Scientists, including those of Indian-origin, have developed a new radio frequency identification (RFID) chip that is virtually impossible to hack and can prevent your credit card number or key card information from being stolen.
The chip prevents so-called side-channel attacks, which analyses patterns of memory access or fluctuations in power usage when a device is performing a cryptographic operation, in order to extract its cryptographic key.
“The idea in a side-channel attack is that a given execution of the cryptographic algorithm only leaks a slight amount of information,” said Chiraag Juvekar from Massachusetts Institute of Technology (MIT). “So you need to execute the cryptographic algorithm with the same secret many, many times to get enough leakage to extract a complete secret,” he added.
One way to thwart side-channel attacks is to regularly change secret keys. In that case, the RFID chip would run a random-number generator that would spit out a new secret key after each transaction. A central server would run the same generator, and every time an RFID scanner queried the tag, it would relay the results to the server, to see if the current key was valid.
Such a system would still, however, be vulnerable to a power glitch attack, in which the RFID chips power would be repeatedly cut right before it changed its secret key. An attacker could then run the same side-channel attack thousands of times, with the same key.
Power-glitch attacks have been used to circumvent limits on the number of incorrect password entries in password-protected devices, but RFID tags are particularly vulnerable to them, since they are charged by tag readers and have no onboard power supplies.
Researchers including Anantha Chandrakasan from MIT and scientists from Texas Instruments designed two innovations that allow the chip to thwart power-glitch attacks – one is an on-chip power supply whose connection to the chip circuitry would be virtually impossible to cut, and the other is a set of nonvolatile memory cells that can store whatever data the chip is working on when it begins to lose power.
For both of these features, researchers used a special type of material known as a ferroelectric crystals. As a crystal, a ferroelectric material consists of molecules arranged into a regular three-dimensional lattice. In every cell of the lattice, positive and negative charges naturally separate, producing electrical polarisation. The application of an electric field, however, can align the cells polarisation in either of two directions, which can represent the two possible values of a bit of information. When the electric field is removed, the cells maintain their polarisation.
For both of these features, researchers used a special type of material known as a ferroelectric crystals. As a crystal, a ferroelectric material consists of molecules arranged into a regular three-dimensional lattice. In every cell of the lattice, positive and negative charges naturally separate, producing electrical polarisation. The application of an electric field, however, can align the cells polarisation in either of two directions, which can represent the two possible values of a bit of information. When the electric field is removed, the cells maintain their polarisation.
If such chips were widely adopted, it could mean that an identity thief could not steal credit card numbers or key card information, and high-tech burglars could not swipe expensive goods from a warehouse and replace them with dummy tags.
0 comments:
Post a Comment