An Gen2 Based Security Authentication Protocol for RFID System

AbstractEPC Class-1 Generation-2 specification(Gen2 in brief) has been accepted as the standard for RFID tags under grant number ISO18000-6C. However, Gen2 does not pay due attention to security. For this reason, a Gen2 based security authentication protocol is developed in this paper. In details, we study the security requirements presented in the current Gen2 based RFID authentication protocols[7–13]. Then we point out the security flaws of Chien's mutual authentication protocol[7], and improve the protocol based on a 11 security requirements. Our improved protocol merely uses CRC and PRNG operations supported by Gen2 and meets the 11 security requirements. In contrast to the similar work [14,15] on Chien's protocol or other Gen2 based schemes, our protocol is more secure and our security analysis is much more comprehensive and qualitative

SecuCode: Intrinsic PUF Entangled Secure Wireless Code Dissemination for Computational RFID Devices

The simplicity of deployment and perpetual operation of energy harvesting devices provides a compelling proposition for a new class of edge devices for the Internet of Things. In particular, Computational Radio Frequency Identification (CRFID) devices are an emerging class of battery-free, computational, sensing enhanced devices that harvest all of their energy for operation. Despite wireless connectivity and powering, secure wireless firmware updates remains an open challenge for CRFID devices due to: intermittent powering, limited computational capabilities, and the absence of a supervisory operating system. We present, for the first time, a secure wireless code dissemination (SecuCode) mechanism for CRFIDs by entangling a device intrinsic hardware security primitive Static Random Access Memory Physical Unclonable Function (SRAM PUF) to a firmware update protocol. The design of SecuCode: i) overcomes the resource-constrained and intermittently powered nature of the CRFID devices; ii) is fully compatible with existing communication protocols employed by CRFID devices in particular, ISO-18000-6C protocol; and ii) is built upon a standard and industry compliant firmware compilation and update method realized by extending a recent framework for firmware updates provided by Texas Instruments. We build an end-to-end SecuCode implementation and conduct extensive experiments to demonstrate standards compliance, evaluate performance and security.Comment: Accepted to the IEEE Transactions on Dependable and Secure Computin

KEDGEN2: A key establishment and derivation protocol for EPC Gen2 RFID systems

International audienceThe EPC Class-1 Generation-2 (Gen2 for short) is a Radio Frequency IDentification (RFID) technology that is gaining a prominent place in several domains. However, the Gen2 standard lacks verifiable security functionalities. Eavesdropping attacks can, for instance, affect the security of applications based on the Gen2 technology. To address this problem, RFID tags must be equipped with a robust mechanism to authenticate readers before authorising them to access their data. In this paper, we propose a key establishment and derivation protocol, which is applied at both identification phase and those remainder operations requiring security. Our solution is based on a pseudorandom number generator that uses a low computational workload, while ensuring long term secure communication to protect the secrecy of the exchanged data. Mutual authentication of the tag and the sensor and strong notions of secrecy such as forward and backward secrecy are analysed, and we prove formally that after being amended, our protocol is secure with respect to these properties

J3Gen : a PRNG for Low-Cost Passive RFID

Pseudorandom number generation (PRNG) is the main security tool in low-cost passive radio-frequency identification (RFID) technologies, such as EPC Gen2. We present a lightweight PRNG design for low-cost passive RFID tags, named J3Gen. J3Gen is based on a linear feedback shift register (LFSR) configured with multiple feedback polynomials. The polynomials are alternated during the generation of sequences via a physical source of randomness. J3Gen successfully handles the inherent linearity of LFSR based PRNGs and satisfies the statistical requirements imposed by the EPC Gen2 standard. A hardware implementation of J3Gen is presented and evaluated with regard to different design parameters, defining the key-equivalence security and nonlinearity of the design. The results of a SPICE simulation confirm the power-consumption suitability of the proposal

RFID-MA XTEA: Cost-Effective RFID-Mutual Authentication Design using XTEA Security on FPGA Platform

RFID systems are one of the essential technologies and used many diverse applications. The security and privacy are the primary concern in RFID systems which are overcome by using suitable authentication protocols. In this manuscript, the cost-effective RFID-Mutual Authentication (MA) using a lightweight Extended Tiny encryption algorithm (XTEA) is designed to overcome the security and privacy issues on Hardware Platform. The proposed design provides two levels of security, which includes secured Tag identification and mutual authentication.  The RFID-MA mainly has Reader and Tag along with the backend Server. It establishes the secured authentication between Tag and Reader using XTEA. The XTEA with Cipher block chaining (CBC) is incorporated in RFID for secured MA purposes. The authentication process completed based on the challenge and response between Reader and Tag using XTEA-CBC. The present work is designed using Verilog-HDL on the Xilinx environment and implemented on Artix-7 FPGA.  The simulation and synthesis results discussed with hardware constraints like Area, power, and time. The present work is compared with existing similar approaches with hardware constraints improvements

An Energy-Efficient ECC Processor of UHF RFID Tag for Banknote Anti-Counterfeiting

In this paper, we present the design and analysis of an energy-efficient 163-b elliptic curve cryptographic (ECC) processor suitable for passive ultrahigh frequency (UHF) radio frequency identification (RFID) tags that are usable for banknote authentication and anti-counterfeiting. Even partial public key cryptographic functionality has long been thought to consume too much power and to be too slow to be usable in passive UHF RFID systems. Utilizing a low-power design strategy with optimized register file management and an architecture based on the López-Dahab Algorithm, we designed a low-power ECC processor that is used with a modified ECC-DH authentication protocol. The ECC-DH authentication protocol is compatible with the ISO/IEC 18000-63 (“Gen2”) passive UHF RFID protocol. The ECC processor requires 12 145 gate equivalents. The ECC processor consumes 5.04 nJ/b at a frequency of 960 kHz when implemented in a 0.13-μm standard CMOS process. The tag identity authentication function requires 30 600 cycles to complete all scalar multiplication operations. This size, speed, and power of the ECC processor makes it practical to use within a passive UHF RFID tag and achieve up to 1500 banknote authentications per minute, which is sufficient for use in the fastest banknote counting machines