Prevention And Detection Mechanism For Security In Passive Rfid System

Low-cost radio frequency identification (RFID) tags conforming to the EPCglobal Class-1 Generation-2 standard are inherently insecure due to computational constraints. This thesis proposed the use of both prevention and detection mechanisms to solve the security and privacy issues. A lightweight cryptographic mutual authentication protocol which is resistant to tracking, denial of service (DoS) and replay attacks is proposed as a prevention mechanism. The proposed protocol is designed with lightweight cryptographic algorithm, including XOR, Hamming distance, rotation and a modified linear congruential generator (MLCG). The proposed protocol using 64 bits index is proved having the lowest non-unequivocally identification probability. In addition, the randomness of the session key generated from the MLCG is verified using NIST test suite. Besides that, the security of the proposed protocol is validated using the formal analysis tool, AVISPA. The correctness of the proposed protocol is demonstrated in a simulation model developed in JAVA TCP/IP socket. Next, the proposed protocol is implemented in RFID system including IAIK UHF Demo tag, TagSense Nano-UHF reader and back-end database. A GUI is created in a form of JAVA application to display data detected from tag. The proposed protocol implemented in real RFID system outperforms other related protocols because of 13.46 % shorter read time and write time consumed. The system is proved to be able to prevent tracking, DoS, and replay attacks from adversaries with moderate computation requirement compared to other related protocols

Multiancestry analysis of the HLA locus in Alzheimer’s and Parkinson’s diseases uncovers a shared adaptive immune response mediated by HLA-DRB1*04 subtypes

Across multiancestry groups, we analyzed Human Leukocyte Antigen (HLA) associations in over 176,000 individuals with Parkinson’s disease (PD) and Alzheimer’s disease (AD) versus controls. We demonstrate that the two diseases share the same protective association at the HLA locus. HLA-specific fine-mapping showed that hierarchical protective effects of HLA-DRB1*04 subtypes best accounted for the association, strongest with HLA-DRB1*04:04 and HLA-DRB1*04:07, and intermediary with HLA-DRB1*04:01 and HLA-DRB1*04:03. The same signal was associated with decreased neurofibrillary tangles in postmortem brains and was associated with reduced tau levels in cerebrospinal fluid and to a lower extent with increased Aβ42. Protective HLA-DRB1*04 subtypes strongly bound the aggregation-prone tau PHF6 sequence, however only when acetylated at a lysine (K311), a common posttranslational modification central to tau aggregation. An HLA-DRB1*04-mediated adaptive immune response decreases PD and AD risks, potentially by acting against tau, offering the possibility of therapeutic avenues

Weakness of ultra-lightweight mutual authentication protocol for IoT devices using RFlD tags

Internet of Things (IoT) has stimulated great interest in many researchers owing to its capability to connect billions of physical devices to the internet via heterogeneous access network. Security is a paramount aspect of IoT that needs to be addressed urgently to keep sensitive data private. However, from previous research studies, a number of security flaws in terms of keeping data private can be identified. Tewari and Gupta proposed an ultra-lightweight mutual authentication pRotocol that utilizes bitwise operation to achieve security in IoT networks that use RFID tags. The pRotocol is improved by Wang et. al. to prevent a full key disclosure attack. However, this paper shows that both of the pRotocols are susceptible to full disclosure, man-in-the-middle, tracking, and de-synchronization attacks. A detailed security analysis is conducted and results are presented to prove their vulnerability. Based on the aforementioned analysis, the pRotocol is modified and improved using a three pass mutual authentication. GNY logic is used to formally verify the security of the pRotocol.</p

Security flaws and improvement of a cloud-based authentication protocol for RFID supply chain systems

Cloud-based radio frequency identification (RFID) is an emerging solution for supply chain systems to solve capacity limitation found in a traditional backend server. However, most of the solutions proposed in previous research works are not suitable to be implemented for resource constrained RFID tags. Therefore, a cloud-based mutual authentication (CMA) protocol was proposed by Lin et al. using a hash function and exclusive-OR and was claimed to achieve confidentiality, untraceability, mutual authentication, and forward secrecy. Furthermore, it was claimed that the protocol is resistant to tag/reader impersonation attacks, replay attacks, desynchronization attacks, and denial of service (DoS) attacks. However, this paper proves that the CMA protocol is vulnerable to two types of attack, namely desynchronization and DoS attacks. A detailed security analysis of the CMA protocol is shown in this paper to prove its security vulnerability. In addition, an enhanced CMA protocol is proposed in this paper that is secure against desynchronization and DoS attacks

