Lightweight and Practical Anonymous Authentication Protocol for RFID systems using physically unclonable functions

Radio frequency identification (RFID) has been considered one of the imperative requirements for implementation of Internet-of-Things applications. It helps to solve the identification issues of the things in a cost-effective manner, but RFID systems often suffer from various security and privacy issues. To solve those issues for RFID systems, many schemes have been recently proposed by using the cryptographic primitive, called physically uncloneable functions (PUFs), which can ensure a tamper-evident feature. However, to the best of our knowledge, none of them has succeeded to address the problem of privacy preservation with the resistance of DoS attacks in a practical way. For instance, existing schemes need to rely on exhaustive search operations to identify a tag, and also suffer from several security and privacy related issues. Furthermore, a tag needs to store some security credentials (e.g., secret shared keys), which may cause several issues such as loss of forward and backward secrecy and large storage costs. Therefore, in this paper, we first propose a lightweight privacy-preserving authentication protocol for the RFID system by considering the ideal PUF environment. Subsequently, we introduce an enhanced protocol which can support the noisy PUF environment. It is argued that both of our protocols can overcome the limitations of existing schemes, and further ensure more security properties. By analyzing the performance, we have shown that the proposed solutions are secure, efficient, practical, and effective for the resource-constraint RFID tag

SecuCode: Intrinsic PUF Entangled Secure Wireless Code Dissemination for Computational RFID Devices

The simplicity of deployment and perpetual operation of energy harvesting devices provides a compelling proposition for a new class of edge devices for the Internet of Things. In particular, Computational Radio Frequency Identification (CRFID) devices are an emerging class of battery-free, computational, sensing enhanced devices that harvest all of their energy for operation. Despite wireless connectivity and powering, secure wireless firmware updates remains an open challenge for CRFID devices due to: intermittent powering, limited computational capabilities, and the absence of a supervisory operating system. We present, for the first time, a secure wireless code dissemination (SecuCode) mechanism for CRFIDs by entangling a device intrinsic hardware security primitive Static Random Access Memory Physical Unclonable Function (SRAM PUF) to a firmware update protocol. The design of SecuCode: i) overcomes the resource-constrained and intermittently powered nature of the CRFID devices; ii) is fully compatible with existing communication protocols employed by CRFID devices in particular, ISO-18000-6C protocol; and ii) is built upon a standard and industry compliant firmware compilation and update method realized by extending a recent framework for firmware updates provided by Texas Instruments. We build an end-to-end SecuCode implementation and conduct extensive experiments to demonstrate standards compliance, evaluate performance and security.Comment: Accepted to the IEEE Transactions on Dependable and Secure Computin

A Novel RFID Distance Bounding Protocol Based on Physically Unclonable Functions

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.Radio Frequency Identification (RFID) systems are vulnerable to relay attacks (i.e., mafia, terrorist and distance frauds) when they are used for authentication purposes. Distance bounding protocols are particularly designed as a countermeasure against these attacks. These protocols aim to ensure that the tags are in a distant area by measuring the round-trip delays during a rapid challenge-response exchange of short authenticated messages. Terrorist fraud is the most challenging attack to avoid, because a legitimate user (a tag owner) collaborates with an attacker to defeat the authentication system. Many RFID distance bounding protocols have been proposed recently, with encouraging results. However, none of them provides the ideal security against the terrorist fraud. Motivated by this need, we first introduce a strong adversary model for Physically Unclonable Functions (PUFs) based authentication protocol in which the adversary has access to volatile memory of the tag. We show that the security of Sadeghi et al.’s PUF based authentication protocol is not secure in this model. We provide a new technique to improve the security of their protocol. Namely, in our scheme, even if an adversary has access to volatile memory she cannot obtain all long term keys to clone the tag. Next, we propose a novel RFID distance bounding protocol based on PUFs which satisfies the expected security requirements. Comparing to the previous protocols, the use of PUFs in our protocol enhances the system in terms of security, privacy and tag computational overhead. We also prove that our extended protocol with a final signature provides the ideal security against all those frauds, remarkably the terrorist fraud. Besides that, our protocols enjoy the attractive properties of PUFs, which provide the most cost efficient and reliable means to fingerprint chips based on their physical properties

