Time-Efficient Cloning Attacks Identification in Large-Scale RFID Systems

Radio Frequency Identification (RFID) is an emerging technology for electronic labeling of objects for the purpose of automatically identifying, categorizing, locating, and tracking the objects. But in their current form RFID systems are susceptible to cloning attacks that seriously threaten RFID applications but are hard to prevent. Existing protocols aimed at detecting whether there are cloning attacks in single-reader RFID systems. In this paper, we investigate the cloning attacks identification in the multireader scenario and first propose a time-efficient protocol, called the time-efficient Cloning Attacks Identification Protocol (CAIP) to identify all cloned tags in multireaders RFID systems. We evaluate the performance of CAIP through extensive simulations. The results show that CAIP can identify all the cloned tags in large-scale RFID systems fairly fast with required accuracy

Implementation of Security in RFID Tag Data Transmissions with DES Cryptography

One use of RFID is used as a user authentication tool that can provide more access to a system. Security is much needed on RFID. If authentication rights are misused for the wrong thing then it is very dangerous. The scheme used is to send RFID Tag ID data as a unique authentication code. RFID Tag ID will be sent from client to server using local network scale. RFID Tag ID data transmission can be done using wireless transmission media. When shipping the "bugs" can steal data with sniffing techniques. To minimize the risk of data theft can be applied data encryption method with DES algorithm. There will be a modified 8-bit RFID Tag ID which will add 8-bit user passwords. So 16 bit data can be processed with DES algorithm. With the data encryption at the time of delivery from client to server then data sent will be encrypted. So tappers can not misuse existing data

Clone tag detection in distributed RFID systems

Although Radio Frequency Identification (RFID) is poised to displace barcodes, security vulnerabilities pose serious challenges for global adoption of the RFID technology. Specifically, RFID tags are prone to basic cloning and counterfeiting security attacks. A successful cloning of the RFID tags in many commercial applications can lead to many serious problems such as financial losses, brand damage, safety and health of the public. With many industries such as pharmaceutical and businesses deploying RFID technology with a variety of products, it is important to tackle RFID tag cloning problem and improve the resistance of the RFID systems. To this end, we propose an approach for detecting cloned RFID tags in RFID systems with high detection accuracy and minimal overhead thus overcoming practical challenges in existing approaches. The proposed approach is based on consistency of dual hash collisions and modified count-min sketch vector. We evaluated the proposed approach through extensive experiments and compared it with existing baseline approaches in terms of execution time and detection accuracy under varying RFID tag cloning ratio. The results of the experiments show that the proposed approach outperforms the baseline approaches in cloned RFID tag detection accuracy

Integrating Blockchain into Supply Chain Safeguarded by PUF-enabled RFID.

Due to globalization, supply chain networks are moving towards higher complexity and becoming vulnerable to various kinds of attacks such as counterfeiting, information tampering, and so on. Appropriate approaches are necessary to tackle different types of attacks and to ensure the required supply chain security. In this thesis, we have addressed the product counterfeiting issue using Physical Unclonable Function (PUF) enabled Radio Frequency Identification (RFID) tag. Applying blockchain technology to supply chain can add many useful features to the supply chain, such as decentralization and immutability. On the other hand, linking supply chain products to blockchain can bring transparency, traceability, and non-repudiation as well. As a preferred alternative to the traditional centralized databases, blockchain can address certain supply chain management issues such as complicated record-keeping, provenance tracking of the products, and distrust among different supply chain parties. In this research, blockchain technology has been leveraged to support anticounterfeiting and deal with data attacks. We have also introduced a reputation-based consensus algorithm for the blockchain which is less resource-intensive and thus will not impose additional cost on supply chain products indirectly. In the same research direction, we have devised our system architecture that is suitable for lightweight supply chain devices. The proposed three protocols, namely: registration protocol, verification protocol, and transaction protocol along with the blockchain technology help to transfer the ownership of the authentic product and keep the sensitive supply chain information safe. An encryption-based secret sharing technique has also been introduced to assist data protection

