As RFID technology and standards evolving, users have placed an increasing emphasis on the availability of security features in the products they implement. Major RFID standards have specified security features that provide confidentiality, integrity, or availability services. In addition several technical features also have a direct effect on security, such as frequency band, read range, and onboard data capability. Finding readable and writeable range also means finding the zone within which a tag is subject to unauthorized access....[ Read more ]

As RFID technology and standards evolving, users have placed an increasing emphasis on the availability of security features in the products they implement. Major RFID standards have specified security features that provide confidentiality, integrity, or availability services. In addition several technical features also have a direct effect on security, such as frequency band, read range, and onboard data capability. Finding readable and writeable range also means finding the zone within which a tag is subject to unauthorized access.

Supply chain and logistics applications uses mostly the passive tags that conform to the EPC Gen 2 standard, which focuses on producing low-cost, low latency tags with high read rates. However, EPC Gen-2 tags are vulnerable to various security attacks. Security features specified in the Gen2 standard include: tags addressed by 16-bit random numbers, masked reader-to-tag communication using one-time stream cipher, CRC, tag locking, permanent tag locking, tag killing, and so on. Previous studies on benchmarking compare the read/write performance of RFID devices using common benchmarking metrics. In this thesis, we study the use of these metrics to test RFID devices’ security performance. We have developed a methodology for testing security of the EPC Gen2 compliance readers and tags based with respect to security features and technical features. Through testing experiments and results, we find some technical features effect on security. Also from RFID system Engineer aspect, we explain some security features implemented by commercial products are not preferred although not violet the standard.