Power games in RFID security

Power consumption is a key element in the design of secure RFID systems. It is a major resource constraint for cryptographic primitives, a sidechannel that can expose sensitive data, and a determinant of read ranges for tags. While protocol design for high-powered, networked computing devices can conveniently disregard power considerations, energy consumption is an unavoidable dimension of RFID-tag security. In constrained, battery-powered devices such as sensors, communication is a power-intensive operation; local computation less so. I\´ll explain how passive RFID tags turn this longstanding wisdom on its head. For "computational" RFID tags, transmitting data consumes less energy than storing it locally. This observation motivates a new approach to protocol design in which tags "outsource" storage to readers. The challenge then is to enforce data integrity and confidentiality without negating energy savings [1]. While the energy limitations of RFID tags can be a liability, surprisingly they can also be exploited in useful ways. I\´ll describe how EPC Gen-2 tags, the most prevalent form of barcode-type RFID, have a low-power regime that permits a conversion of the "kill" operation (a privacy feature) into a crude challenge-response protocol (an authentication feature). I\´ll explain why such unorthodox techniques are valuable, particularly for a new generation of EPC-based identity documents in the United States [2]. I\´ll conclude by arguing that a holistic view of power consumption issues in RFID calls for a reshaping of the academic research agenda around RFID security and privacy. I\´ll posit, for instance, that protocols for identifier privacy in RFID, i.e., for anti-tracking, could well be a vain pursuit, and should give way to more valuable research on techniques for RFID data privacy.