A Survey of RFID Authentication Protocols Based on Hash-Chain Method

Security and privacy are the inherent problems in RFID communications. There are several protocols have been proposed to overcome those problems. Hash chain is commonly employed by the protocols to improve security and privacy for RFID authentication. Although the protocols able to provide specific solution for RFID security and privacy problems, they fail to provide integrated solution. This article is a survey to closely observe those protocols in terms of its focus and limitations.Comment: Third ICCIT 2008 International Conference on Convergence and Hybrid Information Technolog

Enhancing the Key Distribution Model in the RFID-Enabled Supply Chains

Abstract—In this paper, we point out the use of secret sharing strategies as a promising solution for managing the key distribu-tion and recovery in the Radio Frequency IDentification (RFID)-enabled supply chains. To this end, we designed a new model based on a secret sharing approach to solve the key distribution issue within the supply chains. We further proposed a secret key update protocol incorporating a resynchronisation capability to counter the disruptive effects of location tracking, replay attacks, and desynchronisation attacks. Compared with relevant approaches, our work demonstrates a number of advantages in terms of security and performance. Index Terms—RFID; key management; secret sharing; I

An algebraic time-advantage-based key establishment protocol

In this thesis we have built a key-establishment protocol which takes advantage of a resource : time. When two devices spends a pre-determined, mostly uninterrupted time interval with each other they would be able to establish a key. However it is not just the quantity of time but also the quality which matters. The information gained about the key with time by the legitimate party can is flexible and can be chosen by the user. We have analyzed our protocol thoroughly and discussed the circumstances an adversary can gain access to information about the key

A Secure Quorum Based Multi-Tag RFID System

Radio Frequency Identification (RFID) technology has been expanded to be used in different fields that need automatic identifying and verifying of tagged objects without human intervention. RFID technology offers a great advantage in comparison with barcodes by providing accurate information, ease of use and reducing of labour cost. These advantages have been utilised by using passive RFID tags. Although RFID technology can enhance the efficiency of different RFID applications systems, researchers have reported issues regarding the use of RFID technology. These issues are making the technology vulnerable to many threats in terms of security and privacy. Different RFID solutions, based on different cryptography primitives, have been developed. Most of these protocols focus on the use of passive RFID tags. However, due to the computation feasibility in passive RFID tags, these tags might be vulnerable to some of the security and privacy threats. , e.g. unauthorised reader can read the information inside tags, illegitimate tags or cloned tags can be accessed by a reader. Moreover, most consideration of reserchers is focus on single tag authentication and mostly do not consider scenarios that need multi-tag such as supply chain management and healthcare management. Secret sharing schemes have been also proposed to overcome the key management problem in supply chain management. However, secret sharing schemes have some scalability limitations when applied with high numbers of RFID tags. This work is mainly focused on solving the problem of the security and privacy in multi-tag RFID based system. In this work firstly, we studied different RFID protocols such as symmetric key authentication protocols, authentication protocols based on elliptic curve cryptography, secret sharing schemes and multi-tag authentication protocols. Secondly, we consider the significant research into the mutual authentication of passive RFID tags. Therefore, a mutual authentication scheme that is based on zero-knowledge proof have been proposed . The main object of this work is to develop an ECC- RFID based system that enables multi-RFID tags to be authenticated with one reader by using different versions of ECC public key encryption schemes. The protocol are relied on using threshold cryptosystems that operate ECC to generate secret keys then distribute and stored secret keys among multi RFID tags. Finally, we provide performance measurement for the implementation of the proposed protocols.Ministry of higher education and scientific research, Baghdad-Ira

Practical Minimalist Cryptography for RFID Privacy

Abstract — The fear of unauthorized, hidden readouts has dominated the RFID privacy debate. Virtually all proposed privacy mechanisms so far require consumers to actively and explicitly protect read access to their tagged items – either by jamming rogue readers or by encrypting or pseudonymizing their tags. While this approach might work well for activists and highly concerned individuals, it is unlikely (and rather undesirable) that the average consumer should be outfitted with RFID jamming devices before stepping outside, or that anyone would bother pseudonymizing every can of soda they buy with a personal PIN code. Juels ’ “minimalist cryptography” offers a simple, yet effective identification and tracking protection based on simple ID rotation, but it requires that the corresponding mappings (i.e., from pseudonyms to real IDs) are electronically exchanged whenever a product changes hands (e.g., for buying a pack of chewing gums at a kiosk) – a rather impractical requirement. Our work extends Juels ’ concept in order to alleviate the need for passing ID mapping tables. Using carefully assembled sets of IDs based on the cryptographic principle of secret shares, we can create RFID tags that yield virtually no information to casual “hit-and-run ” attackers, but only reveal their true ID after continuous and undisturbed reading from up-close – something that can hardly go unnoticed by an item’s owner. This paper introduces the underlying mechanism of our extension to Juels ’ proposal, called “Shamir Tag”, analyzes its tracking resistance and identification performance, and discusses deployment aspects. Index Terms — RFID, privacy, Shamir, minimalist cryptography, secret sharin