Research project targets radio tag security, privacy

  • John Cox (Network World)
  • 28 September, 2006 08:54

A group of university computer scientists are launching a research project to better protect data stored in radio-based smart tags.

The project's goal is to prevent cyber thieves from cracking the tags and stealing personal data. Such tags, which include but are not limited to passive RFID systems, are used in a growing number of applications, from automatic vehicle toll collection to accessing medical records.

The four-year project is funded by the National Science Foundation, which awarded US$1.1 million to a team of researchers from the University of Massachusetts at Amherst; Johns Hopkins University and RSA Laboratories.

The research will focus on the way radio tags and readers talk to each other, and the steps involved in a specific transaction. They plan to create an open, public software platform for experimenting with radio tag security. The idea, according to a Johns Hopkins statement, is to preserve users' privacy by making it much harder for unauthorized readers to find and talk to radio tags.

RFID technology is generating widespread fears over privacy violations and other security risks. RFID tags contain a memory chip and antenna, but no power source. The coded data on the chip is transmitted when the tag passes through the radio field created by a tag reader, creating a "contactless" exchange. One fear is that a thief could use a radio device of some kind to read a tag in a wallet or purse, with the tag owner being unaware of anything amiss.