Lightweight mutual authentication, owner transfer, and secure search protocols for RFID systems

RFID technology can potentially be applied almost everywhere. A typical RFID system involves a reader and a number of tags, which may range from the battery-powered ones with Wi-Fi capabilities, to the low-cost ones that are constrained in resources with even no internal power. Keeping RFID systems secure is important, because they are vulnerable to a number of malicious attacks. As for low-cost RFID systems, security problems become much more challenging, as many traditional security mechanisms are inefficient or even impossible due to resource constraints. Some existing solutions utilize traditional cryptographic primitives such as hash or encryption functions, which are often too expensive in hardware to be implemented on low-cost RFID tags. Furthermore, some other lightweight solutions have been reported to be broken, revealing their keys and ID numbers to the attackers. In this thesis, we propose lightweight solutions to Mutual Authentication and Ownership Transfer for RFID systems. Mutual Authentication mitigates the issues of eavesdropping and cloning of tags. Only authenticated readers and tags will successfully communicate with each other. Furthermore, we adapt our Mutual Authentication scheme to secure the Ownership Transfer of RFID tags, which is a pertinent issue in the scope of RFID. When an item passes from one owner to another, it is undesirable for the old owner to be able to access the tag or read data from it. The new user must therefore update the access-granting information without revealing this to the old owner. Tag search is another important functionality that a RFID system should provide. In this thesis, we study how to secure tag search with a focus on low-cost RFID systems for which existing solution is not efficient. These protocols are all realized by utilizing minimalistic cryptography such as Physically Unclonable Functions (PUF) and Linear Feedback Shift Registers (LFSR). PUFs and LFSRs are very efficient in hardware, and provide the low-cost RFID tags with unique characteristics that prevent a multitude of attacks. Compared to existing solutions built on top of hash functions that require 8000 - 10000 gates, our experimental results show that the schemes we propose demand only between 650 - 1400 gates for 64 bit variables and can be easily accommodated by the cheapest RFID tags with only 2000 gates available for security functions

Evaluation of PUF and QKD integration techniques as root of trust in communication systems

Quantum Cryptography could be the next key technology in terms of secure communication, but, as with every new technology, it presents problems that need to be solved in order to become a reality in daily life. This work discusses the integration of Physical Unclonable Functions (PUFs) as a solution for the authentication of the endpoints in quantum communication protocols. The use of PUF constructions would allow the authentication of devices without the need of relying on third parties, and support switched trustworthy quantum communication channels; two unseen features in Quantum Key Distribution (QKD) until now. We analyze in detail PUF integration within the BB84 protocol, as it is the foundation for all QKD protocols, and two proposals for an authentication scheme are made, depending on the connection characteristics of the communication endpoints and the distance between them. These proposals are then generalized for other types of QKD protocol. Moreover, different types of PUF are analyzed to conclude which ones are the most suitable for our purpose.La Criptografía Cuántica podría ser la próxima tecnología clave en relación a la seguridad de las comunicaciones pero, como toda nueva tecnología, presenta problemas que deben ser resueltos antes de llegar a ser una realidad en el día a día. Este trabajo discute la integración de Funciones Físicas No-Clonables (PUFs, por sus siglas en inglés) como solución a la autenticación de los extremos en un protocolo de comunicación cuántica. El uso de PUFs permitiría la autenticación de dispositivos sin necesidad de depender de terceros, además de abrir la posibilidad a la conmutación de canales de comunicación cuántica; dos características nunca vistas en la Distribución Cuántica de Claves (QKD, por sus siglas en inglés) hasta ahora. Se analiza en detalle la integración de PUFs en el protocolo BB84, ya que es la base de todos los protocolos de QKD, y se proponen dos esquemas de autenticación distintos, atendiendo a las características de los extremos de la comunicación y la distancia entre ellos. Después, estas propuestas se generalizan para el resto de protocolos de QKD. Además, se estudian distintos tipos de PUF con el objeto de encontrar la más adecuada para nuestro propósito.Universidad de Sevilla. Grado en Físic

