Criptografía ligera en dispositivos de identificación por radiofrecuencia- RFID

Esta tesis se centra en el estudio de la tecnología de identificación por radiofrecuencia (RFID), la cual puede ser considerada como una de las tecnologías más prometedoras dentro del área de la computación ubicua. La tecnología RFID podría ser el sustituto de los códigos de barras. Aunque la tecnología RFID ofrece numerosas ventajas frente a otros sistemas de identificación, su uso lleva asociados riesgos de seguridad, los cuales no son fáciles de resolver. Los sistemas RFID pueden ser clasificados, atendiendo al coste de las etiquetas, distinguiendo principalmente entre etiquetas de alto coste y de bajo coste. Nuestra investigación se centra fundamentalmente en estas últimas. El estudio y análisis del estado del arte nos ha permitido identificar la necesidad de desarrollar soluciones criptográficas ligeras adecuadas para estos dispositivos limitados. El uso de soluciones criptográficas estándar supone una aproximación correcta desde un punto de vista puramente teórico. Sin embargo, primitivas criptográficas estándar (funciones resumen, código de autenticación de mensajes, cifradores de bloque/flujo, etc.) exceden las capacidades de las etiquetas de bajo coste. Por tanto, es necesario el uso de criptografía ligera._______________________________________This thesis examines the security issues of Radio Frequency Identification (RFID) technology, one of the most promising technologies in the field of ubiquitous computing. Indeed, RFID technology may well replace barcode technology. Although it offers many advantages over other identification systems, there are also associated security risks that are not easy to address. RFID systems can be classified according to tag price, with distinction between high-cost and low-cost tags. Our research work focuses mainly on low-cost RFID tags. An initial study and analysis of the state of the art identifies the need for lightweight cryptographic solutions suitable for these very constrained devices. From a purely theoretical point of view, standard cryptographic solutions may be a correct approach. However, standard cryptographic primitives (hash functions, message authentication codes, block/stream ciphers, etc.) are quite demanding in terms of circuit size, power consumption and memory size, so they make costly solutions for low-cost RFID tags. Lightweight cryptography is therefore a pressing need. First, we analyze the security of the EPC Class-1 Generation-2 standard, which is considered the universal standard for low-cost RFID tags. Secondly, we cryptanalyze two new proposals, showing their unsuccessful attempt to increase the security level of the specification without much further hardware demands. Thirdly, we propose a new protocol resistant to passive attacks and conforming to low-cost RFID tag requirements. In this protocol, costly computations are only performed by the reader, and security related computations in the tag are restricted to very simple operations. The protocol is inspired in the family of Ultralightweight Mutual Authentication Protocols (UMAP: M2AP, EMAP, LMAP) and the recently proposed SASI protocol. The thesis also includes the first published cryptanalysis of xi SASI under the weakest attacker model, that is, a passive attacker. Fourthly, we propose a new protocol resistant to both passive and active attacks and suitable for moderate-cost RFID tags. We adapt Shieh et.’s protocol for smart cards, taking into account the unique features of RFID systems. Finally, because this protocol is based on the use of cryptographic primitives and standard cryptographic primitives are not supported, we address the design of lightweight cryptographic primitives. Specifically, we propose a lightweight hash function (Tav-128) and a lightweight Pseudo-Random Number Generator (LAMED and LAMED-EPC).We analyze their security level and performance, as well as their hardware requirements and show that both could be realistically implemented, even in low-cost RFID tags

DESIGN AUTOMATION FOR LOW POWER RFID TAGS

Radio Frequency Identification (RFID) tags are small, wireless devices capable of automated item identification, used in a variety of applications including supply chain management, asset management, automatic toll collection (EZ Pass), etc. However, the design of these types of custom systems using the traditional methods can take months for a hardware engineer to develop and debug. In this dissertation, an automated, low-power flow for the design of RFID tags has been developed, implemented and validated. This dissertation presents the RFID Compiler, which permits high-level design entry using a simple description of the desired primitives and their behavior in ANSI-C. The compiler has different back-ends capable of targeting microprocessor-based or custom hardware-based tags. For the hardware-based tag, the back-end automatically converts the user-supplied behavior in C to low power synthesizable VHDL optimized for RFID applications. The compiler also integrates a fast, high-level power macromodeling flow, which can be used to generate power estimates within 15% accuracy of industry CAD tools and to optimize the primitives and / or the behaviors, compared to conventional practices. Using the RFID Compiler, the user can develop the entire design in a matter of days or weeks. The compiler has been used to implement standards such as ANSI, ISO 18000-7, 18000-6C and 18185-7. The automatically generated tag designs were validated by targeting microprocessors such as the AD Chips EISC and FPGAs such as Xilinx Spartan 3. The corresponding ASIC implementation is comparable to the conventionally designed commercial tags in terms of the energy and area. Thus, the RFID Compiler permits the design of power efficient, custom RFID tags by a wider audience with a dramatically reduced design cycle

