J3Gen : a PRNG for Low-Cost Passive RFID

Pseudorandom number generation (PRNG) is the main security tool in low-cost passive radio-frequency identification (RFID) technologies, such as EPC Gen2. We present a lightweight PRNG design for low-cost passive RFID tags, named J3Gen. J3Gen is based on a linear feedback shift register (LFSR) configured with multiple feedback polynomials. The polynomials are alternated during the generation of sequences via a physical source of randomness. J3Gen successfully handles the inherent linearity of LFSR based PRNGs and satisfies the statistical requirements imposed by the EPC Gen2 standard. A hardware implementation of J3Gen is presented and evaluated with regard to different design parameters, defining the key-equivalence security and nonlinearity of the design. The results of a SPICE simulation confirm the power-consumption suitability of the proposal

Multiple-polynomial LFSR based pseudorandom number generator for EPC Gen2 RFID tags

International audienceWe present a lightweight pseudorandom number generator (PRNG) design for EPC Gen2 RFID tags. It is based on a linear feedback shift register (LFSR) configured with multiple feedback polynomials that are selected by a physical source of randomness. The proposal successfully handles the inherent linearity of LFSR based PRNGs and satisfies the statistical requirements imposed by the EPC Gen2 standard. Statistical analysis of the sequences generated by our generator confirms the validity of the proposed technique.We show that our proposal has, moreover, a simpler hardware implementation and energy consumption than previous designs reported in the literature

KEDGEN2: A key establishment and derivation protocol for EPC Gen2 RFID systems

International audienceThe EPC Class-1 Generation-2 (Gen2 for short) is a Radio Frequency IDentification (RFID) technology that is gaining a prominent place in several domains. However, the Gen2 standard lacks verifiable security functionalities. Eavesdropping attacks can, for instance, affect the security of applications based on the Gen2 technology. To address this problem, RFID tags must be equipped with a robust mechanism to authenticate readers before authorising them to access their data. In this paper, we propose a key establishment and derivation protocol, which is applied at both identification phase and those remainder operations requiring security. Our solution is based on a pseudorandom number generator that uses a low computational workload, while ensuring long term secure communication to protect the secrecy of the exchanged data. Mutual authentication of the tag and the sensor and strong notions of secrecy such as forward and backward secrecy are analysed, and we prove formally that after being amended, our protocol is secure with respect to these properties

A Secure Authentication Scheme for RFID Systems

AbstractDay by day the importance of Radio Frequency Identification (RFID) systems is increasing for its powerful capabilities in automatic identification, localization and access control of the objects. However, the RFID techniques are plagued to security and privacy issues due to underlying wireless communication channel. In order to come up with a solution, we propose an efficient authentication scheme which uses pseudorandom number generators (PRNG) and some simple cryptographic operations. Moreover, as the current generation tags come with in-built pseudo random generators, the implementations of these operations are possible with low complexity. The secret information stored inside the tags is communicated in a more secure way ensuring confidentiality, integrity, and authentication. The security of our proposed scheme is analyzed against different attacks on RFID and with the performance of some existing protocols. Experimental results show a significant improvement in security with average cost, when compared with the existing techniques

DeeR-Gen: A Pseudo Random Number Generator for Industry 4.0 / IoT

Random binary bit sequences or random numbers are very useful in cryptographic applications. These sequences are used as a key in different encryption algorithms. Also, they can be used as random nonce in many mutual authentication protocols. Because these sequences are used at very basic level in cryptographic applications there generation should be fast, secure, and energy-efficient. Particularly in the case of Industry 4.0/IoT, a lightweight implementation is much needed along with high security and rapid production. The earlier generators of random numbers used the true source of randomness but the same is not feasible in current scalable Industry 4.0/IoT scenario. Many works have already been done to generate random numbers through PRNGs. Some examples are J3Gen, Warbler, LAMED, and ARROW. However, it is essential to bring a completely programmed, highly secured, energy efficient and a fast paced algorithm for random number generation. In this paper, a novel algorithm, named DeeR-Gen, which works with one multiplexer and two NLFSRs is presented. It requires only 245 GE on ASIC, lowest hardware requirement till date. Proposed methodology has also been tested for EPC test of randomness. The authors found the proposed algorithm secure and energy-efficient to be used in any lightweight cryptographic algorithm

Design and Analysis of Cryptographic Pseudorandom Number/Sequence Generators with Applications in RFID

