An open-ended technology with a variety of applications, the RFID chip has become common in use for tracking items and communicating with secure systems. This is a potential boon to hackers who can exploit their minimal processing power for their own ends, and the chips themselves are often none the wiser.
A crucial shortcoming of RFID technology is the chip’s inability to determine the distance to a device attempting to gain access. By manipulating this weakness, hackers can easily intercept communications between chips and readers, giving themselves an “in” for future attacks on whatever systems they control. In order to enable an RFID to determine the location of an access point, a power source would be necessary, which is counterintuitive to their passive design concept.
Eslam Gamal Ahmed, a researcher at Cairo’s Ain Shams University, and his colleagues have devised a new security protocol for implementation between the tags and their readers. Whereas other approaches required an exchange of random numbers between a powered RFID and its reader, Eslam’s new protocol generates strings at the source and stores them on the passive chip, minimizing the potential for unauthorized access. While this breakthrough technique has yet to prove itself in real-world application, it could be the key to securing the increasingly valuable assets protected by RFID technology.