AN ARCHITECTURAL APPROACH FOR REDUCINGPOWER AND INCREASING SECURITY OF RFID TAGS

Radio Frequency Identification (RFID) technology is currently employed for a variety of applications such as RFID-based wireless payment, healthcare, homeland security, asset management,etc. Due to newer privacy requirements and increasingly secure applications, typical RFID tags are required to expand security features such as data encryption and safe transactions. However, RFID tags have extremely strict low-power consumption requirements. Thus, reduced power consumption and secure data transactions are two main problems for the next generation RFID tags.This dissertation presents an architectural approach to address these two main problems.This dissertation provides a multi-domain solution to improve the power consumption andsecurity, while also reducing design time and verification time of the system. In particular, Idescribe (1)a smart buffering technique to allow a tag to remain in a standby mode until addressed,(2)a multi-layer, low-power technique that transcends the passive-transaction, physical, and data layers to provide secure transactions, (3) an FPGA-based traffic profiler system to generate traces of RFID communications for both tag verification and power analysis without the need of actual hardware, and (4) a design automation technique to create physical layer encoding and decoding blocks in hardware suitable for RFID tags.This dissertation presents four contributions: (1) As a result, based on a Markov Process energymodel, the smart buffering technique is shown to reduce power consumption by 85% over a traditionalactive tag; (2) The multi-layer, low-power security technique provides protection againstmalicious reader attacks to disable the tag, to steal the information stored in or communicatedto the device. The power consumption overhead for implementing these layers of security is increased approximately 13% over the basic tag controller; (3) In addition, the FPGA-based traffic profiler system has been able to generate traces for ISO 18000 part 6C (EPC Gen2) protocol; and (4) The designs of endocing/decoding blocks are generated automatically by the Physical LayerSynthesis tool for five protocols used in or related to RFID. Consequently, any power consumption of five designs is less than 5 £gW. Furthermore, compared with five designs implemented by hand, the difference of the power consumption between two of them is less than 7% at most

A secure localization framework of RAIN RFID objects for ambient assisted living

Internet of things (IoT) is currently on our doorsteps. Numerous domains have beneted from this technology. It ranges from a simple application such as identifying an object up to handling a more complex system. The Radio Frequency IDentication (RFID) is one of the enabling technologies that drive the IoT to its position today. It is small, cheap and does not require any additional power sources. Along with its ubiquitous functionality, this technology enables the positioning of an object within a specic area. Ambient Assisted Living (AAL) is one of the many domains that benet from the IoT. It aims at assisting elderly people in their daily routines by providing new assistive services in smart homes for instance. RFIDs in a smart home come as a great help to an elderly person, for example, to nd an object that they misplaced. However, even with all its benets in simplifying our lives, it is unfortunately double-edged where the advantage that it brings to an object could in turn go against itself. Indeed to be able to help the older adults to locate an object, the system requires certain data in relation to the positioning of the object and its identication. As the passive RFID tag coverage is very small, once its presence is detected, it is dicult to hide it. The ability of this technology in localizing objects gives an opportunity to a third person to take an advantage of the system. In parallel with the persistent and constant need of privacy and secrecy by the users, the objective of this thesis consists of improving the privacy in localizing an object through a new protocol based on the latest version of the RFID second generation passive tag. The proposed protocol must be able to prevent an object from being identied and located by unauthorized parties or a malicious reader. The rst contribution of this work is the assessment of the RFID anti collision management. It is performed through the creation of an OMNET++ framework, modelled and built based on the latest RFID standard developed by GS1 and incorporated by ISO/IEC called Gen2V2 (RFID class 2 Generation 2 Version 2). It is a passive RFID tag that does not require any internal power sources to operate. It communicates using the UHF frequency. The Gen2V2 standard provides a list of cryptographical suites that can be used as a method to authenticate a tag and a reader. This new generation of tags is supported by an alliance of manufacturers called RAIN (RAdio frequency IdenticatioN) that promotes the adoption of the Gen2V2. The anti collision management overall performance is then compared with its theoretical value and four of its cryptographical suites namely PRESENT80, XOR, AES128 and cryptoGPS. Among the performances evaluated within the framework is the number of collisions and the duration required to interrogate a group of tags. Note that an addition of a localization functionality within the framework reveals that exchanged messages through wireless channel prior to the authentication can lead to a malicious localization of an object. To increase the localization privacy within AAL application, we propose therefore a second contribution which is a new localization method that is based on the current Gen2V2 standard exchanges by anonymizing the tag identity

