Public key cryptography based privacy preserving multi-context RFID infrastructure

In this paper, We propose a novel approach in designing an RFID infrastructure which foresees the usage of a single RFID tag within different contexts and for multiple purposes. We regard privacy as one of the most important design issues and show that an infrastructure for multi-purpose RFID tags to be used in different contexts can be implemented in a privacy preserving manner. We address security attacks such as cryptanalytic, impersonation, tracking, replay, and relay and show that the protocols used in the proposed infrastructure are secure against them. We also introduce a new angle to privacy in RFID systems by presenting spatio-temporal attacks as an important threat against privacy. We propose a methodology to thwart or alleviate these kinds of attacks. We develop our multi-context RFID infrastructure relying on usage of public key cryptography (PKC), which presents more scalable solutions in the sense that the backend servers can identify the tags approximately 57 times (est.) faster than the best symmetric cipher based systems when there are a million tags in the system. We demonstrate that our infrastructure is feasible even with passive class 2 RFID tags and that the requirements for PKC are comparable to those other cryptographic implementations based on symmetric ciphers proposed for RFID use

An efficient RFID mutual authentication scheme based on ECC

Recently, Radio Frequency Identification (RFID) technique has been widely deployed in many applications, such as medical drugs management in hospitals and missing children searching in amusement parks. The applications basically can be classified into two types: non-public key cryptosystem (PKC)-based and PKC-based. However, many of them have been found to be flawed in the aspect of privacy problem. Therefore, many researchers tried to resolve this problem. They mainly investigated on how low-cost RFID tags can be used in large-scale systems. However, after analyses, we found those studies have some problems, such as suffering physical attack or de-synch attack. Hence, in this paper, we try to design an efficient RFID scheme based on Elliptic Curve Cryptography (ECC) to avoid these problems. After analyses, we conclude that our scheme not only can resist various kinds of attacks but also outperforms the other ECC based RFID schemes in security requirements, with needing only little extra elliptic curve point multiplications

A Novel RFID Authentication Protocol based on Elliptic Curve Cryptosystem

Recently, many researchers have proposed RFID authentication protocols. These protocols are mainly consists of two types: symmetric key based and asymmetric key based. The symmetric key based systems usually have some weaknesses such as suffering brute force, de-synchronization, impersonation, and tracing attacks. In addition, the asymmetric key based systems usually suffer from impersonation, man-in-the-middle, physical, and tracing attacks. To get rid of those weaknesses and reduce the system workload, we adopt elliptic curve cryptosystem (ECC) to construct an asymmetric key based RFID authentication system. Our scheme needs only two passes and can resist various kinds of attacks. It not only outperforms the other RFID schemes having the same security level but also is the most efficient

Priority based tag authentication and routing algorithm for intermodal containers RFID sensor network

Intermodal containers transportation management has always been a serious issue among logistics worldwide companies where the application of secure mobile information technologies (e.g. radio frequency identification systems (RFID) and sensor networks) could significantly improve the current situation by sending managers all the needed transportation conditions information. In this paper, we have focused on improving managerial decision making method by introducing the expert system evaluation functionality in a common software solution CTRMS for additional ICT risks evaluation. The basic risks involved in transportation and the appropriate measures are introduced as well. The pre-defined RFID sensor network was used to develop an optimal tag authentication and routing algorithm where tags and reader authentication protocols were defined and based upon the highest security assurance and the reader to tag response time criterias. A Nearest Neighbor (NN) heuristic approach and a Priority setting method were used to address the problem of routing within the RFID sensor network between tags with the objective function of minimizing the data transfer time between tags with the highest priority values. Computational results also indicate that when the tags have the same level of confidence in the system, they can exchange information without any additional verification, so making the authentication protocol less time consuming and therefore more effective against other proposed protocols

In search of the radio frequency identification (RFID) implementation framework: Lessons from the United Kingdom's public sector

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.This study presents a normative framework of the RFID implementation process in the UK public sector. It was motivated by the lack of socio-technical studies on the RFID implementation process in the UK public sector and the need for existing and potential RFID project managers to have an implementation model which could guide their effort in implementing any RFID initiatives in the sector. The study has been conducted through a combination of case study research and grounded theory research approach. Primary data have been collected from the in-depth interviews conducted with the RFID project managers from seven public sector organisations, i.e., five libraries and two hospitals. The analyses of the data were in two main stages. The first stage involved the analysis of the RFID implementation process in each of the organisations and the second stage involved a cross analysis of the RFID implementation process across the entire organisations. Potential contribution towards the existing body of knowledge on RFID implementation was in the form of a normative framework of RFID implementation process in the public sector. This framework describes the main and sub activities in the implementation process, and illustrates the dissimilarities and similarities between the implementation processes. Consequently, the implications of the study to the existing and potential RFID project managers in the public sector and also to the study of information system and RFID implementation are discussed

Cryptographic Approaches To Security and Privacy Issues In Pervasive Computing

Technological innovation has enabled tiny devices to participate in pervasive com- puting. Such devices are particularly vulnerable to security and privacy threats, because of their limited computing resources and relatively weak physical security. We investigate possible cryptographic solutions to security and privacy problems arising in two kinds of emerging pervasive computing networks: Personal Area Net- works (PANs) and the EPCglobal Network. A number of key management schemes have been proposed for use in PANs, but these schemes only support key management within a PAN. However, as people are increasingly equipped with multiple wireless devices, PANs are likely to be intercon- nected to share information or services. We introduce a term, iPANs, to name such interconnected PANs. We define system models and design goals for key manage- ment in iPANs, and propose a novel security initialisation scheme for use in iPANs. The proposed scheme achieves desirable security and efficiency properties by making use of the unique characteristics of PANs. The EPCglobal Network is designed to give efficiency and cost savings in and beyond the supply chain using Radio Frequency Identification (RFID) technology; however, privacy threats affecting such networks are particularly serious. We construct a formal privacy model for RFID systems accurately reflecting adversarial threats and power. We then give brief privacy analysis for the existing privacy-enhanced RFID schemes which have received wide attention in the literature. We then construct a secure refresh-based RFID system based on re-encryption techniques, and prove its privacy using the defined privacy model. Finally, we show that the proposed scheme can greatly enhance the security and privacy of EPC tags, making the maximum use of given tag functionalities as specified in the standards

