Tag Ownership Transfer in Radio Frequency Identification Systems: A Survey of Existing Protocols and Open Challenges

Radio frequency identification (RFID) is a modern approach to identify and track several assets at once in a supply chain environment. In many RFID applications, tagged items are frequently transferred from one owner to another. Thus, there is a need for secure ownership transfer (OT) protocols that can perform the transfer while, at the same time, protect the privacy of owners. Several protocols have been proposed in an attempt to fulfill this requirement. In this paper, we provide a comprehensive and systematic review of the RFID OT protocols that appeared over the years of 2005-2018. In addition, we compare these protocols based on the security goals which involve their support of OT properties and their resistance to attacks. From the presented comparison, we draw attention to the open issues in this field and provide suggestions for the direction that future research should follow. Furthermore, we suggest a set of guidelines to be considered in the design of new protocols. To the best of our knowledge, this is the first comprehensive survey that reviews the available OT protocols from the early start up to the current state of the art

A Flexible Ultralight Hardware Security Module for EPC RFID Tags

Due to the rapid growth of using Internet of Things (IoT) devices in daily life, the need to achieve an acceptable level of security and privacy for these devices is rising. Security risks may include privacy threats like gaining sensitive information from a device, and authentication problems from counterfeit or cloned devices. It is more challenging to add security features to extremely constrained devices, such as passive Electronic Product Code (EPC) Radio Frequency Identification (RFID) tags, compared to devices that have more computational and storage capabilities. EPC RFID tags are simple and low-cost electronic circuits that are commonly used in supply chains, retail stores, and other applications to identify physical objects. Most tags today are simple "license plates" that just identify the object they are attached to and have minimal security. Due to the security risks of new applications, there is an important need to implement secure RFID tags. Examples of the security risks for these applications include unauthorized physical tracking and inventorying of tags. The current commercial RFID tag designs use specialised hardware circuits approach. This approach can achieve the lowest area and power consumption; however, it lacks flexibility. This thesis presents an optimized application-specific instruction set architecture (ISA) for an ultralight Hardware Security Module (HSM). HSMs are computing devices that protect cryptographic keys and operations for a device. The HSM combines all security-related functions for passive RFID tag. The goal of this research is to demonstrate that using an application-specific instruction set processor (ASIP) architecture for ultralight HSMs provides benefits in terms of trade-offs between flexibility, extensibility, and efficiency. Our novel application specific instruction-set architecture allows flexibility on many design levels and achieves acceptable security level for passive EPC RFID tag. Our solution moves a major design effort from hardware to software, which largely reduces the final unit cost. Our ASIP processor can be implemented with 4,662 gate equivalent units (GEs) for 65 nm CMOS technology excluding cryptographic units and memories. We integrated and analysed four cryptographic modules: AES and Simeck block ciphers, WG-5 stream cipher, and ACE authenticated encryption module. Our HSM achieves very good efficiencies for both block and stream ciphers. Specifically for the AES cipher, we improve over a previous programmable AES implementation result by 32x. We increase performance dramatically and increase/decrease area by 17.97/17.14% respectively. These results fulfill the requirements of extremely constrained devices and allow the inclusion of cryptographic units into the datapath of our ASIP processor