This thesis is concerned with the design and analysis of strong de Bruijn sequences and span n sequences, and nonlinear feedback shift register (NLFSR) based pseudorandom number generators for radio frequency identification (RFID) tags. We study the generation of span n sequences using structured searching in which an NLFSR with a class of feedback functions is employed to find span n sequences. Some properties of the recurrence relation for the structured search are discovered. We use five classes of functions in this structured search, and present the number of span n sequences for 6 <= n <= 20. The linear span of a new span n sequence lies between near-optimal and optimal. According to our empirical studies, a span n sequence can be found in the structured search with a better probability of success. Newly found span n sequences can be used in the composited construction and in designing lightweight pseudorandom number generators. We first refine the composited construction based on a span n sequence for generating long de Bruijn sequences. A de Bruijn sequence produced by the composited construction is referred to as a composited de Bruijn sequence. The linear complexity of a composited de Bruijn sequence is determined. We analyze the feedback function of the composited construction from an approximation point of view for producing strong de Bruijn sequences. The cycle structure of an approximated feedback function and the linear complexity of a sequence produced by an approximated feedback function are determined. A few examples of strong de Bruijn sequences with the implementation issues of the feedback functions of an (n+16)-stage NLFSR are presented. We propose a new lightweight pseudorandom number generator family, named Warbler family based on NLFSRs for smart devices. Warbler family is comprised of a combination of modified de Bruijn blocks (CMDB) and a nonlinear feedback Welch-Gong (WG) generator. We derive the randomness properties such as period and linear complexity of an output sequence produced by the Warbler family. Two instances, Warbler-I and Warbler-II, of the Warbler family are proposed for passive RFID tags. The CMDBs of both Warbler-I and Warbler-II contain span n sequences that are produced by the structured search. We analyze the security properties of Warbler-I and Warbler-II by considering the statistical tests and several cryptanalytic attacks. Hardware implementations of both instances in VHDL show that Warbler-I and Warbler-II require 46 slices and 58 slices, respectively. Warbler-I can be used to generate 16-bit random numbers in the tag identification protocol of the EPC Class 1 Generation 2 standard, and Warbler-II can be employed as a random number generator in the tag identification as well as an authentication protocol for RFID systems.1 yea

Formal Verification of a Key Establishment Protocol for EPC Gen2 RFID Systems: Work in Progress

International audienceThe EPC Class-1 Generation-2 (Gen2 for short) is a standard Radio Frequency Identification (RFID) technology that has gained a prominent place on the retail industry. The Gen2 standard lacks, however, of verifiable security functionalities. Eavesdropping attacks can, for instance, affect the security of monitoring applications based on the Gen2 technology. We are working on a key establishment protocol that aims at addressing this problem. The protocol is applied at both the initial identification phase and those remainder operations that may require security, such as password protected operations. We specify the protocol using the High Level Protocol Specification Language (HLPSL). Then, we verify the secrecy property of the protocol using the AVISPA model checker tool. The results that we report show that the current version of the protocol guarantees sensitive data secrecy under the presence of a passive adversary

Survey on Lightweight Primitives and Protocols for RFID in Wireless Sensor Networks

The use of radio frequency identification (RFID) technologies is becoming widespread in all kind of wireless network-based applications. As expected, applications based on sensor networks, ad-hoc or mobile ad hoc networks (MANETs) can be highly benefited from the adoption of RFID solutions. There is a strong need to employ lightweight cryptographic primitives for many security applications because of the tight cost and constrained resource requirement of sensor based networks. This paper mainly focuses on the security analysis of lightweight protocols and algorithms proposed for the security of RFID systems. A large number of research solutions have been proposed to implement lightweight cryptographic primitives and protocols in sensor and RFID integration based resource constraint networks. In this work, an overview of the currently discussed lightweight primitives and their attributes has been done. These primitives and protocols have been compared based on gate equivalents (GEs), power, technology, strengths, weaknesses and attacks. Further, an integration of primitives and protocols is compared with the possibilities of their applications in practical scenarios

Privacy control methods in RFID

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2006.Includes bibliographical references (p. 101-102).The work documented in this thesis is part of the OpenTag project, which has the goal of designing and developing a flexible and more powerful RFID system to meet the needs of the approaching ubiquitous tagging of everyday items. The focus of this thesis is on methods to improve privacy control in item level RFID tags. Several methods for the prevention of unwanted identification and tracking of tagged items are explored in the context of item level tags, which are greatly limited in size, cost, and computational power. A subset of the methods are implemented in RFID reader-side software and in an RFID Tag Emulator that mimics the behavior of an RFID tag while being suitable for time and cost efficient prototyping.by Daniel Z. Chen.M.Eng

Distributed Wireless Algorithms for RFID Systems: Grouping Proofs and Cardinality Estimation

The breadth and depth of the use of Radio Frequency Identification (RFID) are becoming more substantial. RFID is a technology useful for identifying unique items through radio waves. We design algorithms on RFID-based systems for the Grouping Proof and Cardinality Estimation problems. A grouping-proof protocol is evidence that a reader simultaneously scanned the RFID tags in a group. In many practical scenarios, grouping-proofs greatly expand the potential of RFID-based systems such as supply chain applications, simultaneous scanning of multiple forms of IDs in banks or airports, and government paperwork. The design of RFID grouping-proofs that provide optimal security, privacy, and efficiency is largely an open area, with challenging problems including robust privacy mechanisms, addressing completeness and incompleteness (missing tags), and allowing dynamic groups definitions. In this work we present three variations of grouping-proof protocols that implement our mechanisms to overcome these challenges. Cardinality estimation is for the reader to determine the number of tags in its communication range. Speed and accuracy are important goals. Many practical applications need an accurate and anonymous estimation of the number of tagged objects. Examples include intelligent transportation and stadium management. We provide an optimal estimation algorithm template for cardinality estimation that works for a {0,1,e} channel, which extends to most estimators and ,possibly, a high resolution {0,1,...,k-1,e} channel