Protecting Privacy and Ensuring Security of RFID Systems Using Private Authentication Protocols

Radio Frequency IDentification (RFID) systems have been studied as an emerging technology for automatic identification of objects and assets in various applications ranging from inventory tracking to point of sale applications and from healthcare applications to e-passport. The expansion of RFID technology, however, gives rise to severe security and privacy concerns. To ensure the widespread deployment of this technology, the security and privacy threats must be addressed. However, providing solutions to the security and privacy threats has been a challenge due to extremely inadequate resources of typical RFID tags. Authentication protocols can be a possible solution to secure RFID communications. In this thesis, we consider RFID authentication protocols based on symmetric key cryptography. We identify the security and privacy requirements for an RFID system. We present four protocols in this thesis. First, we propose a lightweight authentication protocol for typical tags that can perform symmetric key operations. This protocol makes use of pseudo random number generators (PRNG) and one way hash functions to ensure the security and privacy requirements of RFID systems. Second, we define the desynchronizing attack and describe the vulnerabilities of this attack in RFID systems. We propose a robust authentication protocol that can prevent the desynchronizing attack. This protocol can recover the disabled tags that are desynchronized with the reader because of this attack. Third, we introduce a novel authentication protocol based on elliptic curve cryptography (ECC) to avoid the counterfeiting problem of RFID systems. This protocol is appropriate for the RFID tags that can perform the operations of ECC. Finally, to address the tradeoff between scalability and privacy of RFID systems, we propose an efficient anonymous authentication protocol. We characterize the privacy of RFID systems and prove that our protocol preserves the privacy of RFID tags and achieves better scalability as well

Towards Secure and Scalable Tag Search approaches for Current and Next Generation RFID Systems

The technology behind Radio Frequency Identification (RFID) has been around for a while, but dropping tag prices and standardization efforts are finally facilitating the expansion of RFID systems. The massive adoption of this technology is taking us closer to the well known ubiquitous computing scenarios. However, the widespread deployment of RFID technology also gives rise to significant user security issues. One possible solution to these challenges is the use of secure authentication protocols to protect RFID communications. A natural extension of RFID authentication is RFID tag searching, where a reader needs to search for a particular RFID tag out of a large collection of tags. As the number of tags of the system increases, the ability to search for the tags is invaluable when the reader requires data from a few tags rather than all the tags of the system. Authenticating each tag one at a time until the desired tag is found is a time consuming process. Surprisingly, RFID search has not been widely addressed in the literature despite the availability of search capabilities in typical RFID tags. In this thesis, we examine the challenges of extending security and scalability issues to RFID tag search and suggest several solutions. This thesis aims to design RFID tag search protocols that ensure security and scalability using lightweight cryptographic primitives. We identify the security and performance requirements for RFID systems. We also point out and explain the major attacks that are typically launched against an RFID system. This thesis makes four main contributions. First, we propose a serverless (without a central server) and untraceable search protocol that is secure against major attacks we identified earlier. The unique feature of this protocol is that it provides security protection and searching capacity same as an RFID system with a central server. In addition, this approach is no more vulnerable to a single point-of-failure. Second, we propose a scalable tag search protocol that provides most of the identified security and performance features. The highly scalable feature of this protocol allows it to be deployed in large scale RFID systems. Third, we propose a hexagonal cell based distributed architecture for efficient RFID tag searching in an emergency evacuation system. Finally, we introduce tag monitoring as a new dimension of tag searching and propose a Slotted Aloha based scalable tag monitoring protocol for next generation WISP (Wireless Identification and Sensing Platform) tags

