ABSTRACT
A great number of hackers end up working in the security departments of IT and telecommunications companies. In other words, the best way of making a system secure is knowing how it can be attacked. Radio-frequency identification (RFID) is no different from any other technology, so the possible attacks on it should be studied in depth. e extent of an attack can vary considerably; some attacks focus on a particular part of the system (e.g., the tag), whereas others target the whole system. Although there are references to such attacks in a number of publications, a rigorous study has not been made of the subject until now. We examine, in this chapter, the main threats to RFID security. First, we look at data and location privacy. Although these are the risks most often referred to in the literature, there are other equally important problems to consider too. RFID systems are made up of three main components (tag, reader, and back-end database), so we have grouped the threats according to the unit involved in the attack. First, we examine those related to tags and readers such as eavesdropping, cloning, replay, and relay attacks. en we look at the threats to the back-end database (e.g., object name service [ONS] attack, virus). By the end of this chapter (and with the opportunity to consult the extensive bibliography for further details), we hope the reader will have acquired a basic understanding of the principal security risks in RFID.
