Integrating Blockchain into Supply Chain Safeguarded by PUF-enabled RFID.

Due to globalization, supply chain networks are moving towards higher complexity and becoming vulnerable to various kinds of attacks such as counterfeiting, information tampering, and so on. Appropriate approaches are necessary to tackle different types of attacks and to ensure the required supply chain security. In this thesis, we have addressed the product counterfeiting issue using Physical Unclonable Function (PUF) enabled Radio Frequency Identification (RFID) tag. Applying blockchain technology to supply chain can add many useful features to the supply chain, such as decentralization and immutability. On the other hand, linking supply chain products to blockchain can bring transparency, traceability, and non-repudiation as well. As a preferred alternative to the traditional centralized databases, blockchain can address certain supply chain management issues such as complicated record-keeping, provenance tracking of the products, and distrust among different supply chain parties. In this research, blockchain technology has been leveraged to support anticounterfeiting and deal with data attacks. We have also introduced a reputation-based consensus algorithm for the blockchain which is less resource-intensive and thus will not impose additional cost on supply chain products indirectly. In the same research direction, we have devised our system architecture that is suitable for lightweight supply chain devices. The proposed three protocols, namely: registration protocol, verification protocol, and transaction protocol along with the blockchain technology help to transfer the ownership of the authentic product and keep the sensitive supply chain information safe. An encryption-based secret sharing technique has also been introduced to assist data protection

Efficient Detection of Counterfeit Products in Large-scale RFID Systems Using Batch Authentication Protocols

RFID technology facilitates processing of product information, making it a promising technology for anti-counterfeiting. However, in large-scale RFID applications, such as supply chain, retail industry, pharmaceutical industry, total tag estimation and tag authentication are two major research issues. Though there are per-tag authentication protocols and probabilistic approaches for total tag estimation in RFID systems, the RFID authentication protocols are mainly per-tag-based where the reader authenticates one tag at each time. For a batch of tags, current RFID systems have to identify them and then authenticate each tag sequentially, one at a time. This increases the protocol execution time due to the large volume of authentication data. In this paper, we propose to detect counterfeit tags in large-scale system using efficient batch authentication protocol. We propose FSA-based protocol, FTest, to meet the requirements of prompt and reliable batch authentication in large-scale RFID applications. FTest can determine the validity of a batch of tags with minimal execution time which is a major goal of large-scale RFID systems. FTest can reduce protocol execution time by ensuring that the percentage of potential counterfeit products is under the user-defined threshold. The experimental result demonstrates that FTest performs significantly better than the existing counterfeit detection approaches, for example, existing authentication techniques

Energy consideration when integrating Blockchain with IoT for anti-counterfeit

Blockchain technology has been growing in popularity after Bitcoin, the first protocol has demonstrated a strong use case of the technology in Finance. Over the years, as the technology develops more and more, other use cases for the technology which basically relies on a distributed ledger database system have been explored in areas like supply chain and Internet of Things, to help in some of the bottleneck which IoT faces, some of the challenges are security, privacy, scalability, etc. This thesis work will consider energy consumption when integrating IoT with the Blockchain for anti-counterfeit purposes. Because there is little public academic information about the integration of Blockchain with IoT, it is very difficult to ascertain quantitatively, the energy requirement in application areas like anti-counterfeit. This thesis work has to qualitatively, rely on projects whitepapers and application documentation when comparing the energy requirement in the integration of Blockchain and IoT used for counterfeit solutions by different projects. Both private and public (open-sourced) projects were considered and resulted in two broad classifications ‘integration by brands using a unique identifier (RFID and NFC)’ and ‘integration throughout a product lifecycle’. Energy need for each project(s) in a class is considered based on the IoT hardware used and the Blockchain generation and consensus which also seems to have an impact on the implementation cost and complexity of the project

Currency security and forensics: a survey

By its definition, the word currency refers to an agreed medium for exchange, a nation’s currency is the formal medium enforced by the elected governing entity. Throughout history, issuers have faced one common threat: counterfeiting. Despite technological advancements, overcoming counterfeit production remains a distant future. Scientific determination of authenticity requires a deep understanding of the raw materials and manufacturing processes involved. This survey serves as a synthesis of the current literature to understand the technology and the mechanics involved in currency manufacture and security, whilst identifying gaps in the current literature. Ultimately, a robust currency is desire

Prevention And Detection Mechanism For Security In Passive Rfid System

Low-cost radio frequency identification (RFID) tags conforming to the EPCglobal Class-1 Generation-2 standard are inherently insecure due to computational constraints. This thesis proposed the use of both prevention and detection mechanisms to solve the security and privacy issues. A lightweight cryptographic mutual authentication protocol which is resistant to tracking, denial of service (DoS) and replay attacks is proposed as a prevention mechanism. The proposed protocol is designed with lightweight cryptographic algorithm, including XOR, Hamming distance, rotation and a modified linear congruential generator (MLCG). The proposed protocol using 64 bits index is proved having the lowest non-unequivocally identification probability. In addition, the randomness of the session key generated from the MLCG is verified using NIST test suite. Besides that, the security of the proposed protocol is validated using the formal analysis tool, AVISPA. The correctness of the proposed protocol is demonstrated in a simulation model developed in JAVA TCP/IP socket. Next, the proposed protocol is implemented in RFID system including IAIK UHF Demo tag, TagSense Nano-UHF reader and back-end database. A GUI is created in a form of JAVA application to display data detected from tag. The proposed protocol implemented in real RFID system outperforms other related protocols because of 13.46 % shorter read time and write time consumed. The system is proved to be able to prevent tracking, DoS, and replay attacks from adversaries with moderate computation requirement compared to other related protocols

Ensuring Application Specific Security, Privacy and Performance Goals in RFID Systems

Radio Frequency IDentification (RFID) is an automatic identification technology that uses radio frequency to identify objects. Securing RFID systems and providing privacy in RFID applications has been the focus of much academic work lately. To ensure universal acceptance of RFID technology, security and privacy issued must be addressed into the design of any RFID application. Due to the constraints on memory, power, storage capacity, and amount of logic on RFID devices, traditional public key based strong security mechanisms are unsuitable for them. Usually, low cost general authentication protocols are used to secure RFID systems. However, the generic authentication protocols provide relatively low performance for different types of RFID applications. We identified that each RFID application has unique research challenges and different performance bottlenecks based on the characteristics of the system. One strategy is to devise security protocols such that application specific goals are met and system specific performance requirements are maximized. This dissertation aims to address the problem of devising application specific security protocols for current and next generation RFID systems so that in each application area maximum performance can be achieved and system specific goals are met. In this dissertation, we propose four different authentication techniques for RFID technologies, providing solutions to the following research issues: 1) detecting counterfeit as well as ensuring low response time in large scale RFID systems, 2) preserving privacy and maintaining scalability in RFID based healthcare systems, 3) ensuring security and survivability of Computational RFID (CRFID) networks, and 4) detecting missing WISP tags efficiently to ensure reliability of CRFID based system\u27s decision. The techniques presented in this dissertation achieve good levels of privacy, provide security, scale to large systems, and can be implemented on resource-constrained RFID devices