Thanks to Ross Stapleton-Gray's SurPriv blog for the news that EPCglobal has ratified its UHF Generation 2 standard, but without any encryption
This is the new standard for RFID tags favoured by both the US Department of Defense and the supermarket giant Wal-Mart for passive RFID tags working at Ultra High Frequencies of between 860Mhz and 960MHz. This promises faster reading of tags at greater ranges than the current generation of RFID tags which have been tested in various warehouse and, more controversially, supermarket shelf trials.
We have already speculated:
"Compared to the existing weak 24 bit Class 0 and the trivially weak 8 bit Class 1 "Kill Codes" the proposal to have a 32 bit one must be an improvement, but whether this actually offers any real improvement in security from Denial of Service attacks or actually helps with Privacy is still open to question until the full specification and the alleged "secure communications between reader and tag" are explained."
So does the new Generation 2 protocol solve these problems ? We have not yet seen a detailed copy of this agreed protocol, but according to this internetnews.com article (again, thanks to Ross Stapelton-Gray), it looks as if the security and privacy issues have not yet been properly sorted out:
" The RFID industry suffered from a proliferation of standards, according to Sue Hutchinson, director of product management for EPCglobal. EPCglobal had two GEN-1 standards, while ISO had two UHF air interface standards.
"Whether you were a customer or a vendor trying to build, it was a little confusing," she said. "This gives us a harmonized standard for UHF RFID that the industry around the globe can build to," she said. "Anytime we can come up with a harmonized standard that lets us concentrate the market, it helps drive the economy for the industry."
To develop the UHF Generation 2 (Gen 2) standard, EPCglobal developed a strong set of end-user requirements, then melded the best features of four competing proposals.
Gen 2 made several improvements over the various standards in use before. Most important, Hutchinson said, is that it's a global standard that uses frequency and power in a way that complies with the major regional regulatory environments.
In addition to improvements in security of the data on the tag, the standard includes the ability to lock the identification fields in the tag, so that they can't be spoofed or changed without a password. It also includes a strong kill mechanism, so retailers and others have the option of automatically erasing all data from the tag as it passes through a reader."
The incorporation of a kill mechanism is welcome.
"Hutchinson said that the standard does not allow for encryption, because one of the user requirements for the standard was that the tags be inexpensive."
This is astonishing and completely the wrong approach.
The UHF 860Mhz - 960MHz renage overlaps with GSM mobile phones in various parts of the world, and the permitted power levels for readers is much higher in the USA than in say Europe or Japan.
Therfore the implementors in say Europe will assume that their supermarket or warehouse is safe from jamming or rogue readers or rogue tags, but attackers will simply be able to use higher power UHF Generation 2 equipment bought off the shelf designed for the USA market, in order to attack them, with or without more sensitive/efficient home made antennas.
The only way to prevent commercial, criminal, terrorist or military espionage or sabotage of the RFID tagged logistics chain would be to insist on strong encryption
Is embedding a UHF Generation 2 RFID tag in say, military or civilian footwear, really such a bright idea ? Perhaps such RFID tags will simply be used to activate "smart sensor" military landmines or terrorist bombs, which selectively pick out just US or European nationals ?