Criptografía ligera en dispositivos de identificación por radiofrecuencia- RFID

Esta tesis se centra en el estudio de la tecnología de identificación por radiofrecuencia (RFID), la cual puede ser considerada como una de las tecnologías más prometedoras dentro del área de la computación ubicua. La tecnología RFID podría ser el sustituto de los códigos de barras. Aunque la tecnología RFID ofrece numerosas ventajas frente a otros sistemas de identificación, su uso lleva asociados riesgos de seguridad, los cuales no son fáciles de resolver. Los sistemas RFID pueden ser clasificados, atendiendo al coste de las etiquetas, distinguiendo principalmente entre etiquetas de alto coste y de bajo coste. Nuestra investigación se centra fundamentalmente en estas últimas. El estudio y análisis del estado del arte nos ha permitido identificar la necesidad de desarrollar soluciones criptográficas ligeras adecuadas para estos dispositivos limitados. El uso de soluciones criptográficas estándar supone una aproximación correcta desde un punto de vista puramente teórico. Sin embargo, primitivas criptográficas estándar (funciones resumen, código de autenticación de mensajes, cifradores de bloque/flujo, etc.) exceden las capacidades de las etiquetas de bajo coste. Por tanto, es necesario el uso de criptografía ligera._______________________________________This thesis examines the security issues of Radio Frequency Identification (RFID) technology, one of the most promising technologies in the field of ubiquitous computing. Indeed, RFID technology may well replace barcode technology. Although it offers many advantages over other identification systems, there are also associated security risks that are not easy to address. RFID systems can be classified according to tag price, with distinction between high-cost and low-cost tags. Our research work focuses mainly on low-cost RFID tags. An initial study and analysis of the state of the art identifies the need for lightweight cryptographic solutions suitable for these very constrained devices. From a purely theoretical point of view, standard cryptographic solutions may be a correct approach. However, standard cryptographic primitives (hash functions, message authentication codes, block/stream ciphers, etc.) are quite demanding in terms of circuit size, power consumption and memory size, so they make costly solutions for low-cost RFID tags. Lightweight cryptography is therefore a pressing need. First, we analyze the security of the EPC Class-1 Generation-2 standard, which is considered the universal standard for low-cost RFID tags. Secondly, we cryptanalyze two new proposals, showing their unsuccessful attempt to increase the security level of the specification without much further hardware demands. Thirdly, we propose a new protocol resistant to passive attacks and conforming to low-cost RFID tag requirements. In this protocol, costly computations are only performed by the reader, and security related computations in the tag are restricted to very simple operations. The protocol is inspired in the family of Ultralightweight Mutual Authentication Protocols (UMAP: M2AP, EMAP, LMAP) and the recently proposed SASI protocol. The thesis also includes the first published cryptanalysis of xi SASI under the weakest attacker model, that is, a passive attacker. Fourthly, we propose a new protocol resistant to both passive and active attacks and suitable for moderate-cost RFID tags. We adapt Shieh et.’s protocol for smart cards, taking into account the unique features of RFID systems. Finally, because this protocol is based on the use of cryptographic primitives and standard cryptographic primitives are not supported, we address the design of lightweight cryptographic primitives. Specifically, we propose a lightweight hash function (Tav-128) and a lightweight Pseudo-Random Number Generator (LAMED and LAMED-EPC).We analyze their security level and performance, as well as their hardware requirements and show that both could be realistically implemented, even in low-cost RFID tags

A Secure RFID Authentication Protocol Adopting Error Correction Code

RFID technology has become popular in many applications; however, most of the RFID products lack security related functionality due to the hardware limitation of the low-cost RFID tags. In this paper, we propose a lightweight mutual authentication protocol adopting error correction code for RFID. Besides, we also propose an advanced version of our protocol to provide key updating. Based on the secrecy of shared keys, the reader and the tag can establish a mutual authenticity relationship. Further analysis of the protocol showed that it also satisfies integrity, forward secrecy, anonymity, and untraceability. Compared with other lightweight protocols, the proposed protocol provides stronger resistance to tracing attacks, compromising attacks and replay attacks. We also compare our protocol with previous works in terms of performance

A Conditional Privacy Preserving Authentication and Multi Party Group Key Establishment Scheme for Real-Time Application in VANETs

