Classification of RFID Attacks Aikaterini Mitrokotsa, Melanie R. Rieback and Andrew S. Tanenbaum Department of Computer Science, Vrije Universiteit De Boelelaan 1081A, 1081 HV Amsterdam, The Netherlands {katerina, melanie}@few.vu.nl, ast@cs.vu.nl Abstract. RFID (Radio Frequency Identification) systems are emerging as one of the most pervasive computing technologies in history due to their low cost and their broad applicability. Although RFID networks have many advantages, they also present a number of inherent vulnerabilities with serious potential security implications. This paper develops a structural methodology for risks that RFID networks face by developing a classification of RFID attacks, presenting their im- portant features, and discussing possible countermeasures. The goal of the paper is to categorize the existing weaknesses of RFID systems so that a better under- standing of RFID attacks can be achieved and subsequently more efficient and effective algorithms, techniques and procedures to combat these attacks may be developed. 1 Introduction RFID networks exist in a broad range of environments and their rapid proliferation has been underway for quite some time. RFID systems consist of tiny integrated cir- cuits equipped with antennas (RFID tags), that communicate with their reading devices (RFID readers) using electromagnetic fields at one of several standard radio frequen- cies. Additionally, there is usually a back-end database that collects information related to the physically tagged objects. RFID systems are vulnerable to a broad range of malicious attacks ranging from passive eavesdropping to active interference. Unlike in wired networks, where com- puting systems typically have both centralized and host-based defenses (e.g. firewalls), attacks against RFID networks can target decentralized parts of the system infrastruc- ture, since RFID readers and RFID tags operate in an inherently unstable and poten- tially noisy environment. Additionally, RFID technology is evolving quickly – the tags are multiplying and shrinking - and so the threats they are susceptible to, are similarly evolving. Thus, it becomes increasingly difficult to have a global view of the problem. Threat models are necessary for managing risks efficiently. In this paper, we will structure the most common RFID attacks into layers (related, but not identical to, ISO layering), both enumerating the threats as well as offering potential defenses for each layer. The rest of this paper is structured as follows: Section 2 gives an overview of our layering and classification criteria. Section 3 discusses the physical layer, while Section 4 covers the network and transport layers. Section 5 concerns the application layer, and