RFID: Applications, Security, And Privacy - Hardcover

Simson Garfinkel is a computer security researcher and an award-winning commentator on information technology. Among his twelve books are Database Nation: The Death of Privacy in the 21st Century (O’Reilly, 2001) and Practical UNIX and Internet Security, Third Edition (O’Reilly, 2003). A columnist for CSO magazine, Garfinkel’s columns earned the 2004 and 2005 Jesse H. Neal National Business Journalism Award. He recently received his Ph.D. in computer science from MIT.

Beth Rosenberg is a writer, editor, and journalist with fifteen years of experience in emerging technologies. She has written for the Boston Globe, Boston magazine, and the Christian Science Monitor, and edited a book for Harvard’s Kennedy School of Government.

There’s a school bus stopped outside a middle school Spring, Texas, a wealthy suburb on the northern edge of Houston’s metropolitan sprawl. Inside the bus several well-dressed and obviously well-off children stand in the aisle waiting to get off. Sandra Martinez, a 10-year-old with a thick brown braid and a charcoal grey blazer, pauses while she takes her ID card, hanging from a lanyard around her neck, and presses it against the large grey panel that’s mounted on the big padded barrier that divides the stairwell from the passenger compartment.

The panel beeps.

Sandra descends the school-bus steps and the next student fumbles for her ID card. Meanwhile, a computer onboard the bus is hard at work. First the computer takes a geospatial reading from the Global Positioning System receiver that’s mounted inside the bus. Next, the computer, using an onboard digital cell phone, sends to Spring Independent School District the precise time and location that Martinez left the bus using an onboard digital cell phone. This information is made instantly available on a Web site where it can be accessed by Martinez’s parents, the school administration, or anyone else with the appropriate access codes. The purpose of the system, which was installed at a cost of $180,000, is to let parents know precisely when and where their children get on or off the school bus. “If it works one time, finding a student who has been kidnapped, then the system has paid for itself,” Brian Weisinger, the head of transportation for the Spring district, told the New York Times.1

No student has ever been kidnapped in Spring, Texas.

A slightly different student tracking is in use at the Enterprise Charter School in Buffalo, New York. There, a pair of kiosks that were purchased at a cost of $40,000 read ID tags as students enter and exit the building. Mark Walter, head of technology for the Buffalo school, told the New York Times that initially, the system failed to register some students, but now it works pretty well. Advocates of the technology say that it just might even be expanded—for example, with readers placed on individual classroom doors to see if students are attending their classes.

Some students, of course, invariably forget their tags at home or lose them. Some might even purposely throw them away. Even for these students, technology has an answer: In late 2004, the U.S. Food and Drug Administration approved for general use a tiny radio tag that can be implanted under the skin. Similar technology has been used to track household pets since the 1990s.

Meanwhile, by the time this book is in print, the U.S. State Department will probably have started issuing passports that carry a tiny RFID chip that includes 64 kilobytes of memory and, alas, can be covertly read at a distance of 30 feet by anyone with a suitable reader and a good antenna.2 The State Department says that there’s no need to worry: The data on the chip will reportedly be encrypted, so anybody who reads it will only read gibberish.

The RFID Controversy and the Technology That Fuels It

Radio Frequency Identification—better known as RFID—is fast becoming one of the most controversial technologies of our era.

Proponents of RFID say that the tiny tags, made out of silicon chips and radio antennas, can stamp out counterfeit drugs, fight terrorism, and at the same time help Wal-Mart keep its shelves stocked. They say that widespread adoption of RFID will allow companies to improve efficiency, cut costs, and offer dramatic new products and services to their customers. Most proponents scoff that the technology has a downside at all—other than perhaps the cost of the tags, and the cost of tags is dropping fast.

But RFID has many critics. The most vocal are privacy activists who argue that the technology’s unprecedented ability to track the movement of individually serialized objects could be turned around and used to track the people carrying those objects. They worry that the RFID readers across the nation could report back to a single global network that could be used by the government as a kind of roving geographical wiretap.

