Near Field Communication (NFC) enabled devices are starting to appear in our everyday lives. Shown in the picture above is the xNT (fundraiser warning), a 2mm x 12mm fully NFC Type 2 compliant 13.56MHz RFID tag encased in a cylindrical Schott 8625 bioglass ampule. It was created by [Amal Graafstra], who therefore aims to produce the world’s first NFC compliant RFID implant. The chip used is the NTAG203, which is (for the sake of simplicity) a 144bytes EEPROM with different protection features.
We can only start thinking of the different possibilities this chip will create in the near future, but also wonder which precedent this may set for future NFC enabled humans. Embedded after the break is the presentation video of xNT but also an interview I conducted with [Amal Graafstra], who has already been living for 8 years with RFID tags in each hand.
[Mathieu] First, we’d like to wish you all the best for your campaign, and it seems you’re already on the right path as you’ve just gotten $2k5 of your $8k goal on your first day.
[Amal] Thanks! We’re quite open about most of our R&D projects, and I know several people have been waiting for the xNT. They certainly came through at launch time. The tough part now will be to gather the remaining necessary backers, many of whom may be new to the entire concept of an implant.
[Mathieu] As mentioned in your video, you’ve been living with NFC chips in your left hand for 8 years now. Is it something you often ‘show’ to people, and what are their reactions?
[Amal] The chips I implanted back in 2005 are RFID technologies, but they are not NFC compliant, meaning they do not conform to NFC Forum standards. The xNT is the first NFC compliant implant available, which is why we’re so excited to see the campaign succeed! To answer your question though, most people don’t even know I have any RFID implants, and I don’t bother showing them off anymore. Most people find out when I use them to get into my home, or to access my datacenter or unlock my car. If they are paying attention, they will notice I don’t have anything in my hand and they will ask “hey, what just happened there” and I’ll show them and explain. When introduced to the concept in that way, seeing a useful application of it before contemplating the implant itself, most people are receptive and can see the usefulness. If I tell someone about it first, their reaction is usually a squeamish look on their face and sometimes a negative comment.
[Mathieu] Many of our geek friends at Hackaday are very interested by this technology, but are afraid to put it under their skin. What in your opinion could make them take this step?
[Amal] Back in 2005 I had several doctors as clients, and I consulted with both a cosmetic surgeon and my family general practice doctor about the device and the location I wanted to implant it. Both agreed it was a very safe place to install one of these devices, and both performed the procedure for me without hesitation. Since getting my implants, I’ve worked with hundreds of people also interested in getting an implant. I started Dangerous Things in order to control the materials processes involved to ensure the tags we sell are made with biocompatible glass and internal resins, and all components are bio-safe. Of all the people I’ve helped or sold implants to, I’ve never heard of any tags that have been implanted in the correct location (webbing of the hand) and in the proper orientation (parallel with the metacarpal) ever breaking or causing a problem. I’ve worked with doctors and body piercers to place these tags under the skin, and we’re building a partner network of professional body piercers to increase access to a clean studio environment and professional installation services. We offer procedure guides and phone consultations for piercing professionals who are installing for a Dangerous Things customer. Additionally, the implants are MRI safe, so getting one will not exclude you from medical imaging procedures.
[Mathieu] In your experience, are technical people less reluctant to try this chip than non-informed persons?
[Amal] Most of the time, people without a technical background will have misconceptions about the technology which lead them to believe that it is capable of doing something that it can’t. The most common misconception is that it can be tracked in real time by a 3rd party, like a GPS enabled device might be. Another common reason non-technical people are reluctant to entertain the idea of an implant is the lack of cheap, simple commercial products that work with the implant. When I got my first EM4102 based 125khz implant, the NFC standard was not published and there were no devices. This lack of standards meant you’d have to buy an expensive commercial access control system or you’d have to build solutions yourself. I ended up building my own solutions, as did many other hacker/hobbyists. The good news is, with NFC standards growing in popularity, commercial devices and systems based on NFC are now becoming available and a non-technical person can easily begin to integrate NFC into their daily lives without needing to solder it together themselves.
[Mathieu] The chip that you offer to put under the skin can be reprogrammed at will but has a unique 7 byte serial number, which may arise privacy concerns. What will you do with this information? Can we trust you? Do you think you’re setting a precedent in the history of NFC enabled humans?
[Amal] The 7 byte UID programmed into each NTAG203 chip could be a privacy concern if people used their tags with systems that are outside of their control. For example, if a person enrolled their implant with an access control system at their work or school, then every time they entered the premises by using their implant, that access even would be logged. But, the reality is, this is always the case when you use an access card, so there really is no difference having that access card under your skin instead of in your pocket.
