response is sent back to external party. The external party sends n such requests and compares the received response vector to the expected response vector (r') if r and r' are the same, then the chip is authenticated and work continues.

      Of course, like any normal physical phenomenon, there is some variation between any two power ups. Thus, the key might change. In order to compensate for this, the key is calculated to be the codeword of some code with a long length. Then, for each subsequent power up, the new key(k') is decoded using nearest neighbor decoding as a codeword of the same code. Finally, the distance of the new key(k') and the expected key(k) is stored into a special vector(l), which is reapplied to key produced at next power up.

      So, to clear up a few questions -
      1. Its not like OTP (one time pad) encoding, because a unique challenge should produce a given response for a unique chip every time
      2. It is not meant to be the only encryption being used. There is usually a second code on the set of challenges to ensure that the challenge vector being created is itself part of a code.
      3. Man in the Middle & duplication attacks should be hard as the device manufacturer can release a small subset of real challenges and could always hold back some challenges, which it can use to be completely sure. Additionally, it may release different sets of challenges to different customers.
  • All these claims of "unclonable", "unhackable" etc. are probably untrue. It's sort of like the claims that were made about locks. All that a lock does is to keep the honest man honest. A lock works by delaying the intruder long enough to catch him. If someone wants to overcome your security and has enough time, they will prevail. All that good security does is to buy you some time. If Fort Knox had only the locks and vaults but nobody watching, thieves would eventually get in.

  • by CorporateSuit ( 1319461 ) on Monday September 08, 2008 @03:00PM (#24923393)
    If it reads, we can clone it
  • by Anachragnome ( 1008495 ) on Monday September 08, 2008 @03:02PM (#24923421)


    All one would have to do, provided there is a limited amount of responses (which seems plausible considering it is embedded in the chip), just carpet-bomb the RFID with queries. Burn up all them responses, and "Presto!", useless chip. And THAT could be done while some guy is standing next to you on the subway. Get to work and the fucking thing doesn't function anymore.

    Now, if they used a rotating list of responses, the same carpet-bombing would reveal that, eventually resulting in a list of correct responses to queries.

    Yay for ineffective technology!

    If nothing else, it will inhibit the use of them if people that have them for legitimate uses find them unusable all the time.

  • if we could take a young child, possessor of the greatest marvel known to biological or computational science, namely a brain, and manage to educate that child so he had a statistically reasonable chance of not growing up to think like a moron?

    The specific moronity I have in mind is all or nothing thinking.

    There is not a safe in the world that cannot be opened without its combination or keys. That's why you don't rely on a safe to be perfect. You have burglar alarms, surveillance cameras, and frequent phy

  • by Tweenk ( 1274968 ) on Monday September 08, 2008 @03:26PM (#24923769)

    The chip is not a public key crypto device; it looks like it has an unique hashing function built in. The system is based on a manufacturer-controlled database of message and digest values. Once the RFID reader detects this chip, it gets its ID and sends to the manufacturer database; the database sends back a one-time message for the chip to hash (the one-time thing is crucial - it guarantees that a given challenge will not be sent twice, so no replay attack and no MITM on the network connection from the reader to the manufacturer DB). The digest is sent back and if the stored digest and the one returned by the reader match, the chip's identity is confirmed. It seems that the manufacturer builds a database of message / digest values after getting the chip from the vendor treating it as a black box device, and the hashing algorithm never leaves the RFID vendor.

    The chip might also be a stateful device, but this would introduce many problems (if the manufacturer DB gets out of sync with the chip, it's useless).

    I think that obtaining the original chip (stealing it) would be always easier than duplicating it with this system. To successfully attack it (convince an uncompromised reader that you have the true chip) you would have to:

    a) Record all possible responses to all possible challenges from the original chip. I think this is the way the system is particularly resilient to - if the message and response are at least 64 bits long, or there is any delay, then it is impossible.

    b) Replicate the chip physically, using a microscope. This is theoretically possible but would be extremely costly, and probably unfeasible.

    c) Steal the hashing algorithm from the RFID vendor. This would give you next to nothing if the hashing algorithm used a seed that is never broadcast from the chip (eg. serial # from the picture), so you would have to resort to b) to get it.

    d) Steal the C/R database from the manufacturer. This is probably the easiest way, but the manufacturer can't notice or you have to steal the data for very many chips, making revoking them all a major blow for the company.

    The main idea here is not being able to construct a fake chip based on data the real chip broadcasts.

    Any other ideas?

  • by dontmakemethink ( 1186169 ) on Monday September 08, 2008 @03:51PM (#24924147)

    a new RFID chip from Verayo claims to be unclonable through the use of the new Physical Unclonable Functions (PUF), sort of an electronic DNA for silicon chips.

    DNA is cloneable. In fact, DNA routinely clones itself. Hell, the word "cloning" refers directly to DNA manipulation. Saying uncloneable like DNA is like saying it's unspreadable like peanut butter. The OP should refer to fingerprints, a unique physical assignment that can only be duplicated physically.

    The crucial part is that the PUF must be packaged with reading hardware/firmware, such that you can't access the PUF without physically breaking in, disrupting the PUF rendering it invalid. And even if the key was effectively "sampled", the damage should quickly result in the termination of the key's access permissions, before a substitute could do much damage.

    Also it would be difficult to clone many original keys, since they would have to come into a hacker's physical possession, though it may be easy to make many copies of one key. Kind of moot when it's been cancelled.

    Sounds like a step forward, from magnetic strip cards at least!

  • Only one way (Score:3, Interesting)

    by BlueParrot ( 965239 ) on Monday September 08, 2008 @04:35PM (#24924797)

    There is precisely one way to make a device un-clonable, and that is by quantum mechanically entangling it with a central authority. The no-cloning theorem of quantum mechanics then ensures that there is no way to record the state of the system without disturbing it in the process, thus destroying the entanglement. Obviously this is tricky to implement in practice ( read: impossible with existing technology ), and the device could only be identified once, after which its state would be ruined and the entanglement broken, but at least in theory every classical system ( i.e every system not relying on QM ) can be cloned. It may be exceedingly difficult to achieve in practice ( good luck creating two diamonds with the impurities at the same locations in the crystal lattice as an example ), but it is in at least in principle possible.

The only function of economic forecasting is to make astrology look respectable. -- John Kenneth Galbraith