General security

An introduction to RFID

Youness Zougar
August 27, 2018 by
Youness Zougar

What's RFID?

RFID stands for Radio Frequency Identification. It is a technology allowing devices to automatically identify information stored in a tag through radio waves. An RFID tag consists of an antenna and a microchip in order to transmit and receive.

FREE role-guided training plans

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

This technology is generally characterized by the use of three important and essential components: the chip, the antenna and the reader.

The evolution of RFID

The use of RFID goes back to World War II, where it was used as a form of radar to locate Allied planes. Below is a quick history of the evolution of this technology.

Date Historical fact

1940 The concept of RFID is used for the first time to identify and authenticate aircraft in flight (IFF: Identify Friendly Foe). It is done to allow the identification of allied planes.

1970 From 1960-1970, RFID systems are kept as a confidential technology for military use to control access to sensitive sites, especially nuclear ones. But it seems that some companies have used it as well.

1980 Technological advances allow the appearance of the passive tag. The retro RFID tag modulates the wave radiated by the interrogator to transmit information. This technology eliminates the energy source embedded on the label, reducing its cost and maintenance.

1990 RFID technology begins to be normalized, allowing it to work with other systems.

1999 The Massachusetts Institute of Technology (MIT) founds the Auto-ID center. This is a research center specialized in automatic identification.

2003 The MIT center becomes EPCGlobal, an organization that promotes the Electronic Product Code (EPC), extending the barcode to RFID.

Starting 2005 RFID technologies are now widely used in almost all industrial sectors (aeronautics, automotive, logistics, transportation, health, daily life). The ISO (International Standard Organization) has largely contributed to the implementation of several standards (both technical and applied) to achieve a degree of interoperability.

2009 Creation of the National RFID Reference Center.

How does it work?

The operating principle of RFID systems is based on the remote exchange of electromagnetic waves. Specifically, the reader transmits a signal at a given frequency to one or more radio tags located in its reading field and they also transmit a signal back. The electromagnetic field feeds the label and activates the chip.

To transmit the information recorded in the chip, the chip creates an amplitude or phase modulation on the carrier frequency. Once this information is received by the reader, it transforms it into binary code. The operation remains symmetrical in the opposite direction.

The scenario of a radio frequency identification is therefore as follows:

  1. The reader transmits energy by radio to activate the tag.
  2. It queries the tags nearby.
  3. It listens to the answers and eliminates duplicates or collisions between answers.
  4. Finally, it transmits the results obtained to the concerned applications.

RFID labels/tags

These little devices are commonly called labels, but they are found under other names (smart labels, smart tags, tags, transponders). They are equipment intended to receive a radio signal and to immediately return a different radio signal containing relevant information. Each tag consists of a microcircuit and an antenna.

Just like the barcode that's read with an optical laser, the RFID tag is also scanned with a reader that retrieves radio frequency signals emitted by this tag.

There are three types of tags:

  • Passive tags: Devices that do not require any source of power, except that provided by readers at the time of the scan.
  • Active tags: Devices equipped with a battery, allowing them to communicate with the readers. Unlike passive tags, active tags can be read from long distances.
  • Semi-active tags: They act as a passive tag for communication and use their battery only to record the data.

The principal characteristics of a tag are:

  • Large storage capacity (one or more kilobytes)
  • Can be read by a scanner at a distance that can range from a few centimeters to about 200 meters
  • Can be read but not necessarily written. It is, however, possible to rewrite the tag and thus recycle it
  • Ease of use

Standards

The RFID system is based on a frequency system and has several tag devices, each adapted to the frequencies that suit it. The below protocols define the functionality provided by different types of tags.

Protocol What it defines

EPC Generation 1 Class 0 Read-only preprogrammed

EPC Generation 1 Class 1 Single-write and multiple-read of data

EPC Generation 2.0 Class 1 Improved version of the EPC Generation 1 Class 1: single-write and multiple-read of data

ISO 18000 Standard Read-only identification tag. This tag may, however, also contain rewritable bits concerning the user's data. Several adaptations of the ISO are also available

ISO 15963 Unique ID tag

ISO 15961 Concerns the protocol data: defines the encoding standards and logics of these, regarding their memory functions

ISO 15962 Applies to protocol data: defines the implementation of the interface

ISO 14443 Standard Applies to data encryption: Triple DES and SHA-1 (13,56Mhz) methods

The use of these standards allows RFID solution integrators to find systems suitable to the needs of their customers based on verified performance, and which can be a repository even if the tests are not performed on site. It will also allow users to choose from several solutions.

RFID frequency bands

A radio signal has a radius of a few hundred meters, depending on the power of the installation and the frequency used. A radio wave is classified according to its frequency expressed in Hertz (Hz) or cycles per second.

The set of frequencies used for RFID technology is described below.

Low frequency

These are the frequencies ranging from 30 to 300KHz, with a wavelength of 1 to 10 km and a reading distance going up to 10cm.

In RFID, a tag using low frequency is represented by the acronym LF (Low Frequency). Following national or international regulations, LF uses frequencies 125KHz - 134.2 KHZ.

High frequency

All frequencies from 3 to 30MHz, with a wavelength of 10 to 100m and a reading distance of 10cm to 1m.

In RFID, the tag that uses high frequency is represented by the acronym HF (High Frequency) and uses the frequency 13.56MHz to exchange data.

Ultra-high frequency

These are all frequencies from 300 MHz to 3 GHz, with a wavelength of 10 cm to 1 m and a reading distance going up to 200m.

In RFID, the tag using ultra-high frequency is represented by the acronym UHF (Ultra High Frequency) and is based on the frequency band 860MHz - 960MHz.

Conclusion

In this article, we saw a bit of history about RFID and how RFID works theoretically. In the next articles, we will dig deeper into its functioning with concrete examples and the necessary tools to use it.

Sources

Youness Zougar
Youness Zougar

Youness Zougar is an IT Security Expert, especially in Reverse Engineering and Malware Analysis. He is also a Windows Kernel Drivers developer and co-founder at SAFE-Cyberdefense. In order to offer companies the best level of security, he developed with his teammates an Endpoint solution called SAFE Endpoint Security based on a defense in depth technology applied to workstations.