Leveraging Backscatter for Ultra-low Power Wireless Sensing Systems

The past few years have seen a dramatic growth in wireless sensing systems, with millions of wirelessly connected sensors becoming first-class citizens of the Internet. The number of wireless sensing devices is expected to surpass 6.75 billion by 2017, more than the world\u27s population as well as the combined market of smartphones, tablets, and PCs. However, its growth faces two pressing challenges: battery energy density and wireless radio power consumption. Battery energy density looms as a fundamental limiting factor due to slow improvements over the past several decades (3x over 22 years). Wireless radio power consumption is another key challenge because high-speed wireless communication is often far more expensive energy-wise than computation, storage and sensing. To make matters worse, wireless sensing devices are generating an increasing amount of data. These challenges raise a fundamental question --- how should we power and communicate with wireless sensing devices. More specifically, instead of using batteries, can we leverage other energy sources to reduce, if not eliminate, the dependence on batteries? Similarly, instead of optimizing existing wireless radios, can we fundamentally change how radios transmit wireless signals to achieve lower power consumption? A promising technique to address these questions is backscatter --- a primitive that enables RF energy harvesting and ultra-low-power wireless communication. Backscatter has the potential to reduce dependence on batteries because it can obtain energy by rectifying the wireless signals transmitted by a backscatter reader. Backscatter can also work by reflecting existing wireless signals (WiFi, BLE) when these are available nearby. Because signal reflection only consumes uWs of power, backscatter can enable ultra-low-power wireless communication. However, the use of backscatter for communicating with wireless sensing devices presents several challenges. First, decreasing RF power across distance limits the operational range of micro-powered backscatter devices. This raises the question of how to maintain a communication link with a backscatter device despite tiny amount of harvested power. Second, even though the backscatter RF front-end is extremely power-efficient, the computational and sensing overhead on backscatter sensors limit its ability to operate with a few micro-Watts of power. Such overhead is a negligible factor of overall power consumption for platforms where radio power consumption is high (e.g. WiFi or Bluetooth based devices). However, it becomes the bottleneck for backscatter based platforms. Third, backscatter readers are not currently deployed in existing indoor environments to provide a continuous carrier for carrying backscattered information. As a result, backscatter deployment is not yet widespread. This thesis addresses these challenges by making the following contributions. First, we design a network stack that enables continuous operation despite decreasing harvested power across distance by employing an OS abstraction --- task fragmentation. We show that such a network stack enables packet transfer even when the whole system is powered by a 3cmx3cm solar panel under natural indoor light condition. Second, we design a hardware architecture that minimizes the computational overhead of backscatter to enable over 1Mbps backscatter transmission while consuming less than 100uWs of power, a two order of magnitude improvement over the state-of-the-art. Finally, we design a system that can leverage both ambient WiFi and BLE signals for backscatter. Our empirical evaluation shows that we can backscatter 500bps data on top of a WiFi stream and 50kbps data on top of a Bluetooth stream when the backscatter device is 3m away from the commercial WiFi and Bluetooth receivers

Integrated ZigBee RFID sensor networks for resource tracking and monitoring in logistics management