Many critics argue that RFID is a threat not just to individuals, but to corporations and governments as well. In a few years, RFID readers at warehouse doors will allow companies to inventory the contents of cartons without opening them. But without the proper controls, the technology could also facilitate industrial espionage by giving competitors unprecedented access to a company’s inventory. And once you begin thinking about RFID as an offensive technology, a lot of possibilities start emerging. Just as toll roads can use RFID to read E-ZPass tags and automatically debit drivers’ accounts, an RFID-equipped bomb could wait patiently until it senses the tag of a particular individual driving above, and then detonate. Want to falsely implicate someone in a crime? Just clone one of their RFID tags and then arrange for it to pass by a particular reader just minutes before a murder.

This book is the first of its kind to explore the wide range of security and privacy issues that are being raised by RFID technology. It is the first book to bring together advocates and opponents from across the RFID spectrum. In its pages you will find chapters from companies that are producing RFID readers; from companies that are busy putting products with embedded RFID-tags on their shelves; and from the very privacy activists who are trying to stop them. Bringing together this diverse group of individuals and organizations has taken a lot of time and work. The result is the most balanced and accurate discussion you will find of RFID technology and its attendant controversy anywhere on the planet.

RFID: What Is It?

As its name implies, the term RFID is generally used to describe any technology that uses radio signals to identify specific objects. In practice, this means any technology that transmits specific identifying numbers using radio. Electronic Article Surveillance (EAS) systems, used by many clothing and music stores to set off an alarm when a shoplifter steals an item, are not RFID because the EAS tags do not have individual codes or serial numbers that can be read remotely. The Mobil Speedpass system used to pay for gas is an RFID system: Each Speedpass tag contains a unique serial number that is used to identify the tag’s owner.

Each RFID tag consists of a silicon chip, an antenna, and some kind of housing. The tags come in sizes as large as a paperback book and smaller than a grain of rice. So-called active tags contain batteries, while passive tags are powered directly by the radio frequencies used to read them. The reading range of a tag depends on many factors, including the tag’s electronics, its antenna, the reader, the radio frequencies used, and decisions made at the time the system is deployed. It is therefore inaccurate to state a “typical tag’s” read range without first specifying what kind of tag you are using. (I explain these technical issues and others in Chapter 2, Understanding RFID Technology.)

Already, RFID technology is broadly deployed within the United States. Between the “proximity cards” used to unlock many office doors, and the automobile “immobilizer chips” built into many modern car keys, it’s estimated that roughly 40 million Americans carry some form of RFID device in their pocket every day. I have two: Last year MIT started putting RFID chips into the school’s identity cards, and there is a Philips immobilizer chip inside the black case of my Honda Pilot car keys.

Many of today’s media accounts of RFID aren’t about these proprietary devices or RFID in general, but the standardized Electronic Product Code (EPC) chips that were developed by the Auto-ID Center and are now being overseen by EPCglobal, a trade organization. RFID systems have been around for more than thirty years, opening office doors and tagging laboratory animals, but when the EPC was introduced, these systems were too expensive for mass deployment. By standardizing on a simple chip design and over-the-air protocol, EPC is able to take advantage of mass production’s efficiencies.

EPC tags are designed to replace today’s ubiquitous Universal Product Code (UPC) bar codes, except instead of identifying the maker and kind of product, the 96-bit EPC code will give every package of razors, box of pancake mix, and pair of sneakers its own unique serial number. The tags, which operate in the unlicensed radio spectrum between 868 MHz and 965 MHz, can be read at a distance of many feet and through paper, fabric, and some plastics. And although the tags can cost as much as a 40 cents today, when purchased by the millions, the cost rapidly decreases to 10 cents per tag or less. (Sanjay Sarma, one of the founders of the Auto-ID center, explains the birth of the Auto-ID center and the EPC in Chapter 3, A History of the EPC.)

RFID Comes of Age

I had my first experience with RFID technology in January 1984. I was a freshman at the Massachusetts Institute of Technology and had just taken a job at one of MIT’s new biology labs. For added security, the lab had installed a keyless entry system. The lab gave me thick blue card to put in my wallet. To get into the secure area, all I had to do was wave my wallet in front of a special reader. Within a few days I learned that I could just bump against the reader, leaving my wallet in my pocket. It was very cool and high-tech and allegedly very secure.

After a few weeks in my wallet, the top layer of the card’s plastic was starting to peel away. And a few days after I quit that job, I ripped open the card to see how it worked. Underneath the laminate I found a printed circuit board, a chip that was the size of a postage stamp, and a dozen or so metal pads, some of them shorted together with a dab of solder.