Vehicular Ad-hoc Networks (VANETs) are a cardinal part of intelligent transportation system (ITS) which render various services in terms of traffic and transport management. The VANET is used to manage growing traffic and manage data about traffic conditions, weather, road conditions, speed of the vehicle, etc. Even though, VANETs are self-sufficient and effective networks but they still suffer from various security and privacy issues. VANETs need to ensure that an adversary should not be able to breach user associated data and delete or modify the exchanged messages for its gains, as these messages comprise of sensitive data. In this paper, we have proposed an authentication and key-agreement protocol based on cryptographic hash functions which makes it lightweight in nature and also suitable for VANET environment. Moreover, to enhance the security and reliability of the entire system, the proposed key-agreement protocol makes use of random session modulus to compute a dynamic session key i.e. for every session, vehicles generate their session specific secret modulus which are then converged to form a common group session key. The formal verification of the proposed work is done using Real - or - Random oracle model, AVISPA and BAN Logic while informal security analysis shows that the proposed protocol can withstand various attacks. The simulation results and analysis prove that the proposed work is efficient and has a real-time application in VANET environment

Hardware design of cryptographic algorithms for low-cost RFID tags

Mención Internacional en el título de doctorRadio Frequency Identification (RFID) is a wireless technology for automatic identification that has experienced a notable growth in the last years. RFID is an important part of the new trend named Internet of Things (IoT), which describes a near future where all the objects are connected to the Internet and can interact between them. The massive deployment of RFID technology depends on device costs and dependability. In order to make these systems dependable, security needs to be added to RFID implementations, as RF communications can be accessed by an attacker who could extract or manipulate private information from the objects. On the other hand, reduced costs usually imply resource-constrained environments. Due to these resource limitations necessary to low-cost implementations, typical cryptographic primitives cannot be used to secure low-cost RFID systems. A new concept emerged due to this necessity, Lightweight Cryptography. This term was used for the first time in 2003 by Vajda et al. and research on this topic has been done widely in the last decade. Several proposals oriented to low-cost RFID systems have been reported in the literature. Many of these proposals do not tackle in a realistic way the multiple restrictions required by the technology or the specifications imposed by the different standards that have arose for these technologies. The objective of this thesis is to contribute in the field of lightweight cryptography oriented to low-cost RFID tags from the microelectronics point of view. First, a study about the implementation of lightweight cryptographic primitives is presented . Specifically, the area used in the implementation, which is one of the most important requirements of the technology as it is directly related to the cost. After this analysis, a footprint area estimator of lightweight algorithms has been developed. This estimator calculates an upper-bound of the area used in the implementation. This estimator will help in making some choices at the algorithmic level, even for designers without hardware design skills. Second, two pseudo-random number generators have been proposed. Pseudorandom number generators are essential cryptographic blocks in RFID systems. According to the most extended RFID standard, EPC Class-1 Gen-2, it is mandatory to include a generator in RFID tags. Several architectures for the two proposed generators have been presented in this thesis and they have been integrated in two authentication protocols, and the main metrics (area, throughput and power consumption) have been analysed. Finally, the topic of True Random Number Generators is studied. These generators are also very important in secure RFID, and are currently a trending research line. A novel generator, presented by Cherkaoui et al., has been evaluated under different attack scenarios. A new true random number generator based on coherent sampling and suitable for low-cost RFID systems has been proposed.La tecnología de Identificación por Radio Frecuencia, más conocida por sus siglas en inglés RFID, se ha convertido en una de las tecnologías de autoidentificación más importantes dentro de la nueva corriente de identificación conocida como Internet de las Cosas (IoT). Esta nueva tendencia describe un futuro donde todos los objetos están conectados a internet y son capaces de identificarse ante otros objetos. La implantación masiva de los sistemas RFID está hoy en día limitada por el coste de los dispositivos y la fiabilidad. Para que este tipo de sistemas sea fiable, es necesario añadir seguridad a las implementaciones RFID, ya que las comunicaciones por radio frecuencia pueden ser fácilmente atacadas y la información sobre objetos comprometida. Por otro lado, para que todos los objetos estén conectados es necesario que el coste de la tecnología de identificación sea muy reducido, lo que significa una gran limitación de recursos en diferentes ámbitos. Dada la limitación de recursos necesaria en implementaciones de bajo coste, las primitivas criptográficas típicas no pueden ser usadas para dotar de seguridad a un sistema RFID de bajo coste. El concepto de primitiva criptográfica ligera fue introducido por primera vez 2003 por Vajda et al. y ha sido desarrollado ampliamente en los últimos años, dando como resultados una serie de algoritmos criptográficos ligeros adecuados para su uso en tecnología RFID de bajo coste. El principal problema de muchos de los algoritmos presentados es que no abordan de forma realista las múltiples limitaciones de la tecnología. El objetivo de esta tesis es el de contribuir en el campo de la criptografía ligera orientada a etiquetas RFID de bajo coste desde el punto de vista de la microelectrónica. En primer lugar se presenta un estudio de la implementación de las primitivas criptográficas ligeras más utilizadas, concretamente analizando el área ocupado por dichas primitivas, ya que es uno de los parámetros críticos considerados a la hora de incluir dichas primitivas criptográficas en los dispositivos RFID de bajo coste. Tras el análisis de estas primitivas se ha desarrollado un estimador de área para algoritmos criptográficos ultraligeros que trata de dar una cota superior del área total ocupada por el algoritmo (incluyendo registros y lógica de control). Este estimador permite al diseñador, en etapas tempranas del diseño y sin tener ningún conocimiento sobre implementaciones, saber si el algoritmo está dentro de los límites de área mpuestos por la tecnología RFID. También se proponen 2 generadores de números pseudo-aleatorios. Estos generadores son uno de los bloques criptográficos más importantes en un sistema RFID. El estándar RFID más extendido entre la industria, EPC Class-1 Gen-2, establece el uso obligatorio de dicho tipo de generadores en las etiquetas RFID. Los generadores propuestos han sido implementados e integrados en 2 protocolos de comunicación orientados a RFID, obteniendo buenos resultados en las principales características del sistema. Por último, se ha estudiado el tema de los generadores de números aleatorios. Este tipo de generadores son frecuentemente usados en seguridad RFID. Actualmente esta línea de investigación es muy popular. En esta tesis, se ha evaluado la seguridad de un novedoso TRNG, presentado por Cherkaoui et al., frente ataques típicos considerados en la literatura. Además, se ha presentado un nuevo TRNG de bajo coste basado en la técnica de muestreo por pares.Programa Oficial de Doctorado en Ingeniería Eléctrica, Electrónica y AutomáticaPresidente: Teresa Riesgo Alcaide.- Secretario: Emilio Olías Ruiz.- Vocal: Giorgio di Natal