Novel Cryptographic Authentication Mechanisms for Supply Chains and OpenStack

In this dissertation, first, we studied the Radio-Frequency Identification (RFID) tag authentication problem in supply chains. RFID tags have been widely used as a low-cost wireless method for detecting counterfeit product injection in supply chains. We open a new direction toward solving this problem by using the Non-Volatile Memory (NVM) of recent RFID tags. We propose a method based on this direction that significantly improves the availability of the system and costs less. In our method, we introduce the notion of Software Unclonability, which is a kind of one-time MAC for authenticating random inputs. Also, we introduce three lightweight constructions that are software unclonable. Second, we focus on OpenStack that is a prestigious open-source cloud platform. OpenStack takes advantage of some tokening mechanisms to establish trust between its modules and users. It turns out that when an adversary captures user tokens by exploiting a bug in a module, he gets extreme power on behalf of users. Here, we propose a novel tokening mechanism that ties commands to tokens and enables OpenStack to support short life tokens while it keeps the performance up

Enchancing RFID data quality and reliability using approximate filtering techniques

Radio Frequency Identification (RFID) is an emerging auto-identification technology that uses radio waves to identify and track physical objects without the line of sight. While delivering significant improvements in various aspects, such as, stock management and inventory accuracy, there are serious data management issues that affect RFID data quality in preparing reliable solutions. The raw read rate in real world RFID deployments is often in the 60-70% range and naturally unreliable because of redundant and false readings. The redundant readings result in unnecessary storage and affect the efficiency of data processing. Furthermore, false readings that focused on false positive readings generated by cloned tag could be mistakenly considered as valid and affects the final results and decisions. Therefore, two approaches to enhance the RFID data quality and reliability were proposed. A redundant reading filtering approach based on modified Bloom Filter is presented as the existing Bloom Filter based approaches are quite intricate. Meanwhile, even though tag cloning has been identified as one of the serious RFID security issue, it only received little attention in the literature. Therefore we developed a lightweight anti-cloning approach based on modified Count- Min sketch vector and tag reading frequency from e-pedigree in observing identical Electronic Product Code (EPC) of the low cost tag in local site and distributed region in supply chain. Experimental results showed, that the first proposed approach, Duplicate Filtering Hash (DFH) achieved the lowest false positive rate of 0.06% and the highest true positive rate of 89.94% as compared to other baseline approaches. DFH is 71.1% faster than d-Left Time Bloom Filter (DLTBF) while reducing amount of hashing and achieved 100% true negative rate. The second proposed approach, Managing Counterfeit Hash (MCH) performs fastest and 25.7% faster than baseline protocol (BASE) and achieved 99% detection accuracy while DeClone 64% and BASE 77%. Thus, this study successfully proposed approaches that can enhance the RFID data quality and reliability

A Taxonomy of Security Threats and Solutions for RFID Systems

RFID (Radio Frequency Identification) is a method of wireless data collection technology that uses RFID tags or transponders to electronically store and retrieve data. RFID tags are quickly replacing barcodes as the “identification system of choice” [1]. Since RFID devices are electronic devices, they can be hacked into by an outsider, and their data can be accessed or modified without the user knowing. New threats to RFID-enabled systems are always on the horizon. A systematic classification should be used to categorize these threats to help reduce confusion. This paper will look at the problem of security threats towards RFID systems, and provide a taxonomy for these threats

User access control system based on ESP32 technology

Mestrado de dupla diplomação com a UTFPR - Universidade Tecnológica Federal do ParanáAccess Control Systems are systems that are capable of controlling user access with permission-based databases. The majority of commercial Access Control Systems nowadays, even the expansive ones, lacks many advanced features, such as the possibility to control and configure multiple sectors over Wi-Fi (including illumination), using scheduling based permissions, and without any additional servers. This project aims to develop an Access Control System costing under US$15, capable of registering and allowing (or denying) the access of users in multiple sectors, using up to 49 modules interconnected over Wi-Fi (one being the main module, and the other the secondary modules), using web-based graphical interfaces, allowing a centralized and practical way of configuring and setting databases. The modules use low-range RFID tags to identify users, and are able to control electrical locks, illumination and micro-switches of it’s corresponding sector, and also notify adjacent sectors of entries and exits. To keep the project easy to use, all the settings and databases can be accessed, filtered and edited in a graphical web interface (HTML5 and CSS) provided by an internal webserver running at the ESP32 controllers, and available to authenticated users. The result is a low cost Access Control System that is fast, reliable and easy to use product, presenting advanced features, such as multi-sector control and with wireless (Wi-Fi) communication