Security and Privacy Issues in RFID technologies
Avi Rubin
Johns Hopkins

Abstract:

Radio-Frequency Identification (RFID) has arrived. Small wireless tags
are used for identifying merchandise, controlling inventory, enabling
online purchases, reducing car theft, and a myriad of other
applications. The potential seems limitless. The United States
government is considering putting RFID tags in passports, and several
states are examining RFIDs for drivers licenses. But, as with any
technology, the windfall in functionality comes at a price. Items that
announce their identity to any wireless query do not necessarily limit
their communications to well meaning readers. Furthermore, technology
designed for identification may not be appropriate for authentication
and electronic payment, as exemplified by the Texas Instruments DST
technology used in ExonMobil Speedpass and vehicle immobilizers. This
talk will describe the two types of RFID systems in use today and the
security and privacy concerns introduced by these and future
applications.