The Radio Frequency Identification (RFID), which includes passive and active systems and is the hottest Auto-ID technology nowadays, and the wireless sensor network (WSN), which is one of the focusing topics on monitoring and control, are two fast-growing technologies that have shown great potential in future logistics management applications. However, an information system for logistics applications is always expected to answer four questions: Who, What, When and Where (4Ws), and neither of the two technologies is able to provide complete information for all of them. WSN aims to provide environment monitoring and control regarded as When and What , while RFID focuses on automatic identification of various objects and provides Who (ID). Most people usually think RFID can provide Where at all the time. But what normal passive RFID does is to tell us where an object was the last time it went through a reader, and normal active RFID only tells whether an object is presenting on site. This could sometimes be insufficient for certain applications that require more accurate location awareness, for which a system with real-time localization (RTLS), which is an extended concept of RFID, will be necessary to answer Where constantly. As WSN and various RFID technologies provide information for different but complementary parts of the 4Ws, a hybrid system that gives a complete answer by combining all of them could be promising in future logistics management applications. Unfortunately, in the last decade those technologies have been emerging and developing independently, with little research been done in how they could be integrated. This thesis aims to develop a framework for the network level architecture design of such hybrid system for on-site resource management applications in logistics centres. The various architectures proposed in this thesis are designed to address different levels of requirements in the hierarchy of needs, from single integration to hybrid system with real-time localization. The contribution of this thesis consists of six parts. Firstly, two new concepts, Reader as a sensor and Tag as a sensor , which lead to RAS and TAS architectures respectively, for single integrations of RFID and WSN in various scenarios with existing systems; Secondly, a integrated ZigBee RFID Sensor Network Architecture for hybrid integration; Thirdly, a connectionless inventory tracking architecture (CITA) and its battery consumption model adding location awareness for inventory tracking in Hybrid ZigBee RFID Sensor Networks; Fourthly, a connectionless stochastic reference beacon architecture (COSBA) adding location awareness for high mobility target tracking in Hybrid ZigBee RFID Sensor Networks; Fifthly, improving connectionless stochastic beacon transmission performance with two proposed beacon transmission models, the Fully Stochastic Reference Beacon (FSRB) model and the Time Slot Based Stochastic Reference Beacon (TSSRB) model; Sixthly, case study of the proposed frameworks in Humanitarian Logistics Centres (HLCs). The research in this thesis is based on ZigBee/IEEE802.15.4, which is currently the most widely used WSN technology. The proposed architectures are demonstrated through hardware implementation and lab tests, as well as mathematic derivation and Matlab simulations for their corresponding performance models. All the tests and simulations of my designs have verified feasibility and features of our designs compared with the traditional systems

Transiently Powered Computers

Demand for compact, easily deployable, energy-efficient computers has driven the development of general-purpose transiently powered computers (TPCs) that lack both batteries and wired power, operating exclusively on energy harvested from their surroundings. TPCs\u27 dependence solely on transient, harvested power offers several important design-time benefits. For example, omitting batteries saves board space and weight while obviating the need to make devices physically accessible for maintenance. However, transient power may provide an unpredictable supply of energy that makes operation difficult. A predictable energy supply is a key abstraction underlying most electronic designs. TPCs discard this abstraction in favor of opportunistic computation that takes advantage of available resources. A crucial question is how should a software-controlled computing device operate if it depends completely on external entities for power and other resources? The question poses challenges for computation, communication, storage, and other aspects of TPC design. The main idea of this work is that software techniques can make energy harvesting a practicable form of power supply for electronic devices. Its overarching goal is to facilitate the design and operation of usable TPCs. This thesis poses a set of challenges that are fundamental to TPCs, then pairs these challenges with approaches that use software techniques to address them. To address the challenge of computing steadily on harvested power, it describes Mementos, an energy-aware state-checkpointing system for TPCs. To address the dependence of opportunistic RF-harvesting TPCs on potentially untrustworthy RFID readers, it describes CCCP, a protocol and system for safely outsourcing data storage to RFID readers that may attempt to tamper with data. Additionally, it describes a simulator that facilitates experimentation with the TPC model, and a prototype computational RFID that implements the TPC model. To show that TPCs can improve existing electronic devices, this thesis describes applications of TPCs to implantable medical devices (IMDs), a challenging design space in which some battery-constrained devices completely lack protection against radio-based attacks. TPCs can provide security and privacy benefits to IMDs by, for instance, cryptographically authenticating other devices that want to communicate with the IMD before allowing the IMD to use any of its battery power. This thesis describes a simplified IMD that lacks its own radio, saving precious battery energy and therefore size. The simplified IMD instead depends on an RFID-scale TPC for all of its communication functions. TPCs are a natural area of exploration for future electronic design, given the parallel trends of energy harvesting and miniaturization. This work aims to establish and evaluate basic principles by which TPCs can operate

Sistemas eficientes de transmissão de energia sem-fios e identificação por radiofrequência

