46 research outputs found
Efficient and Low-Cost RFID Authentication Schemes
Security in passive resource-constrained Radio Frequency Identification
(RFID) tags is of much interest nowadays. Resistance against illegal tracking,
cloning, timing, and replay attacks are necessary for a secure RFID
authentication scheme. Reader authentication is also necessary to thwart any
illegal attempt to read the tags. With an objective to design a secure and
low-cost RFID authentication protocol, Gene Tsudik proposed a timestamp-based
protocol using symmetric keys, named YA-TRAP*. Although YA-TRAP* achieves its
target security properties, it is susceptible to timing attacks, where the
timestamp to be sent by the reader to the tag can be freely selected by an
adversary. Moreover, in YA-TRAP*, reader authentication is not provided, and a
tag can become inoperative after exceeding its pre-stored threshold timestamp
value. In this paper, we propose two mutual RFID authentication protocols that
aim to improve YA-TRAP* by preventing timing attack, and by providing reader
authentication. Also, a tag is allowed to refresh its pre-stored threshold
value in our protocols, so that it does not become inoperative after exceeding
the threshold. Our protocols also achieve other security properties like
forward security, resistance against cloning, replay, and tracking attacks.
Moreover, the computation and communication costs are kept as low as possible
for the tags. It is important to keep the communication cost as low as possible
when many tags are authenticated in batch-mode. By introducing aggregate
function for the reader-to-server communication, the communication cost is
reduced. We also discuss different possible applications of our protocols. Our
protocols thus capture more security properties and more efficiency than
YA-TRAP*. Finally, we show that our protocols can be implemented using the
current standard low-cost RFID infrastructures.Comment: 21 pages, Journal of Wireless Mobile Networks, Ubiquitous Computing,
and Dependable Applications (JoWUA), Vol 2, No 3, pp. 4-25, 201
Lightweight Mutual Authentication Protocol for Low Cost RFID Tags
Radio Frequency Identification (RFID) technology one of the most promising
technologies in the field of ubiquitous computing. Indeed, RFID technology may
well replace barcode technology. Although it offers many advantages over other
identification systems, there are also associated security risks that are not
easy to be addressed. When designing a real lightweight authentication protocol
for low cost RFID tags, a number of challenges arise due to the extremely
limited computational, storage and communication abilities of Low-cost RFID
tags. This paper proposes a real mutual authentication protocol for low cost
RFID tags. The proposed protocol prevents passive attacks as active attacks are
discounted when designing a protocol to meet the requirements of low cost RFID
tags. However the implementation of the protocol meets the limited abilities of
low cost RFID tags.Comment: 11 Pages, IJNS
Secure ownership transfer in multi-tag/multi-owner passive RFID systems
In this paper we propose a secure ownership transfer protocol for a multi-tag and multi-owner RFID environment. Most of the existing work in this area do not comply with the EPC Global Class-1 Gen-2 (C1G2) standard since they use expensive hash operations or sophisticated encryption schemes that cannot be implemented on low-cost passive tags that are highly resource constrained. Our work aims to fill this gap by proposing a protocol based on simple XOR and 128-bit Pseudo Random Number Generators (PRNG), operations that can be easily implemented on low-cost passive RFID tags. The protocol thus achieves EPC C1G2 compliance while meeting the security requirements. Also, our protocol provides additional protection using a blind-factor to prevent tracking attacks
Novel Cryptographic Authentication Mechanisms for Supply Chains and OpenStack
In this dissertation, first, we studied the Radio-Frequency Identification (RFID) tag authentication problem in supply chains. RFID tags have been widely used as a low-cost wireless method for detecting counterfeit product injection in supply chains. We open a new direction toward solving this problem by using the Non-Volatile Memory (NVM) of recent RFID tags. We propose a method based on this direction that significantly improves the availability of the system and costs less. In our method, we introduce the notion of Software Unclonability, which is a kind of one-time MAC for authenticating random inputs. Also, we introduce three lightweight constructions that are software unclonable. Second, we focus on OpenStack that is a prestigious open-source cloud platform. OpenStack takes advantage of some tokening mechanisms to establish trust between its modules and users. It turns out that when an adversary captures user tokens by exploiting a bug in a module, he gets extreme power on behalf of users. Here, we propose a novel tokening mechanism that ties commands to tokens and enables OpenStack to support short life tokens while it keeps the performance up