Low-complexity, low-area computer architectures for cryptographic application in resource constrained environments

RCE (Resource Constrained Environment) is known for its stringent hardware design requirements. With the rise of Internet of Things (IoT), low-complexity and low-area designs are becoming prominent in the face of complex security threats. Two low-complexity, low-area cryptographic processors based on the ultimate reduced instruction set computer (URISC) are created to provide security features for wireless visual sensor networks (WVSN) by using field-programmable gate array (FPGA) based visual processors typically used in RCEs. The first processor is the Two Instruction Set Computer (TISC) running the Skipjack cipher. To improve security, a Compact Instruction Set Architecture (CISA) processor running the full AES with modified S-Box was created. The modified S-Box achieved a gate count reduction of 23% with no functional compromise compared to Boyar’s. Using the Spartan-3L XC3S1500L-4-FG320 FPGA, the implementation of the TISC occupies 71 slices and 1 block RAM. The TISC achieved a throughput of 46.38 kbps at a stable 24MHz clock. The CISA which occupies 157 slices and 1 block RAM, achieved a throughput of 119.3 kbps at a stable 24MHz clock. The CISA processor is demonstrated in two main applications, the first in a multilevel, multi cipher architecture (MMA) with two modes of operation, (1) by selecting cipher programs (primitives) and sharing crypto-blocks, (2) by using simple authentication, key renewal schemes, and showing perceptual improvements over direct AES on images. The second application demonstrates the use of the CISA processor as part of a selective encryption architecture (SEA) in combination with the millions instructions per second set partitioning in hierarchical trees (MIPS SPIHT) visual processor. The SEA is implemented on a Celoxica RC203 Vertex XC2V3000 FPGA occupying 6251 slices and a visual sensor is used to capture real world images. Four images frames were captured from a camera sensor, compressed, selectively encrypted, and sent over to a PC environment for decryption. The final design emulates a working visual sensor, from on node processing and encryption to back-end data processing on a server computer

In search of the radio frequency identification (RFID) implementation framework : lessons from the United Kingdom's public sector

This study presents a normative framework of the RFID implementation process in the UK public sector. It was motivated by the lack of socio-technical studies on the RFID implementation process in the UK public sector and the need for existing and potential RFID project managers to have an implementation model which could guide their effort in implementing any RFID initiatives in the sector. The study has been conducted through a combination of case study research and grounded theory research approach. Primary data have been collected from the in-depth interviews conducted with the RFID project managers from seven public sector organisations, i.e., five libraries and two hospitals. The analyses of the data were in two main stages. The first stage involved the analysis of the RFID implementation process in each of the organisations and the second stage involved a cross analysis of the RFID implementation process across the entire organisations. Potential contribution towards the existing body of knowledge on RFID implementation was in the form of a normative framework of RFID implementation process in the public sector. This framework describes the main and sub activities in the implementation process, and illustrates the dissimilarities and similarities between the implementation processes. Consequently, the implications of the study to the existing and potential RFID project managers in the public sector and also to the study of information system and RFID implementation are discussed.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Low-complexity, low-area computer architectures for cryptographic application in resource constrained environments

RCE (Resource Constrained Environment) is known for its stringent hardware design requirements. With the rise of Internet of Things (IoT), low-complexity and low-area designs are becoming prominent in the face of complex security threats. Two low-complexity, low-area cryptographic processors based on the ultimate reduced instruction set computer (URISC) are created to provide security features for wireless visual sensor networks (WVSN) by using field-programmable gate array (FPGA) based visual processors typically used in RCEs. The first processor is the Two Instruction Set Computer (TISC) running the Skipjack cipher. To improve security, a Compact Instruction Set Architecture (CISA) processor running the full AES with modified S-Box was created. The modified S-Box achieved a gate count reduction of 23% with no functional compromise compared to Boyar’s. Using the Spartan-3L XC3S1500L-4-FG320 FPGA, the implementation of the TISC occupies 71 slices and 1 block RAM. The TISC achieved a throughput of 46.38 kbps at a stable 24MHz clock. The CISA which occupies 157 slices and 1 block RAM, achieved a throughput of 119.3 kbps at a stable 24MHz clock. The CISA processor is demonstrated in two main applications, the first in a multilevel, multi cipher architecture (MMA) with two modes of operation, (1) by selecting cipher programs (primitives) and sharing crypto-blocks, (2) by using simple authentication, key renewal schemes, and showing perceptual improvements over direct AES on images. The second application demonstrates the use of the CISA processor as part of a selective encryption architecture (SEA) in combination with the millions instructions per second set partitioning in hierarchical trees (MIPS SPIHT) visual processor. The SEA is implemented on a Celoxica RC203 Vertex XC2V3000 FPGA occupying 6251 slices and a visual sensor is used to capture real world images. Four images frames were captured from a camera sensor, compressed, selectively encrypted, and sent over to a PC environment for decryption. The final design emulates a working visual sensor, from on node processing and encryption to back-end data processing on a server computer