Doutoramento em Engenharia EletrotécnicaIn the IoT context, where billions of connected objects are expected to be ubiquitously deployed worldwide, the frequent battery maintenance of ubiquitous wireless nodes is undesirable or even impossible. In these scenarios, passive-backscatter radios will certainly play a crucial role due to their low cost, low complexity and battery-free operation. However, as passive-backscatter devices are chiefly limited by the WPT link, its efficiency optimization has been a major research concern over the years, gaining even more emphasis in the IoT context. Wireless power transfer has traditionally been carried out using CW signals, and the efficiency improvement has commonly been achieved through circuit design optimization. This thesis explores a fundamentally different approach, in which the optimization is focused on the powering waveforms, rather than the circuits. It is demonstrated through theoretical analysis, simulations and measurements that, given their greater ability to overcome the built-in voltage of rectifying devices, high PAPR multi-sine (MS) signals are capable of more efficiently exciting energy harvesting circuits when compared to CWs. By using optimal MS signals to excite rectifying devices, remarkable RF-DC conversion efficiency gains of up to 15 dB with respect to CW signals were obtained. In order to show the effectiveness of this approach to improve the communication range of passive-backscatter systems, a MS front-end was integrated in a commercial RFID reader and a significant range extension of 25% was observed. Furthermore, a software-defined radio RFID reader, compliant with ISO18000-6C standard and with MS capability, was constructed from scratch. By interrogating passive RFID transponders with MS waveforms, a transponder sensitivity improvement higher than 3 dB was obtained for optimal MS signals. Since the amplification and transmission of high PAPR signals is critical, this work also proposes efficient MS transmitting architectures based on space power combining techniques. This thesis also addresses other not less important issues, namely self-jamming in passive RFID readers, which is the second limiting factor of passive-backscatter systems. A suitable self-jamming suppression scheme was first used for CW signals and then extended to MS signals, yielding a CW isolation up to 50 dB and a MS isolation up 60 dB. Finally, a battery-less remote control system was developed and integrated in a commercial TV device with the purpose of demonstrating a practical application of wireless power transfer and passive-backscatter concepts. This allowed battery-free control of four basic functionalities of the TV (CH+,CH-,VOL+,VOL-).No contexto da internet das coisas (IoT), onde são esperados bilhões de objetos conectados espalhados pelo planeta de forma ubíqua, torna-se impraticável uma frequente manutenção e troca de baterias dos dispositivos sem fios ubíquos. Nestes cenários, os sistemas radio backscatter passivos terão um papel preponderante dado o seu baixo custo, baixa complexidade e não necessidade de baterias nos nós móveis. Uma vez que a transmissão de energia sem fios é o principal aspeto limitativo nestes sistemas, a sua otimização tem sido um tema central de investigação, ganhando ainda mais ênfase no contexto IoT. Tradicionalmente, a transferência de energia sem-fios é feita através de sinais CW e a maximização da eficiência é conseguida através da otimização dos circuitos recetores. Neste trabalho explora-se uma abordagem fundamentalmente diferente, em que a otimização foca-se nas formas de onda em vez dos circuitos. Demonstra-se, teoricamente e através de simulações e medidas que, devido à sua maior capacidade em superar a barreira de potencial intrínseca dos dispositivos retificadores, os sinais multi-seno (MS) de elevado PAPR são capazes de excitar os circuitos de colheita de energia de forma mais eficiente quando comparados com o sinal CW tradicional. Usando sinais MS ótimos em circuitos retificadores, foram verificadas experimentalmente melhorias de eficiência de conversão RF-DC notáveis de até 15 dB relativamente ao sinal CW. A fim de mostrar a eficácia desta abordagem na melhoria da distância de comunicação de sistemas backscatter passivos, integrou-se um front-end MS num leitor RFID comercial e observou-se um aumento significativo de 25% na distância de leitura. Além disso, desenvolveu-se de raiz um leitor RFID baseado em software rádio, compatível com o protocolo ISO18000-6C e capaz de gerar sinais MS, com os quais interrogou-se transponders passivos, obtendo-se ganhos de sensibilidade dos transponders maiores que 3 dB. Uma vez que a amplificação de sinais de elevado PAPR é uma operação crítica, propôs-se também novas arquiteturas eficientes de transmissão baseadas na combinação de sinais em espaço livre. Esta tese aborda também outros aspetos não menos importantes, como o self-jamming em leitores RFID passivos, tido como o segundo fator limitativo neste tipo de sistemas. Estudou-se técnicas de cancelamento de self-jamming CW e estendeu-se o conceito a sinais MS, tendo-se obtido isolamentos entre o transmissor e o recetor de até 50 dB no primeiro caso e de até 60 dB no segundo. Finalmente, com o objetivo de demonstrar uma aplicação prática dos conceitos de transmissão de energia sem fios e comunicação backscatter, desenvolveu-se um sistema de controlo remoto sem pilhas, cujo protótipo foi integrado num televisor comercial a fim de controlar quatro funcionalidades básicas (CH+,CH-,VOL+,VOL-)