RFID: Cloning vs. Copying
Thursday, August 10, 2006 - AIM Global

http://www.aimglobal.org/members/news/thumbnails/730.gif
 

Bert Moore

Editor

 

There have been a few  recent reports stating that RFID tags have been "cloned" in various demonstrations.  The term "cloning" is so widely used that one might be led to believe that that's what has actually been done.

 

The truth is, none of these demonstrations has demonstrated "cloning" of RFID tags.  Data has been read and written to another tag.  And that's "copying" not "cloning."

 

It's tempting to use the term "clone" to describe the results of these various demonstrations because it strikes a very high-tech and even somewhat ominous chord in the public's perception. But a "clone," in the purest sense of the term, is a duplicate of the original that is indistinguishable from the original.  Even a loose definition suggests that a clone should function indistinguishably from the original (such as a "PC clone").

 

The term "clone" is being used to describe the results of these demonstrations  not because it's the correct term but because it makes for more sensational headlines.  To be charitable, it's possible the term is being used out of ignorance of the way RFID chips are made.

 

A significant feature of RFID tags that make it impossible to "clone" a tag is the fact that each RFID chip comes from the foundry (the factory where chips are made) with a unique, burned-in ID code called a Tag ID (TID).  The TID cannot be erased, changed or masked.  The TID, therefore, makes each chip uniquely identifiable.

 

As a result, even if 1,000,000 tags were encoded with the same data, each would still be uniquely identifiable.

 

A simple analogy would be a roll of label stock for a bar code printer.  If each label was already pre-printed with a unique bar code serial number -- and that bar code was protected by a non-printable overlay -- you could print any information on the label you wanted but each label would still have its pre-printed bar code to give it a unique identity.

 

Or, more to the point with the various RFID demonstrations, you could read the data from one bar code label and reproduce it exactly on another label.  But because of the pre-printed label ID, all you would have is a copy of the label that could be identified as a copy, not a "clone."

 

Photocopying the bar code label is another issue -- one that could be compared to "spoofing" -- and that topic will be covered in next week’s Viewpoint.

 

In terms of the security of RFID-enabled documents, systems that read the TID and compare it against a record stored in a secure database or recorded by some other secure method can not be fooled by RFID tags that are copies of the original.  The TID will instantly identify the copy as a copy.

 

Bottom line: you can't "clone" an RFID tag.  All you can do is copy its data to another tag.  And, unless you are inventing a new definition for the word, that makes the copy a "copy," not a "clone."

 

 



Share this Story
diggDigg   deliciousdel.icio.us   yahooYahoo   rededitReddit   facebookFacebook   googleGoogle

Related Articles :

  • Letters to the Editor: RFID "Cloning"
    The Viewpoint article on Cloning vs. Copying generated some interesting responses. Below are two representative types of questions and comments.
  • RFID Security: No Simple Answers
    Threats to any system -- including RFID -- come in many forms and in varying degrees of probability and severity. AIM's RFID Experts Group (REG) is currently developing a document that examines RFID security, threats and countermeasures. In developing this document, it is already clear that security is a complex issue that is both application- and commodity-dependent. In short, there are no "cookie cutter" or “short and sweet” answers to providing the right level of, or approach to, security.









Search Articles :


Submit a Review for this Article:
Thumbs up or Thumbs Down