OUR MISSION

RFID CUSP is a partnership between academic and industrial scientists specializing in RFID security and privacy. Our mission is to make RFID safe for consumers by conducting open research and educating the next generation work force that will develop, deploy and maintain secure RFID infrastructures.

Planning ahead: Good security is built in, not bolted on. The Internet has taught a key lesson: It is less costly to anticipate threats and to secure systems from the start than to patch after the fact.

Open design: Public scrutiny usually breeds stronger systems than private finger-crossing. Openness has long been a cardinal rule of cryptography and a pillar of secure system design. Similarly, responsible disclosure of vulnerabilities holds the technology industry to high standards and brings vital education to the community.

Thinking holistically: Well conceived goals beget well conceived solutions. Thorough understanding of the uses and abuses of a system is the first step toward economical and effective security.

Medical Device Security and Privacy,
March 12, 2008:
Team members from RFID CUSP discovered that an implantable cardioverter defibrillator can leak private information and allow unauthorized parties to modify settings that control shock therapies. Read the full report and coverage by the New York Times, Wall Street Journal, and a press release.

RFID Workshop:
Attendees from academia, industry, and government participated in the RFID Security Workshop at Johns Hopkins University, Baltimore, MD on January 23 and 24.

RFID Journal, November 1, 2007:
RFID Journal reports Daniel Holcomb's work on using the initial SRAM state for fingerprint extraction and random number generation on RFIDs.

Archive >

Feb 2008:
Dr. Ari Juels explains overlooked nuances of security and privacy for the upcoming U.S. Passport card. Read more >

Feb 2007:
Microchips Under Your Skin: RFIDs may be good for identification, but not authentication purposes. Read more >

Archive >