Hardware RFID Security for Preventing Far-Field Attacks

Abstract

Radio frequency identification (RFID) is a widely used approach for a short-range contactless data exchange, i.e., employed in billing systems. During the last years, unauthorized access has become an issue, as it has been proven on numerous unpleasant occasions. A typical theft scheme is based on approaching a victim with a card reader. However, a straightforward adaptation of the reader’s antenna elements allows performing the attack from a distance, opening a severe security loophole. Here, we propose and demonstrate hardware-based protection capable of preventing a far-field attack of this kind. Our solution is based on an RFID chip shielding with an opaque metal. The Faraday type of the enclosure has a small aperture, which suppresses electromagnetic field leakage from the device. This property affects both up and down interrogation links, virtually making the far-field attack impossible. Activation of the card is done by holding it in hand–this way, it is made accessible to an authorized readout, which still remains wireless. The physical principle of the operation is placing a high-index dielectric structure next to a subwavelength aperture, making it electromagnetically larger and, as a result, supporting the field leakage. Our experimental prototype, validated by several different users, shows the capability to diminish far-field attacks on ultrahigh frequency (UHF) RFID tags. This hardware security solution can find usage in numerous applications, such as biometric passports, credit cards, and many others, where unauthorized access to sensitive data is highly undesirable.