Prevention and Detection Methods for Enhancing Security in an RFID System

Low-cost radio frequency identification (RFID) tag is exposed to various security and privacy threats due to computational constraint. This paper proposes the use of both prevention and detection techniques to solve the security and privacy issues. A mutual authentication protocol with integration of tag's unique electronic fingerprint is proposed to enhance the security level in RFID communication. A lightweight cryptographic algorithm that conforms to the EPCglobal Class-1 Generation-2 standard is proposed to prevent replay attack, denial of service, and data leakage issues. The security of the protocol is validated by using formal analysis tool, AVISPA. The received power of tag is used as a unique electronic fingerprint to detect cloning tags. t -test algorithm is used to analyze received power of tag at single-frequency band to distinguish between legitimate and counterfeit tag. False acceptance rate (FAR), false rejection rate (FRR), receiver operating characteristic (ROC) curve, and equal error rate (EER) were implemented to justify the robustness of t -test in detecting counterfeit tags. Received power of tag at single frequency band that was analyzed by using t -test was proved to be able to detect counterfeit tag efficiently as the area under the ROC curve obtained is high (0.922)

Scalable Lightweight Protocol for Interoperable Public Blockchain-Based Supply Chain Ownership Management

Scalability prevents public blockchains from being widely adopted for Internet of Things (IoT) applications such as supply chain management. Several existing solutions focus on increasing the transaction count, but none of them address scalability challenges introduced by resource-constrained IoT device integration with these blockchains, especially for the purpose of supply chain ownership management. Thus, this paper solves the issue by proposing a scalable public blockchain-based protocol for the interoperable ownership transfer of tagged goods, suitable for use with resource-constrained IoT devices such as widely used Radio Frequency Identification (RFID) tags. The use of a public blockchain is crucial for the proposed solution as it is essential to enable transparent ownership data transfer, guarantee data integrity, and provide on-chain data required for the protocol. A decentralized web application developed using the Ethereum blockchain and an InterPlanetary File System is used to prove the validity of the proposed lightweight protocol. A detailed security analysis is conducted to verify that the proposed lightweight protocol is secure from key disclosure, replay, man-in-the-middle, de-synchronization, and tracking attacks. The proposed scalable protocol is proven to support secure data transfer among resource-constrained RFID tags while being cost-effective at the same time

Statistical analysis of engine system-level factors for palm biodiesel fuelled diesel engine responses

In this study, a 0D/1D gas dynamics numerical model of a single-cylinder, 4-stroke diesel engine is used to simulate entire engine cycle from air intake to exhaust product. The engine model is successfully validated against experimental data of both palm biodiesel and fossil diesel for pertinent combustion parameters such as pressure trace, rate of heat release and ignition delay period. This allows rapid system-level thermodynamics simulation of the entire engine. From it, 2000 cases generated from a combination of 13 engine parameters from within the combustion chamber, fuel injector and engine gas flow path, each with four levels were simulated and statistically analysed. Statistically significant independent main effects for outputs such as NOx, soot, brake specific fuel consumption and indicated power were identified using analysis of variance. Eight predictor equations to correlate the engine parameters to the outputs for both palm biodiesel and diesel were also formulated. In all, this study demonstrated the use of a validated simulation model for large parametric studies of engine parameters through the use of statistical analysis. The outcomes of this study can help in the design and optimisation of biodiesel fuelled diesel engines

Ultralightweight mutual authentication RFID protocol for blockchain enabled supply chains

Previous research studies mostly focused on enhancing the security of radio frequency identification (RFID) protocols for various RFID applications that rely on a centralized database. However, blockchain technology is quickly emerging as a novel distributed and decentralized alternative that provides higher data protection, reliability, immutability, transparency, and lower management costs compared with a conventional centralized database. These properties make it extremely suitable for integration in a supply chain management system. In order to successfully fuse RFID and blockchain technologies together, a secure method of communication is required between the RFID tagged goods and the blockchain nodes. Therefore, this paper proposes a robust ultra-lightweight mutual authentication RFID protocol that works together with a decentralized database to create a secure blockchain-enabled supply chain management system. Detailed security analysis is performed to prove that the proposed protocol is secure from key disclosure, replay, man-in-the-middle, de-synchronization, and tracking attacks. In addition to that, a formal analysis is conducted using Gong, Needham, and Yahalom logic and automated validation of internet security protocols and applications tool to verify the security of the proposed protocol. The protocol is proven to be efficient with respect to storage, computational, and communication costs. In addition to that, a further step is taken to ensure the robustness of the protocol by analyzing the probability of data collision written to the blockchain.</p