The real question being asked about privacy revolves around consent – can someone read it, from a distance, without your consent. While it is technically possible someone could build a large, high powered antenna loop to pick up tags from a distance of a few feet, it’s not practical and not at all likely. Magnetically coupled data transmissions from passive tags don’t work like typical electric field radio emissions, and it becomes very difficult to generate a stable magnetic field that is large enough to envelope tags at a distance while maintaining the integrity and sensitivity required to communicate with those tags. Furthermore, the context in which you use your tag matters. If someone were to set up a large antenna loop somewhere and skim tag IDs of people walking by, in order to do anything with that information they would have to figure out who you were, how you used that tag ID, and plan an attack on you specifically. Unless a person were to use their implant to gain access to a bank vault or another target that an attacker would want to get into, it’s just not very likely. On the other hand, attackers who set up skim points to pull credit card data from RF enabled cards don’t need to know anything about their victims in order to go use that skimmed data to make purchases. Context matters.
[Mathieu] Did you try different antennas to see how far you could read the chip from?
[Amal] I’ve tried various antenna configurations with my 125KHz tag because low frequency works better than 13.56MHz high frequency tags when implanted into the body. The best range I could get using a high powered antenna loop coil that was 2 feet (~60cm) in diameter was about 1 foot (30cm). Typical read range of a 2mm x 12mm 125KHz tag using conventional readers is between 1mm and 2cm, depending on the reader and antenna configuration.
[Mathieu] In your opinion, can this chip be used to implement simple authentication on everyday devices?
[Amal] The xNT is well suited for simple authentication systems. The user memory space can also be used for NFC by storing an NDEF record, the latter portion of the user memory could also be used to store rotating one-time keys to help secure custom security systems. In a typical skim attack, an attacker that is able to read a tag’s UID bits and memory contents without consent would be able to emulate that UID and memory contents to the target reader device. In this scenario, the attacker gains entry and the victim has no idea anything is wrong. The attacker could come and go as they pleased without detection. By using a rotating key, each time the potential victim uses their tag the reader updates the key. This means two things; 1) the attacker has a very limited amount of time to utilize their attack. If the user were to return and use their tag before the attacker had time to execute an attack, the attack would fail. 2) the victim of a successful attack would not be allowed access due to a bad key on the tag. This would alert both the victim and the system administrator to a potential attack situation, which could bring up surveillance video of the current attempt and the last system access made by the attacker. Detecting an attack after it has happened is just as important as preventing one. Of course, there is no such thing as absolute security, and there are attacks which could be executed against a rotating key system, but again context is what matters. Typical users are going to be using the xNT for residential home access type projects, and I think if someone wants into your home that badly, they are much more likely to break a window or use some other, more conventional method.
We can only start thinking of the different possibilities this chip will create in the near future, but also wonder which precedent this may set for future NFC enabled humans. Embedded after the break is the presentation video of xNT but also an interview I conducted with [Amal Graafstra], who has already been living for 8 years with RFID tags in each hand.
[Mathieu] First, we’d like to wish you all the best for your campaign, and it seems you’re already on the right path as you’ve just gotten $2k5 of your $8k goal on your first day.
[Amal] Thanks! We’re quite open about most of our R&D projects, and I know several people have been waiting for the xNT. They certainly came through at launch time. The tough part now will be to gather the remaining necessary backers, many of whom may be new to the entire concept of an implant.
[Mathieu] As mentioned in your video, you’ve been living with NFC chips in your left hand for 8 years now. Is it something you often ‘show’ to people, and what are their reactions?
[Amal] The chips I implanted back in 2005 are RFID technologies, but they are not NFC compliant, meaning they do not conform to NFC Forum standards. The xNT is the first NFC compliant implant available, which is why we’re so excited to see the campaign succeed! To answer your question though, most people don’t even know I have any RFID implants, and I don’t bother showing them off anymore. Most people find out when I use them to get into my home, or to access my datacenter or unlock my car. If they are paying attention, they will notice I don’t have anything in my hand and they will ask “hey, what just happened there” and I’ll show them and explain. When introduced to the concept in that way, seeing a useful application of it before contemplating the implant itself, most people are receptive and can see the usefulness. If I tell someone about it first, their reaction is usually a squeamish look on their face and sometimes a negative comment.
[Mathieu] Many of our geek friends at Hackaday are very interested by this technology, but are afraid to put it under their skin. What in your opinion could make them take this step?
