Implications of Data Remanence on the Use of RAM for True Random Number

Generation on RFID Tags

Nitesh Saxena and Jonathan Vorisnsaxena@poly.edu, jvoris@isis.poly.edu

Polytechnic Institute of New York UniversityDepartment of Computer Science and Engineering

We Can Remember it for You Wholesale

2

The Problem: RFID Random Number Generation

Most security and privacy solutions for RFID tags require true random number generation (RNG) True randomness: Uses physical noise Pseudorandomness: Uses a seeded function

Due to costs, RFID tags are constrained in terms of: Memory Computation Power User interfaces

What is the best way to perform RNG on RFID tags?

3

Potential Solution: RAM Based RNG

Recent proposal: Fingerprint Extraction and Random Numbers in SRAM (FERNS) by Holcomb et. al [RFIDSec ‘07][ToC ‘09]

Derives a fingerprint from uninitialized memory

Fingerprint can be used as: An identifier A source of randomness

Huge advantage: No new hardware required for RNG

4

Potential Limitations of RAM Based RNG

Amount of randomness is restricted by amount of unused memory RFID tags don’t have much to begin with Other functionalities also utilize RAM

After a portion of memory has been used for RNG, must wait for it to become uninitialized before using again How often does this occur with standard RFID

usage? Can RAM based RNG generate sufficient

randomness for RFID security and privacy protocols?

5

RFID Overview

RFID infrastructure consists of: Tags – small transponders Readers – wirelessly query tags

Tags commonly: Are passive – derive power from reader transmissions Have little memory and computational power

For research, utilized Wireless Identification and Sensing Platform (WISP) by Intel Research First programmable passive tag Allowed work with a live RFID device

6

Using Memory for RNG

FERNS approach RAM cells power up into a stable ‘0’ or ‘1’

state Which state depends on physical

properties Large threshold voltage mismatch: reliably

enter one state Small mismatch: take on value randomly

Physical noise of well matched cells supplies entropy

7

Data Remanence

Popular belief: data held in RAM is lost as soon as power is removed Not accurate! Data takes time to decay

Brief interval after power loss where data remains intact Known as data remanence

Decay rate varies: Between particular chips With temperature

What implications does this have on RAM initialization frequency?

Source: Halderman et. al [USENIX ‘08]

8

RFID Authentication (1)

RFID tags designed to respond promiscuously to any query

Tag forging is relatively simple: Query a tag to obtain its data Program a new tag with an identical

value Cryptography is expensive, so

traditional solutions are ill-suited to low cost tags

9

RFID Authentication (2)

New authentication solutions developed to address tag shortcomings HB+ is one of the best known

Requires only bitwise logic gates and high quality random numbers For 80-bit security, either:

80 rounds where tag generates a 224 bit random value

Single round where tag generates a 17,920 bit random value

Can RAM based RNG generate sufficient randomness for protocols like HB+?

10

WISP RNG Implementation

Implemented FERNS on a WISP tag Preliminary test:

Tag generates a single 37 bit hash from 512 bits of uninitialized RAM

Tag transmits hash value to the reader through its EPC ID

Noticed identical values being transmitted Certainly not random! Why?

11

WISP Data Remanence (1)

Broke WISP memory into blocks and sent through EPC ID

Uninitialized memory was not changing! Data was being retained between queries

Tags derive power from reader transmission While continuously polling, tag never loses

power Memory not reinitialized between queries

12

WISP Data Remanence (2)

How long is data retained in WISP memory?

Used data remanence methodology from Halderman et. al [USENIX ‘08]

Attached WISP to debugger Provides power Allows direct reads/writes to tag memory

Fill WISP memory with a pseudorandom pattern

13

WISP Data Remanence (3)

Next, detached WISP from debugger Deprives tag of power

Waited a certain length of time Reattached to debugger and read back

memory contents Decay rate is the Hamming distance

between the original pattern and the value read back Since pattern was pseudorandom, expected to

have equal amount of each bit Thus Hamming distance of 50% pattern length

indicates full decay

14

Remanence Results

15

Remanence Results (3)

Initial 15 second period of little (< 1%) decay

15 seconds of rapid decay Slow decay of whatever remained Depending on particular tag, WISPs

require 25 to 30 seconds without power for complete decay

16

Available Memory on WISPs

How much uninitialized RAM is available on a WISP? At the very least, EPC protocol stack must be in

RAM Loaded tags with default firmware Checked how much space was available

for additional data 512 – 136 = 376 bytes available

This is a best case Entire EPC protocol not implemented 5-10 cent RFID tag projected to have 128 bits

max – Juels and Weis [CRYPTO ‘05]

17

Practicality of RAM Based RNG (1)

How feasible is it to use RAM Based RNG for RFID authentication protocols? Taking HB+ and HB# as examples

For 80 bit security, Parallel HB+ requires 17,920 random bits HB# requires 512 random bits (but requires

more memory itself) Estimated 0.103 bits of entropy per byte

of RAM - Holcomb et. al [RFIDSec ‘07] Based on remanence results, a 30 second

wait time is required between reads

18

Practicality of RAM Based RNG (2)

For WISP 4.1: 309 random bits available For HB+:

58 memory hashes required 28.5 minutes of wait time

For HB#: 2 memory hashes required 30 seconds of wait time

19

Effect on RFID Usage Model

Consider contactless RFID access card usage model Reader continuously polling User swipes card in front of reader

Access card would have to be taken out of range of reader to let memory “cool down”

Users would have to repeatedly bring card in and out of reader range How to tell when you are out of range and for how long?

Potential for new attacks If an adversary could continuously supply power, could force tag to reuse RAM values

20

Conclusion

Have shown practical shortcomings of RAM based RNG for RFID tags Memory is in short supply Data remanence leads to longer than expected

wait times between RAM uses RAM Based randomness is still attractive

due to hardware reuse But seems insufficient on its own

Future work - investigate: Use of sensors as an entropy source Efficiency of alternative extractors

21

Thank you!