Cryptographic Protocols, Sensor Network Key Management, and RFID Authentication

This thesis includes my research on efficient cryptographic protocols, sensor network key management, and radio frequency identification (RFID) authentication protocols. Key exchange, identification, and public key encryption are among the fundamental protocols studied in cryptography. There are two important requirements for these protocols: efficiency and security. Efficiency is evaluated using the computational overhead to execute a protocol. In modern cryptography, one way to ensure the security of a protocol is by means of provable security. Provable security consists of a security model that specifies the capabilities and the goals of an adversary against the protocol, one or more cryptographic assumptions, and a reduction showing that breaking the protocol within the security model leads to breaking the assumptions. Often, efficiency and provable security are not easy to achieve simultaneously. The design of efficient protocols in a strict security model with a tight reduction is challenging. Security requirements raised by emerging applications bring up new research challenges in cryptography. One such application is pervasive communication and computation systems, including sensor networks and radio frequency identification (RFID) systems. Specifically, sensor network key management and RFID authentication protocols have drawn much attention in recent years. In the cryptographic protocol part, we study identification protocols, key exchange protocols, and ElGamal encryption and its variant. A formal security model for challenge-response identification protocols is proposed, and a simple identification protocol is proposed and proved secure in this model. Two authenticated key exchange (AKE) protocols are proposed and proved secure in the extended Canetti-Krawczyk (eCK) model. The proposed AKE protocols achieve tight security reduction and efficient computation. We also study the security of ElGamal encryption and its variant, Damgard’s ElGamal encryption (DEG). Key management is the cornerstone of the security of sensor networks. A commonly recommended key establishment mechanism is based on key predistribution schemes (KPS). Several KPSs have been proposed in the literature. A KPS installs pre-assigned keys to sensor nodes so that two nodes can communicate securely if they share a key. Multi-path key establishment (MPKE) is one component of KPS which enables two nodes without a shared key to establish a key via multiple node-disjoint paths in the network. In this thesis, methods to compute the k-connectivity property of several representative key predistribution schemes are developed. A security model for MPKE and efficient and secure MPKE schemes are proposed. Scalable, privacy-preserving, and efficient authentication protocols are essential for the success of RFID systems. Two such protocols are proposed in this thesis. One protocol uses finite field polynomial operations to solve the scalability challenge. Its security is based on the hardness of the polynomial reconstruction problem. The other protocol improves a randomized Rabin encryption based RFID authentication protocol. It reduces the hardware cost of an RFID tag by using a residue number system in the computation, and it provides provable security by using secure padding schemes

Efficient and Low-Cost RFID Authentication Schemes

Security in passive resource-constrained Radio Frequency Identification (RFID) tags is of much interest nowadays. Resistance against illegal tracking, cloning, timing, and replay attacks are necessary for a secure RFID authentication scheme. Reader authentication is also necessary to thwart any illegal attempt to read the tags. With an objective to design a secure and low-cost RFID authentication protocol, Gene Tsudik proposed a timestamp-based protocol using symmetric keys, named YA-TRAP*. Although YA-TRAP* achieves its target security properties, it is susceptible to timing attacks, where the timestamp to be sent by the reader to the tag can be freely selected by an adversary. Moreover, in YA-TRAP*, reader authentication is not provided, and a tag can become inoperative after exceeding its pre-stored threshold timestamp value. In this paper, we propose two mutual RFID authentication protocols that aim to improve YA-TRAP* by preventing timing attack, and by providing reader authentication. Also, a tag is allowed to refresh its pre-stored threshold value in our protocols, so that it does not become inoperative after exceeding the threshold. Our protocols also achieve other security properties like forward security, resistance against cloning, replay, and tracking attacks. Moreover, the computation and communication costs are kept as low as possible for the tags. It is important to keep the communication cost as low as possible when many tags are authenticated in batch-mode. By introducing aggregate function for the reader-to-server communication, the communication cost is reduced. We also discuss different possible applications of our protocols. Our protocols thus capture more security properties and more efficiency than YA-TRAP*. Finally, we show that our protocols can be implemented using the current standard low-cost RFID infrastructures.Comment: 21 pages, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), Vol 2, No 3, pp. 4-25, 201