Based on Mobile RFID to Design A Secure Transaction for Market Service

近年來，無線射頻讀取裝置被廣泛的運用在手持裝置上，也因此行動式讀取器和無線射頻系統的後端伺服器之間的安全性問題日趨重要。基於無線射頻系統的後端伺服器和讀取器之間的傳輸通道是不安全的假設之下，本文提出了一個新的安全機制計並符合EPC C1G2標準。為了降低賣場人力資源的管理，賣場的會員可以利用他們的行動式讀取器對商品做查詢並且在收銀台有效率地做結帳的動作。會員也可以利用累積的紅利點數去跟櫃台做兌獎的動作。再者，賣場提供售後服務，並支援一個平台給會員們做二手買賣交易。為了達到相互驗證，我們提出的方法結合指紋辨識和相關的加密演算法，保證訊息在傳輸過程中是安全的。我們的安全機制也有利於電子商務上的應用。基於Pedro等人的安全性分析，我們提出的設計可抵擋已知存在的攻擊。In recent years, as RFID reader equipments have been widely deployed in handled devices, the security problems between the mobile reader and the RFID server become more important than ever before. In this study, under the assumption of that the communication channel between RFID server and RFID reader is not secure, we propose a novel scheme based on EPC C1G2 standards with low implementation cost. Benefit from reducing the manpower of market management, the market members can use the mobile reader to query products information and make a secure transaction through cash register efficiently. The membership holders can also use the accumulated digital coupons to redeem prizes with the server. Moreover, the market can support after-sale service and ownership transfer for members. In order to achieve the mutual authentication, our proposed scheme integrates the fingerprint biometrics, related cryptology and hash function mechanism to ensure the security of the transmission messages. The proposed scheme is also beneficial to M-commerce and can resist known attacks, based on Pedro et al.'s cryptanalysis.CONTENTS Chapter 1 Introduction...................................1 1.2. RFID system requirements............................3 1.2.1. Assumptions.....................................3 1.2.2. Attacks definition..............................3 1.2.3. Security requirements...........................4 1.3. Thesis organization.................................5 Chapter 2 Based on Mobile RFID for Membership Stores System Conforming EPC C1G2 Standards.......................6 2.1. Related works.......................................6 2.2. System framework....................................9 2.3. Notations..........................................10 2.4. Registration phase.................................11 2.5. Query and authentication phase.....................12 2.6. Coupon accumulating phase..........................17 2.7. Redemption phase...................................19 2.8. Password and key change phase......................21 Chapter 3 Security Analysis and Discussions of 「Based on Mobile RFID for Membership Stores System Conforming EPC C1G2 Standards」..........................................23 3.1. Security analysis..................................23 3.1.1. Resist tag impersonation attack................23 3.1.2. Resist forgery server attack...................23 3.1.3. Privacy protection.............................24 3.1.4. Resist mobile reader lost attack...............24 3.1.5. Mutual authentication..........................24 3.1.6. Resist replay attack...........................25 3.1.7. Resist trace attack............................26 3.1.8. Resist man-in-the-middle attack................27 3.1.9. User location privacy..........................28 3.2. Discussions........................................29 Chapter 4 Ownership Transfer Protocol Based on Mobile RFID for Membership Stores System.........................33 4.1. Related works......................................33 4.2. System framework...................................35 4.3. Notations..........................................37 4.4. Initial phase......................................38 4.5. Query and authentication phase.....................39 4.6. Purchase phase.....................................44 4.7. Product authentication phase.......................47 4.8. Ownership transfer phase...........................49 Chapter 5 Security Analysis and Discussions of 「Ownership Transfer Protocol Based on Mobile RFID for Membership Stores System」................................51 5.1. Security analysis..................................51 5.1.1. Privacy protection.............................51 5.1.2. Mutual authentication..........................51 5.1.3. Resist replay attack...........................52 5.1.4. Resist man-in-the-middle attack................53 5.1.5. Resist tag impersonation attack................54 5.1.6. Resist trace attack............................54 5.1.7. Resist mobile reader lost attack...............55 5.1.8. User location privacy..........................55 5.1.9. Resist forgery server attack...................56 5.1.10. Ownership transfer analysis...................57 5.2. Discussions........................................58 Chapter 6 Conclusions...................................62 References................................................63 LIST OF TABLES Table 1：Comparison of the time complexity................29 Table 2：Security comparison..............................30 Table 3：Mechanism comparison.............................31 Table 4：Communication costs of the transfer request in based on mobile RFID for membership stores system conforming EPC C1G2 standards scheme......................32 Table 5：Time complexity comparison of the related ownership transfer scheme.................................58 Table 6：Security comparison of the related ownership transfer scheme...........................................59 Table 7：Mechanism comparison of the related ownership transfer scheme...........................................60 Table 8：Communication costs of the transfer request in ownership transfer protocol based on mobile RFID for membership stores system scheme...........................60 LIST OF FIGURES Figure 1：Overview of Toiruul and Lee’s scheme............6 Figure 2：Overview of Osaka et al.’s scheme A.............7 Figure 3：Overview of Chien et al.’s scheme...............8 Figure 4：Scenario of based on mobile RFID for membership stores system conforming EPC C1G2 standards scheme.........9 Figure 5：Overview of the registration phase..............11 Figure 6：Overview of based on mobile RFID for membership stores system conforming EPC C1G2 standards query and authentication phase......................................13 Figure 7：Overview of the coupon accumulating phase.......17 Figure 8：Overview of the redemption phase................20 Figure 9：Overview of the password and key change phase...21 Figure 10：Overview of Osaka et al.’s scheme B...........33 Figure 11：Overview of Song’s scheme.....................34 Figure 12：Scenario of ownership transfer protocol based on mobile RFID for membership stores system scheme...........36 Figure 13：Overview of the initial phase..................38 Figure 14：Overview of ownership transfer protocol based on mobile RFID for membership stores system scheme query and authentication phase......................................40 Figure 15：Overview of the purchase phase.................44 Figure 16：Overview of the product authentication phase...47 Figure 17：Overview of the ownership transfer phase.......4