Designing and Implementing a Blockchain-based Platform for the Exchange of Peerto-Peer Energy Trading and Modelling Vehicle-to-Grid(V2G) Residential Community

The expansion of renewable energy on the national grid has been a struggle throughout the past decade. Rooftop solar photovoltaics (PV) and electric vehicle to Grid (V2G) can function as either load or distributed energy sources. Consequently, presumers can join in a Transactive energy network featuring peer-to-peer (P2P) exchange of excess electricity to enhance the grid load balancing and harmonic filtering performance. The key challenge is keeping track of these transactions and compensating supposing parties. The distributed and unchangeable characteristics of blockchain technology could be utilised to accelerate the ongoing transition to more decentralised and digital energy systems and alleviate some of the challenges the energy sector is now facing. This report presents an experimental design and implementation of a Peer-to-peer blockchain network to exchange electricity energy among participants based on the Ethereum open-source application called Solar Chain App. This demonstration project simulates the P2P Network of the electricity distribution network. A project consists of a primary network and user nodes (user nodes have homeowners and EVs). Homeowners with solar and electric vehicles Participants, assets, and transactions required to establish the blockchain-based network for tracking Buyer and seller output exchanges are described, and the smart contract, use cases, and implementation. The main purpose is to design a p2p platform that maximize renewable energy Usage and minimize the daily cost of household electricity consumption

Full Text PDF of The JBBA, 11th Issue, May 2023

Full Text PDF of The JBBA, 11th Issue, May 202

Journal of Telecommunications and Information Technology, 2009, nr 2

kwartalni