Cryptanalysis of two mutual authentication protocols for low-cost RFID

Radio Frequency Identification (RFID) is appearing as a favorite technology for automated identification, which can be widely applied to many applications such as e-passport, supply chain management and ticketing. However, researchers have found many security and privacy problems along RFID technology. In recent years, many researchers are interested in RFID authentication protocols and their security flaws. In this paper, we analyze two of the newest RFID authentication protocols which proposed by Fu et al. and Li et al. from several security viewpoints. We present different attacks such as desynchronization attack and privacy analysis over these protocols.Comment: 17 pages, 2 figures, 1 table, International Journal of Distributed and Parallel system

An efficient and private RFID authentication protocol supporting ownership transfer

Radio Frequency IDentification (RFID) systems are getting pervasively deployed in many daily life applications. But this increased usage of RFID systems brings some serious problems together, security and privacy. In some applications, ownership transfer of RFID labels is sine qua non need. Specifically, the owner of RFID tag might be required to change several times during its lifetime. Besides, after ownership transfer, the authentication protocol should also prevent the old owner to trace the tags and disallow the new owner to trace old transactions of the tags. On the other hand, while achieving privacy and security concerns, the computation complexity should be considered. In order to resolve these issues, numerous authentication protocols have been proposed in the literature. Many of them failed and their computation load on the server side is very high. Motivated by this need, we propose an RFID mutual authentication protocol to provide ownership transfer. In our protocol, the server needs only a constant-time complexity for identification when the tag and server are synchronized. In case of ownership transfer, our protocol preserves both old and new owners’ privacy. Our protocol is backward untraceable against a strong adversary who compromise tag, and also forward untraceable under an assumption

AnonPri: A Secure Anonymous Private Authentication Protocol for RFID Systems

Privacy preservation in RFID systems is a very important issue in modern day world. Privacy activists have been worried about the invasion of user privacy while using various RFID systems and services. Hence, significant efforts have been made to design RFID systems that preserve users\u27 privacy. Majority of the privacy preserving protocols for RFID systems require the reader to search all tags in the system in order to identify a single RFID tag which not efficient for large scale systems. In order to achieve high-speed authentication in large-scale RFID systems, researchers propose tree-based approaches, in which any pair of tags share a number of key components. Another technique is to perform group-based authentication that improves the tradeoff between scalability and privacy by dividing the tags into a number of groups. This novel authentication scheme ensures privacy of the tags. However, the level of privacy provided by the scheme decreases as more and more tags are compromised. To address this issue, in this paper, we propose a group based anonymous private authentication protocol (AnonPri) that provides higher level of privacy than the above mentioned group based scheme and achieves better efficiency (in terms of providing privacy) than the approaches that prompt the reader to perform an exhaustive search. Our protocol guarantees that the adversary cannot link the tag responses even if she can learn the identifier of the tags. Our evaluation results demonstrates that the level of privacy provided by AnonPri is higher than that of the group based authentication technique

AnonPri: A Secure Anonymous Private Authentication Protocol for RFID Systems

Privacy preservation in RFID systems is a very important issue in modern day world. Privacy activists have been worried about the invasion of user privacy while using various RFID systems and services. Hence, significant efforts have been made to design RFID systems that preserve users\u27 privacy. Majority of the privacy preserving protocols for RFID systems require the reader to search all tags in the system in order to identify a single RFID tag which not efficient for large scale systems. In order to achieve high-speed authentication in large-scale RFID systems, researchers propose tree-based approaches, in which any pair of tags share a number of key components. Another technique is to perform group-based authentication that improves the tradeoff between scalability and privacy by dividing the tags into a number of groups. This novel authentication scheme ensures privacy of the tags. However, the level of privacy provided by the scheme decreases as more and more tags are compromised. To address this issue, in this paper, we propose a group based anonymous private authentication protocol (AnonPri) that provides higher level of privacy than the above mentioned group based scheme and achieves better efficiency (in terms of providing privacy) than the approaches that prompt the reader to perform an exhaustive search. Our protocol guarantees that the adversary cannot link the tag responses even if she can learn the identifier of the tags. Our evaluation results demonstrates that the level of privacy provided by AnonPri is higher than that of the group based authentication technique