Analysis and Improvement of the securing RFID systems conforming to EPC Class 1 Generation 2 standard
Radio Frequency IDentification (RFID) technology is a wireless identification method in which security and privacy are important parameters for public acceptance and widespread use. In order to thwart such security and privacy problems, a wide variety of authentication protocols have been proposed in the literature. In 2010, Yeh et al’s proposed a new RFID authentication protocol conforming to EPC Class 1 Generation 2 standard. They claimed that this protocol is secure against DoS attack, replay attack, DATA forgery attack, and provides untraceability and forward secrecy. In 2012, Yoon showed that this protocol does not provide forward secrecy and DATA integrity. He improved the protocol and tried to eliminate the weaknesses and claimd that the improved protocol does not have the weaknesses of the primary protocol. In this paper, we show that the improved protocol has some weaknesses including DoS attack, back-end server impersonation, tag impersonation and DATA forgery attack. We also show that it can not provide forward secrecy of the reader and untraceability. We improve the protocol, which offers a high level of security and provides mutual authentication, untraceability and forward secrecy as well as resistance to DATA forgery, replay and DoS attacks, while retaining a competitive communication cost
Privacy Preservation and Mutual Authentication in RFID Systems
Identification and tracking of devices and objects has always been helpful in many fields like transportation, tele-medicine, business and supply chain etc. Radio Frequency Identification (RFID) tags are petite, wireless devices attached to objects for the purpose of identification and information exchange. RFID systems is composed of tags, readers and an application system. These tags can be identified by a reader and are useful for tracking and monitoring. RFID tags uses Radio Frequency (RF) for wireless communication which renders these tags vulnerable to wireless security attacks. Implementation of RFID systems faces huge challenges regarding privacy as these tags can be uniquely identified and thereby are subject to tracking by an adversary. In this project a new privacy and mutual authentication scheme has been discussed that uses cryptographic algorithms and can be used in RFID systems to overcome the issues with privacy
A New Strong Adversary Model for RFID Authentication Protocols
Radio Frequency Identification (RFID) systems represent a key technology for ubiquitous
computing and for the deployment of the Internet of Things (IoT). In RFID technology, authentication protocols are often necessary in order to confirm the identity of the parties involved (i.e. RFID readers, RFID tags
and/or database servers). In this article, we analyze the security of a mutual authentication protocol proposed
by Wang and Ma. Our security analysis clearly shows major security pitfalls in this protocol. Firstly, we show
two approaches that an adversary may use to mislead an honest reader into thinking that it is communicating
with a legitimate database. Secondly, we show how an adversary that has compromised some tags can
impersonate an RFID reader to a legitimate database. Furthermore, we present a new adversary model, which
pays heed on cases missed by previous proposals. In contrast to previous models where the communication
between an RFID reader and a back-end server is through a secure channel, our model facilitates the security
analysis of more general schemes where this communication channel (RFID reader-to-server) is insecure.
This model determines whether the compromise of RFID tags has any impact on the security of the readerto-server communication or vice versa. In a secure protocol, the possible compromise of RFID tags should
not affect the RFID reader-server communication. In this paper, we show that compromising of RFID tags
in Wang and Ma protocol has a direct impact on the reader-server security. Finally, we propose a new
authentication protocol that offers an adequate security level and is resistant against the mentioned security
risks. The security proofs of the proposed protocol are supported with Gong-Needham-Yahalom (GNY)
logic and Scyther tool, which are formal methods to evaluate the security of a cryptographic protocol
On the security of another CRC based ultralightweight RFID authentication protocol
Design of ultra-lightweight authentication protocols for RFID systems conformed with the EPC Class-1 Generation-2 standard is still a challenging issue in RFID security. Recently, Maurya et al. have
proposed a CRC based authentication protocol and claimed that their protocol can resist against all known attacks in RFID systems. However, in this paper we show that their protocol is vulnerable to tag impersonation attack. Moreover, we show that how an attacker can easily trace a target RFID tag. Our analyses show that the success probability of our attacks is “1” while the complexity is only one session eavesdropping, two XORs and one CRC computation