A technology that's been around for decades is in the spotlight again after researchers at MIT and Texas Instruments said they've developed a new type of radio frequency identification (RFID) chip that is virtually impossible to hack.
A standard RFID chip.
According to MIT, if the new chips were widely adopted, an identity thief couldn't steal credit card numbers or key card information by sitting next to a person at a café, and high-tech burglars couldn't swipe expensive goods from a warehouse and replace them with dummy tags.
Traditional RFID chips, used for tracking everything from goods in warehouses to performing contactless payments, offer an advantage over traditional barcode systems in that they do not need to be positioned precisely with a scanner for information to be read. However, growing use of RFID chips in the financial information and credit card industries has led to increased privacy concerns, The Stack notes.
MIT's new chip is designed to prevent so-called side-channel attacks, which analyze patterns of memory access or fluctuations in power usage when a device is performing a cryptographic operation in order to extract its cryptographic key, according to MIT News. Texas Instruments has built several prototypes of the new chip, to the researchers' specifications, and in experiments the chips have behaved as expected. The researchers presented their research at the International Solid-State Circuits Conference in San Francisco last week.
But while it's possible to prevent side-channel attacks, there's still vulnerability in a "power glitch" attack, in which the RFID chip's power is repeatedly cut right before it changes its secret key. Attackers can then run the same side-channel attack thousands of times, with the same key. Power-glitch attacks have been used to circumvent limits on the number of incorrect password entries in password-protected devices, but RFID tags are particularly vulnerable to them because they're charged by tag readers and have no onboard power supplies.
MIT cites two design innovations that allow the researchers' chip to thwart power-glitch attacks: One is an on-chip power supply whose connection to the chip circuitry "would be virtually impossible to cut," and the other is a set of "nonvolatile" memory cells that can store whatever data the chip is working on when it begins to lose power. By using a type of material known as ferroelectric crystals, Texas Instruments and other chip manufacturers can produce nonvolatile memory, or computer memory that retains data when it's powered off.
Texas Instruments CTO Ahmad Bahai stated: "We believe this research is an important step toward the goal of a robust, lo-cost, low-power authentication protocol for the industrial internet." Texas Instruments, along with Japanese automotive company Denso, funded the MIT research project that led to development of the new RFID chip.
MIT shows off wireless signal tracking technology
MIT researchers use Wi-Fi to track silhouettes through walls
Sigfox, Texas Instruments collaborate to deliver Internet of Things solutions