> This tiny tag, which offers improved security over RFIDs, utilizes terahertz waves, which are smaller and have much higher frequencies than radio waves. But this terahertz tag shared a major security vulnerability with traditional RFIDs: A counterfeiter could peel the tag off a genuine item and reattach it to a fake, and the authentication system would be none the wiser.
Instant defeat of this device: Manufacture a tag that returns the signature of a known legitimate tag.
In order to be useful it would need to be challenge and response. Maybe they do this, but this MIT release doesn't actually give any link to a paper which is super annoying.
> Their antitampering tag contains a series of miniscule slots that enable terahertz waves to pass through the tag and strike microscopic metal particles that have been mixed into the glue.
Another issue: You would figure out how to destroy the connection between the material and the glue whilst leaving the surface of the chip intact. You would then simply re-attach it using another glue without particles in it.
> But when it came time to test the antitampering tag, Lee ran into a problem: It was very difficult and time-consuming to take precise enough measurements to determine whether two glue patterns are a match.
> He reached out to a friend in the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) and together they tackled the problem using AI. They trained a machine-learning model that could compare glue patterns and calculate their similarity with more than 99 percent accuracy.
As others have pointed out, this is a bad idea. You'd want some form of a probabilistic hash and for that to be stored in a database.
> Another issue: You would figure out how to destroy the connection between the material and the glue whilst leaving the surface of the chip intact. You would then simply re-attach it using another glue without particles in it.
That was my first thought. If that's on a banknote, you'll have people cutting the paper around the tag and gluing it to the counterfeit, including the old paper it sticks to. This means you already need to look at the "watermark" again, you can't just read the tag.
Add some micromechanical sanding/grinding, chemical etching or laser ablation, and not only can't you read the tag with an antenna, but you need a microscope to look at - and a spectrometer, to look at the glue.
> As others have pointed out, this is a bad idea. You'd want some form of a probabilistic hash and for that to be stored in a database.
I think the reason they went with ML to do pattern recognition is because the THz response of the tag is a finicky analog signal, which might change in fundamental ways if you do things like reposition the antenna, or change what's in front/behind the tag. The problem is probably pretty similar to identifying whether two images are similar in the special case where you allow pretty significant distortions to one of the images. Hashing usually doesn't work to well for cases like that, but maybe a wavelet transform approach would work.
> I think the reason they went with ML to do pattern recognition is because the THz response of the tag is a finicky analog signal, which might change in fundamental ways if you do things like reposition the antenna, or change what's in front/behind the tag.
I don't doubt one second that it's difficult, but it's where the value really is. For security, you need a private key that is stored in an unreadable format that is destroyed by trying, followed by a challenge-response system to query it.
Unfortunately, without the whole picture coming together, the method cannot be adopted. With security it's kind of all or nothing. Given the value they propose it has as a solution, bypassing these checks almost definitely has value.
Instant defeat of this device: Manufacture a tag that returns the signature of a known legitimate tag.
In order to be useful it would need to be challenge and response. Maybe they do this, but this MIT release doesn't actually give any link to a paper which is super annoying.
> Their antitampering tag contains a series of miniscule slots that enable terahertz waves to pass through the tag and strike microscopic metal particles that have been mixed into the glue.
Another issue: You would figure out how to destroy the connection between the material and the glue whilst leaving the surface of the chip intact. You would then simply re-attach it using another glue without particles in it.
> But when it came time to test the antitampering tag, Lee ran into a problem: It was very difficult and time-consuming to take precise enough measurements to determine whether two glue patterns are a match.
> He reached out to a friend in the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) and together they tackled the problem using AI. They trained a machine-learning model that could compare glue patterns and calculate their similarity with more than 99 percent accuracy.
As others have pointed out, this is a bad idea. You'd want some form of a probabilistic hash and for that to be stored in a database.