Probabilistic yoking proofs for large scale IoT systems

Yoking (or grouping) proofs were introduced in 2004 as a security construction for RFID applications in which it is needed to build an evidence that several objects have been scanned simultaneously or, at least, within a short time. Such protocols were designed for scenarios where only a few tags (typically just two) are involved, so issues such as preventing an object from abandoning the proof right after being interrogated simply do not make sense. The idea, however, is very interesting for many Internet of Things (IoT) applications where a potentially large population of objects must be grouped together. In this paper we address this issue by presenting the notion of Probabilistic Yoking Proofs (PYP) and introducing three main criteria to assess their performance: cost, security, and fairness. Our proposal combines the message structure found in classical grouping proof constructions with an iterative Poisson sampling process where the probability of each object being sampled varies over time. We introduce a number of mechanisms to apply fluctuations to each object's sampling probability and present different sampling strategies. Our experimental results confirm that most strategies achieve good security and fairness levels while keeping the overall protocol cost down. (C) 2015 Elsevier B.V. All rights reserved.This work was supported by the MINECO Grant TIN2013 46469 R (SPINY: Security and Privacy in the Internet of You)

Tamper detection in RFID tags, using, fragile watermarking

Security and privacy are one of the two primary concerns with RFID (Radio Frequency Identification) adoption. While the mainstream RFID research is focused on solving the privacy issues, this paper focuses on security issues in general and data tampering in particular. We specifically consider the issue of detecting data tampering on the RFID tags for applications such as data integrity management. To address this issue, we present a novel fragile watermarking scheme, which embeds a fragile watermark (or pattern) in the serial number partition of the RFID tag. This pattern is verified to identify whether or not the data on the RFID tags has been tampered with. The novelty of this watermarking scheme lies in the fact that we have applied watermarking technology to RFID tags; in comparison, most of the existing watermarking schemes are limited to images, or audio or video applications. We term this scheme TamDetect because it is a tamper detection solution. TamDetect is designed such that it can be easily plugged into existing RFID middleware applications. This proposal is one of the first works that integrates watermarking and RFID technologies together. This paper provides a detailed theoretical foundation for the TamDetect solution

Cost and Lightweight Modeling Analysis of RFID Authentication Protocols in Resource Constraint Internet of Things

Internet of Things (IoT) is a pervasive environment to interconnect the things like: smart objects, devices etc. in a structure like internet. Things can be interconnected in IoT if these are uniquely addressable and identifiable. Radio Frequency Identification (RFID) is one the important radio frequency based addressing scheme in IoT. Major security challenge in resource constraint RFID networks is how to achieve traditional CIA security i.e. Confidentiality, Integrity and Authentication. Computational and communication costs for Lightweight Mutual Authentication Protocol (LMAP), RFID mutual Authentication Protocol with Permutation (RAPP) and kazahaya authentication protocols are analyzed. These authentication protocols are modeled to analyze the delays using lightweight modeling language. Delay analysis is performed using alloy model over LMAP, RAPP and kazahaya authentication protocols where one datacenter (DC) is connected to different number of readers (1,5 or 10) with connectivity to 1, 5 or 25 tags associated with reader and its results show that for LMAP delay varies from 30-156 msec, for RAPP from 31-188 while for kazahaya from 61-374 msec. Further, performance of RFID authentication protocols is analyzed for group construction through more than one DC (1,5 or 10) with different number of readers (10, 50 or 100) and tags associated with these readers (50, 500, 1000) and results show that DC based binary tree topology with LMAP authentication protocol is having a minimum delay for 50 or 100 readers. Other authentication protocols fail to give authentication results because of large delays in the network. Thus, RAPP and Kazahaya are not suitable for scenarios where there is large amount of increase in number of tags or readers

Recovering and restoring tampered RFID data using steganographic principles

Security is one major issue with RFID technology. Mainstream research in RFID security addresses the following security properties i.e. anonymity, confidentiality and authenticity, however it does not cater for integrity. In this paper we consider the fourth security property i.e. integrity. We try to solve the issue of data recovery after RFID data has been tampered. To address this issue, we present a novel steganographic solution, which embeds a secret pattern in the serial number partition of the RFID tag. This secret pattern is the data that we assume would most likely be the candidate for tampering, for example the manufacturer?s and products details stored on the RFID tag. The main motivation for an attacker to tamper this data would be economic benefits like low logistics cost, or quicker custom clearance, and this can only be achieved by changing product details or manufacturer details on the RFID tag. The novelty of this scheme lies in the fact that we have applied steganographic principles to RFID tags; in comparison, most of the existing steganographic solutions are limited to images, or audio, or video applications. We term this scheme ResTamp because it is restores tampered data. This paper provides a detailed theoretical foundation for the ResTamp algorithm

Who counterfeited my Viagra? probabilistic item removal detection via RFID tag cooperation

We leverage RFID tag cooperation to enforce tampering detection. That is, we provide a set of probabilistic protocols that detect the absence of a tag from a system composed of a set of tags and a reader. Our proposals are able to detect which tag and for how long it has been taken away from the system. The grain of the detection can be tuned with respect to the resources available on the tags. Another merit of our solutions is to provide a proof-of-concept that a small level of cooperation among tags can further extend the range of applications RFID can support, possibly opening new veins of research. The proposed protocols fit the resource constraints of the several classes of RFID available on the market. In particular, the memory requirement ranges from few memory slots to a number of memory slots that is proportional to the number of rounds the presence of a tag is going to be checked. Computation is just one hash per round. This fully fledged set of protocols is thought to trade off the detection grain with the resources on the tag: the finer the item removal detection grain, the more resources a protocol requires. A thorough analysis for the removal detection probability is provided. Finally, extensive simulations support the analytical results, showing the viability of the proposed solutions

Utilizing the RFID LOCK Command Against Multiple Targets

An unlocked Electronic Product Code (EPC) tag allows for issuance of most commands without the need for any authorization. This means that a system with unlocked tags would allow any attacker to modify tag data at will, whilst also opening the door to a range of other misuse. One possible avenue of active misuse against unlocked tags would be to issue LockID commands and ‘permanently’ lock some or all of a system‘s RFID tags. As this attack is simply an issuance of a valid command it fits firmly in the category of an active misuse and could also be considered a limited form of DoS as future valid commands would be ignored and limit or cripple the functionality of a system dependent on operation. This paper details an experiment using the LockID command to lock multiple tags within range

Distributed Group Authentication for RFID Supply Management

We investigate an application of Radio Frequency Identification (RFID) referred to in the literature as group scanning, in which an RFID reader device interrogates several RFID tags to establish “simultaneous” presence of a group of tags. Our goal is to study the group scanning problem in strong adversarial settings and show how group scanning can be used in distributed applications for supply chain management. We present a security framework for group scanning and give a formal description of the attending security requirements. Our model is based on the Universal Composability framework and supports re-usability (through modularity of security guarantees). We propose two novel protocols that realize group scanning in this security model, based on off-the-shelf components such as low-cost (highly optimized) pseudorandom functions, and show how these can be integrated into RFID supply-chain management system