 So, your talk is about radio frequency identification. Is this something that you work with before, or this is something that you're just simply passionate about? Tell us more about it. I worked on this topic during my PhD, and I explored the issues of security and privacy. But maybe let's go directly to the talk, and I'll explain more details. Everyone, Slava with RFID. Thank you very much. As already announced, I would like to talk to you today about radio frequency identification. So radio frequency identification, what does it actually mean? It means identification of objects over the distance. Using radio waves as a communication means. And though the name may sound complicated for you, I'm pretty sure you have already seen a couple of examples in the real life. For example, you might have seen the special security labels embedded into clothes to prevent shoplifting, or you might have already used contactless credit cards for payments, or such contactless access cards. But radio frequency identification is not only limited to these examples. It can also be used for tracking, and in particular, tracking of livestock. When you are a farmer somewhere on the alpine meadows, and you want to make your cows happy, so you let them enjoy the sun and walk wherever they want. But by the end of the day, you would like to know the exact, more or less exact location in order to bring them back for a night to a safer place. For that, you use special tags. You attach them to the ears of cows. They have a battery inside, they are called active tags, and they can work on much larger distances than in the previous example. But if it's not tracking, there is also an example of the future, which now works only as a prototype, but it has an ultimate goal to make the checkout process in the supermarkets faster, or that would be great. Let's see if it's possible to do with RFID. We placed the basket in the robotic checkout system. The bottom of the basket opens, and the items go down below. There, the items are placed into a plastic bag, and the RFID tags are read. The totals displayed here. All that's left is to pay. Your items are read. Cool. Let's look a bit into more details of how this works on the technical level. So the items in the shop are supplied with RFID tags, and each RFID tag is composed of a small microchip connected to an integrated antenna. This microchip contains an identification number of an item. When these items, when RFID tags, gets closer to the reading device or to the scanning device, in our case it was a payment terminal of the shop, this RFID reader sends a request to all the items, and they reply with an identification number. Then the payment terminal can look up into the database for the identification numbers and calculate the price of an object. In a similar way, it works with multiple items. They can be scanned simultaneously. They reply with the identification numbers, and the payment terminal is able to calculate the final price of your purchase. Now imagine you walked a bit further away, let's say two meters from the shop. You carry your items in the shopping bag, and there somewhere there is a hidden RFID reader of a hacker. And this RFID reader transmits requests to all your tags. It queries them, and they respond. They have no other choice. There is no security. They simply respond to every reader that queries them. And this reader is then able to find out which items you carry in your bag. And this is indeed a major privacy concern. This information can reveal a lot about you. For example, your interests or political attitude from the books you read, or your financial status from the watches you bought, or your health status from the medicines you bought. And this is something we have to keep in mind. Is there any way to protect your items and to protect your data, to protect yourself in this case? Actually yes. The easiest would be simply to remove the tag right after the purchase and recycle it so that you don't carry it with you anymore. This is a solution, but in this case you will lose some so-called post-purchase benefits. And if you decide to return the items or to request a guarantee, the shop will not be able to identify these items anymore. And this service cannot be then provided. So now let's look at the other example. As I said, you have heard about several examples that are used in the real life and I'm pretty sure most of you have even now objects with RFID tags inside. In the example of access cards, contactless credit cards, or even in the modern identification documents, there is a plastic page and there is an RFID tag embedded into it. And these cards, they represent a lot about your identity. They represent very sensitive information. Are they protected better than in the case with the shopping items? No, unfortunately no. And this is something we have to think about again. Fortunately, there is a way to physically protect your items. But before we go to that part, let's make a proof. Let's check if it works really like that. If everyone can get access to your credit cards, you can download this free app for your mobile phone and can check on your contactless credit card. You can scan it and you will get all the data from your credit card. Now I doubt that not everyone who uses this app uses it for research purposes. As I said, there is fortunately a way to protect your data in such cases. You can simply put them into a metal case or wrap them with a foil. In this case, you simply disable any radio communication and you take your cards out only at the moments when you need them. For example, you make a purchase and put them back when you don't need them. But let's have a look at the other example with items much, much bigger than cards that you can't really put into a metal wallet, cows. And in this example, you can not only not put these cows into a metal box, you should have the technology working for you. Because in this case, you would like to track your belongings. So you should ensure that the technology is working, that the radio signal is transmitted. But from the other case, you don't want your neighbor to know the location of your cows, right? Because this information would help him, for example, to steal them. So in this case, a completely other approach should be used. Namely, we should check the identity of a device, which is querying the tags. And the tags should only respond or reveal the information about them only to real owners of these objects. And here comes into play special authentication protocols. Authentication is the way to check the identity of a person who is talking with you. And in RFID, these authentication protocols work in such a way. As I said, tags respond in any case. So you cannot make something that they don't respond. They will respond anyway. In this case, in case of RFID, we encrypt the identifier of an item. And only the owner of such items with a special secret key would be able then to decrypt the identifier and finally understand what the object he is communicating with. And any kind of a hacker who doesn't have a secret key, therefore, they will not be able to get anything out of these random numbers. Yeah. So actually, these protocols are quite complex. And if you would like to know more details, you are encouraged to read my dissertation. It's around 98 pages, so not very much. And there is a short version of six pages of a conference article. But in general. So we talked today with you about different examples of RFID, about several security issues. And we know that in many applications, your data is not protected. Do we need to care of it? Technically, it is easier to if it's dropped this data to steal this data. Organizationally, it's more difficult because you have to mount the RFID readers somewhere in public place so that others don't recognize them. Or you have to be close enough to the objects, for example, to your contactless cards. And it's organizationally quite difficult. From another side, I should tell you that if the one wants to get your data, I'm pretty sure he will. So please take care. And thank you for your attention. Thank you very much for the talk, Slava. At the moment, we have five minutes time for questions. So anyone have any questions? And Andre will roam around the room with the microphone. And let me just say, please let Dianne repeat the question so everybody knows what the question is. Hi. Thanks for the talk. Thank you. Two quick questions. How much data will an RFID chip return? And how expensive is it these days? So the two questions. First is how much data will it allow to be stored? And the second one is how expensive it is to implement this technology. RFID tags normally contain only an identification numbers. They are different modifications, and they can have more data. But we are talking on a simple case where there is an identification number. It can be 128 bits long if it gives anything to you. So it's quite much. And they should not be expensive. So when you buy them in bulk, for example, for the supermarket case, they should cost actually less than $0.01 per item. OK, I think I see a raise of hand around here. Yes? Hi. My question is, do the current credit cards, the wireless credit cards, do they use this encrypted protocol, or is it just planned for the future? OK, so the question is, does credit card that has this RFID tag use an encryption protocol, or this is something just for the future? This is something for the future. And as I said, you can have a look at this app. You can install it to your phone. I have checked it with my credit card. You can check it this way if these data are encrypted. They are encrypted in some way, but I believe not very strongly so that the application will actually get the data of your credit card. So these protocols is something for the future. This is on the process of standardization. So it's actually a long process to prove the protocol that it's secure enough. And it takes time. OK, so thank you so much, Slava. You're welcome. Thank you.