stat tracker for tumblr

RuBee Physical Security Summary
Stacks Image 10774

Compromising Emanations (CE) represent the major reason Radio Frequency (RF) based devices are banned in secure facilities. The rule is no RF signals, nothing can leave or enter the facility even if it is AES 256 bit encrypted. That means cell phones, most walkie-talkies, tablets with WiFi and RTLS and RFID are all banned. Some keyboards and some monitors are banned as a physical security risk. Physical security is not the same as cyber security, you can be cyber secure, but at risk on physical security. CE's lead to three major physical security risks:

1. Eavesdropping Risk - that means someone can be in the bushes a mile away and monitor activity in the facility. Easy to do with most RF. DefCon 18 Chris Paget Video below shows that passive and active RFID tags can be read from 80 miles away because they obey the Radar Range Equation. It is also true for RTLS systems based on WiFi, Zigbee even LE bluetooth and WANs.

Target Risk - a very low power RF signal 10mw or less, may have a useful data range of 100-200 feet, but the signal can be detected from many miles away with very inexpensive equipment. Lets say you attach a LE Bluetooth device to a weapon a M4 rife for example. Using what is called Radio Direction Finding (RDF) a few mw emitted signal can be detected and localized from miles away, and the enemy will use that as a Target for that weapon. Major problem is a base station that may emit 1- 4 watts can be detected literally from 100's of miles away. We demonstrate that 100 mw 216 megahertz signal can be detected 48 km away in this whitepaper ( Beacon White Paper), also see RuBee Security Paper. Passive RFID tags can be detected on a weapon 500 feet away with about $1,000 dollars worth of equipment, and with specialized military equipment that range goes to 80 miles (see video below).

Tempest Risk - Any RF signal that leaves a facility from a device could have a secret microphone that transmits conversations, or a camera or even movement activity. No Security Officer will take a Tempest risk so rules are generally simple: No RF signals can ever leave the facility. The US DoE has had several Tempest attacks in last ten years and each site maintains Technical Surveillance Countermeasures (TSCM) Programs. TSCM groups carry out constant CE surveillance using specialized equipment - they search of RF bugs at all DoE secure sites (see DoE Security Strategy).

RuBee has been tested and approved for use in secure areas by the US DoE, US Navy, and US DoD. Because RuBee is magnetic not RF it produces no Compromising Emanations. RuBee has no Eavesdropping, Target or Tempest risk. Visible can provide contacts and references for these independent tests (see
Oakridge Security and Pantex Security Tabs)

Note: The Military eliminates these risks on the battlefield with expensive Frequency Hopping Spread Spectrum (FHSS) radios. These FHSS radios change frequencies with pseudo random sequences over 100 times a second and eliminate both target and eavesdropping risk. They are manufactured only by trusted suppliers to eliminate the tempest risk.

This live demonstration at Def Con 18 was been disruptive to many military programs and future RF rollout plans. It shows that RFID systems obey the Radar Range Equation. That means an RFID tag can be read with the right equipment from over 80 miles away.

Chris Paget - DefCon 18 Video - RFID DoS Threat and Covert Tag Reads from 218 feet.

Extreme RFID Power Point Slides

Extreme RFID White Paper

6 Minute Edited RFID Chris Paget Video Below

RuBee is not RFID, has no security risk and does not obey the Radar Range Equation. RuBee has high Security Cyber Countermeasure options, and has a programable range of a few inches to 50 feet. Most RuBee tags have a RDF detection range of under 20 feet and in high security sites can be 10 feet.

This power point was presented at an international security conference in 2010 and summarizes many Security issues faced by any wireless system and how RuBee has addressed these issues.

Download PDF of this Document (English).

RuBee Cyber Security Countermeasures

Stacks Image 10777
RuBee tags have a built in clock, cpu and memory. AES and asymmetric authentication have been implemented in RuBee tags for high security assets (e.g. nuclear warheads). We have added a tripwire systems so removal of a tag sets off an alarm. The asymmetric authentication meets NIST FIPS 186-4 based on elliptic curve cryptography.

RuBee Tags have advanced countermeasures for cyber attacks with additional benefit of strong physical security.

RTLS, NFC WiFI and other RF transceiver active tags can all implement of the same cryptographic countermeasure. But again RF tags have no physical security and produce Compromising Emanations (see
NFCSecurity Video). Most secure facilities have both Cyber and Physical security requirements.

Active and passive RFID transponder tags, have virtually no physical or cyber security countermeasures for any attack. (see
RFID Security Review and see Video below)

RFID Tags Have No Security Countermeasures to a Cyber Attack.

See Video Below