These ‘Hack-Proof’ RFID Chips Could Stop Your Cash Being Stolen

Researchers at MIT and Texas Instruments have developed a new type of radio frequency identification (RFID) chip, which they claim is almost impossible to hack.

If the new technology becomes widely adopted, it could spell the end for credit card identity theft. The RFID chips could prevent a criminal from stealing your credit card number or key card information by sitting next to you at a café, and they would be unable to steal expensive goods from a warehouse and replace them with fake tags.

Side-channel attacks

MIT graduate student in electrical engineering, Chiraag Juvekar, said the chip is designed to prevent side-channel attacks. Such attacks analyse patterns of memory access or fluctuations in power usage when a device is performing a cryptographic operation, in order to extract its cryptographic key.

A standard RFID chip. Credit: MIT

He explained: “The idea in a side-channel attack is that a given execution of the cryptographic algorithm only leaks a slight amount of information.

“So you need to execute the cryptographic algorithm with the same secret many, many times to get enough leakage to extract a complete secret.”

One way to stop side-channel attacks is to regularly change secret keys. In that case, the RFID chip would run a random-number generator that would generate a new secret key after each transaction. A central server would then run the same generator, and each time an RFID scanner queried the tag, it would relay the results to the server, to check if the current key was valid.

However, this kind of system would still be vulnerable to a ‘power glitch’ attack, in which the RFID chip’s power would be repeatedly cut right before it changed its secret key. A criminal could then run the same side-channel attack thousands of times, with the same key.

Power-glitch attacks have been used to circumvent limits on the number of incorrect password entries in password-protected devices, but RFID tags are particularly susceptible to them. This is because they are charged by tag readers and have no onboard power supplies.

Two design innovations allow the MIT researchers’ chip to thwart power-glitch attacks. The first is an on-chip power supply, the connection of which to the chip circuitry would be virtually impossible to cut. The second innovation is a set of ‘nonvolatile’ memory cells that can store whatever data the chip is working on when it begins to lose power.

Texas Instruments has built numerous prototypes of the chip, to the MIT researchers’ specifications, and in experiments the chips have behaved as expected.

Ahmad Bahai, chief technology officer at Texas Instruments, said: “In the age of ubiquitous connectivity, security is one of the paramount challenges we face.

“Because of this, Texas Instruments sponsored the authentication tag research at MIT that is being presented at ISSCC. We believe this research is an important step toward the goal of a robust, low-cost, low-power authentication protocol for the industrial Internet.”

How much do you know about the world’s most notorious hackers? Try our quiz!

Duncan Macrae

Duncan MacRae is former editor and now a contributor to TechWeekEurope. He previously edited Computer Business Review's print/digital magazines and CBR Online, as well as Arabian Computer News in the UAE.

Recent Posts

Baltic Sea Power Cable Severed In Latest Incident

Undersea internet and power cable in Baltic sea between Finland and Estonia suffers outage. Finland…

1 day ago

US Begins Investigation Into Legacy Chinese Chips

The Biden Administration has launched a last-minute investigation into older Chinese-made legacy semiconductors - weeks…

1 day ago

Iran Lifts Ban On WhatsApp, Google Play

State media reports the Iranian regime has lifted the ban on WhatsApp and Google Play,…

1 day ago

Spyware Maker NSO Group Found Liable In US Court

Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…

4 days ago

Microsoft Diversifying 365 Copilot Away From OpenAI

Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…

4 days ago

Albania Bans TikTok For One Year After Stabbing

Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…

4 days ago