[Amal] Back in 2005 I had several doctors as clients, and I consulted with both a cosmetic surgeon and my family general practice doctor about the device and the location I wanted to implant it. Both agreed it was a very safe place to install one of these devices, and both performed the procedure for me without hesitation. Since getting my implants, I’ve worked with hundreds of people also interested in getting an implant. I started Dangerous Things in order to control the materials processes involved to ensure the tags we sell are made with biocompatible glass and internal resins, and all components are bio-safe. Of all the people I’ve helped or sold implants to, I’ve never heard of any tags that have been implanted in the correct location (webbing of the hand) and in the proper orientation (parallel with the metacarpal) ever breaking or causing a problem. I’ve worked with doctors and body piercers to place these tags under the skin, and we’re building a partner network of professional body piercers to increase access to a clean studio environment and professional installation services. We offer procedure guides and phone consultations for piercing professionals who are installing for a Dangerous Things customer. Additionally, the implants are MRI safe, so getting one will not exclude you from medical imaging procedures.
[Mathieu] In your experience, are technical people less reluctant to try this chip than non-informed persons?
[Amal] Most of the time, people without a technical background will have misconceptions about the technology which lead them to believe that it is capable of doing something that it can’t. The most common misconception is that it can be tracked in real time by a 3rd party, like a GPS enabled device might be. Another common reason non-technical people are reluctant to entertain the idea of an implant is the lack of cheap, simple commercial products that work with the implant. When I got my first EM4102 based 125khz implant, the NFC standard was not published and there were no devices. This lack of standards meant you’d have to buy an expensive commercial access control system or you’d have to build solutions yourself. I ended up building my own solutions, as did many other hacker/hobbyists. The good news is, with NFC standards growing in popularity, commercial devices and systems based on NFC are now becoming available and a non-technical person can easily begin to integrate NFC into their daily lives without needing to solder it together themselves.
[Mathieu] The chip that you offer to put under the skin can be reprogrammed at will but has a unique 7 byte serial number, which may arise privacy concerns. What will you do with this information? Can we trust you? Do you think you’re setting a precedent in the history of NFC enabled humans?
[Amal] The 7 byte UID programmed into each NTAG203 chip could be a privacy concern if people used their tags with systems that are outside of their control. For example, if a person enrolled their implant with an access control system at their work or school, then every time they entered the premises by using their implant, that access even would be logged. But, the reality is, this is always the case when you use an access card, so there really is no difference having that access card under your skin instead of in your pocket.
The real question being asked about privacy revolves around consent – can someone read it, from a distance, without your consent. While it is technically possible someone could build a large, high powered antenna loop to pick up tags from a distance of a few feet, it’s not practical and not at all likely. Magnetically coupled data transmissions from passive tags don’t work like typical electric field radio emissions, and it becomes very difficult to generate a stable magnetic field that is large enough to envelope tags at a distance while maintaining the integrity and sensitivity required to communicate with those tags. Furthermore, the context in which you use your tag matters. If someone were to set up a large antenna loop somewhere and skim tag IDs of people walking by, in order to do anything with that information they would have to figure out who you were, how you used that tag ID, and plan an attack on you specifically. Unless a person were to use their implant to gain access to a bank vault or another target that an attacker would want to get into, it’s just not very likely. On the other hand, attackers who set up skim points to pull credit card data from RF enabled cards don’t need to know anything about their victims in order to go use that skimmed data to make purchases. Context matters.
[Mathieu] Did you try different antennas to see how far you could read the chip from?
[Amal] I’ve tried various antenna configurations with my 125KHz tag because low frequency works better than 13.56MHz high frequency tags when implanted into the body. The best range I could get using a high powered antenna loop coil that was 2 feet (~60cm) in diameter was about 1 foot (30cm). Typical read range of a 2mm x 12mm 125KHz tag using conventional readers is between 1mm and 2cm, depending on the reader and antenna configuration.
[Mathieu] In your opinion, can this chip be used to implement simple authentication on everyday devices?
[Amal] The xNT is well suited for simple authentication systems. The user memory space can also be used for NFC by storing an NDEF record, the latter portion of the user memory could also be used to store rotating one-time keys to help secure custom security systems. In a typical skim attack, an attacker that is able to read a tag’s UID bits and memory contents without consent would be able to emulate that UID and memory contents to the target reader device. In this scenario, the attacker gains entry and the victim has no idea anything is wrong. The attacker could come and go as they pleased without detection. By using a rotating key, each time the potential victim uses their tag the reader updates the key. This means two things; 1) the attacker has a very limited amount of time to utilize their attack. If the user were to return and use their tag before the attacker had time to execute an attack, the attack would fail. 2) the victim of a successful attack would not be allowed access due to a bad key on the tag. This would alert both the victim and the system administrator to a potential attack situation, which could bring up surveillance video of the current attempt and the last system access made by the attacker. Detecting an attack after it has happened is just as important as preventing one. Of course, there is no such thing as absolute security, and there are attacks which could be executed against a rotating key system, but again context is what matters. Typical users are going to be using the xNT for residential home access type projects, and I think if someone wants into your home that badly, they are much more likely to break a window or use some other, more conventional method.
0 comments:
Post a Comment