Trusted and Privacy-preserving Embedded Systems: Advances in Design, Analysis and Application of Lightweight Privacy-preserving Authentication and Physical Security Primitives

Radio Frequency Identification (RFID) enables RFID readers to perform fully automatic wireless identification of objects labeled with RFID tags and is widely deployed to many applications, such as access control, electronic tickets and payment as well as electronic passports. This prevalence of RFID technology introduces various risks, in particular concerning the privacy of its users and holders. Despite the privacy risk, classical threats to authentication and identification systems must be considered to prevent the adversary from impersonating or copying (cloning) a tag. This thesis summarizes the state of the art in secure and privacy-preserving authentication for RFID tags with a particular focus on solutions based on Physically Unclonable Functions (PUFs). It presents advancements in the design, analysis and evaluation of secure and privacy-preserving authentication protocols for RFID systems and PUFs. Formalizing the security and privacy requirements on RFID systems is essential for the design of provably secure and privacy-preserving RFID protocols. However, existing RFID security and privacy models in the literature are often incomparable and in part do not reflect the capabilities of real-world adversaries. We investigate subtle issues such as tag corruption aspects that lead to the impossibility of achieving both mutual authentication and any reasonable notion of privacy in one of the most comprehensive security and privacy models, which is the basis of many subsequent works. Our results led to the refinement of this privacy model and were considered in subsequent works on privacy-preserving RFID systems. A promising approach to enhance the privacy in RFID systems without lifting the computational requirements on the tags are anonymizers. These are special devices that take off the computational workload from the tags. While existing anonymizer-based protocols are subject to impersonation and denial-of-service attacks, existing RFID security and privacy models do not include anonymizers. We present the first security and privacy framework for anonymizer-enabled RFID systems and two privacy-preserving RFID authentication schemes using anonymizers. Both schemes achieve several appealing features that were not simultaneously achieved by any previous proposal. The first protocol is very efficient for all involved entities, achieves privacy under tag corruption. It is secure against impersonation attacks and forgeries even if the adversary can corrupt the anonymizers. The second scheme provides for the first time anonymity and untraceability of tags against readers as well as secure tag authentication against collisions of malicious readers and anonymizers using tags that cannot perform public-key cryptography (i.e., modular exponentiations). The RFID tags commonly used in practice are cost-efficient tokens without expensive hardware protection mechanisms. Physically Unclonable Functions (PUFs) promise to provide an effective security mechanism for RFID tags to protect against basic hardware attacks. However, existing PUF-based RFID authentication schemes are not scalable, allow only for a limited number of authentications and are subject to replay, denial-of-service and emulation attacks. We present two scalable PUF-based authentication schemes that overcome these problems. The first protocol supports tag and reader authentication, is resistant to emulation attacks and highly scalable. The second protocol uses a PUF-based key storage and addresses an open question on the feasibility of destructive privacy, i.e., the privacy of tags that are destroyed during tag corruption. The security of PUFs relies on assumptions on physical properties and is still under investigation. PUF evaluation results in the literature are difficult to compare due to varying test conditions and different analysis methods. We present the first large-scale security analysis of ASIC implementations of the five most popular electronic PUF types, including Arbiter, Ring Oscillator, SRAM, Flip-Flop and Latch PUFs. We present a new PUF evaluation methodology that allows a more precise assessment of the unpredictability properties than previous approaches and we quantify the most important properties of PUFs for their use in cryptographic schemes. PUFs have been proposed for various applications, including anti-counterfeiting and authentication schemes. However, only rudimentary PUF security models exist, limiting the confidence in the security claims of PUF-based security mechanisms. We present a formal security framework for PUF-based primitives, which has been used in subsequent works to capture the properties of image-based PUFs and in the design of anti-counterfeiting mechanisms and physical hash functions