Randomized PRF Tree Walking Algorithm for Secure RFID

Slides:

Advertisements

Similar presentations

Victor K. Y. Wu Department of Electrical Engineering

Advertisements

1 An Ultra-lightweight Authentication Protocol in RFID Speaker: 魏家惠.

Fast and Reliable Estimation Schemes in RFID Systems Murali Kodialam and Thyaga Nandagopal Bell Labs, Lucent Technologies.

Department of Computer Science University of Virginia The Practicality of Multi-Tag RFID Systems Leonid Bolotnyy Scott Krize Gabriel Robins.

Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

Lesson Title: Threats to and by an RFID system Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.

Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.

Authenticating streamed data in the presence of random packet loss March 17th, Philippe Golle, Stanford University.

Thermo & Stat Mech - Spring 2006 Class 27 1 Thermodynamics and Statistical Mechanics Random Walk.

#1 Privacy in pervasive computing What can technologists do? David Wagner U.C. Berkeley In collaboration with David Molnar, Andrea Soppera, Ari Juels.

RFID Cardinality Estimation with Blocker Tags

1 Cryptographically Strong Pseudorandom Functions and Their Applications 陳昱升碩士學位論文中興大學資訊科學系 2006 年 6 月.

David Molnar, David Wagner - Authors Eric McCambridge - Presenter.

1 Cardinality Estimation for Large-scale RFID Systems Chen Qian, Hoilun Ngan, and Yunhao Liu Hong Kong University of Science and Technology.

- 1 - Secure and Serverless RFID Authentication and Search Protocols Chiu C. Tan, Bo Sheng, and Qun Li IEEE Transactions on Wireless Communication APRIL.

Developing RFID Application In Supply Chain

Panagiotis Rizomiliotis and Stefanos Gritzalis Dept. of Information and Communication Systems Engineering University of the Aegean, Greece GHB#: A Provably.

1 Ch. 17: Security of RFID slide 1. 2 Roles of RFID applications slide 2 TagsReaderServer(Database) Secure channel Slides modified from presentation by.

多媒體網路安全實驗室 An Efficient RFID Authentication Protocol for Low-cost Tags Date ： Reporter : Hong Ji Wei Authors : Yanfei Liu From : 2008 IEEE/IFIP.

Introduction to Stream Cipher Sayed Mahdi Mohammad Hasanzadeh Spring 2004.

EPCglobal Network Security: Research Challenges and Solutions Yingjiu Li Assistant Professor School of Information Systems Singapore Management University.

Physically Unclonable Function– Based Security and Privacy in RFID Systems Leonid Bolotnyy and Gabriel Robins Dept. of Computer Science University of Virginia.

Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions Shaoying Cai 1 Yingjiu Li 1 Tieyan Li 2 Robert H. Deng 1 1 Singapore.

Shanti Bramhacharya and Nick McCarty. This paper deals with the vulnerability of RFIDs A Radio Frequency Identifier or RFID is a small device used to.

Qinghan Xiao, Cam Boulet and Thomas Gibbons Second International Conference on Availability, Reliability and Security, 2007 Speaker : 黃韋綸 RFID Security.

Feasible Privacy for Lightweight RFID Systems David Evans work with Karsten Nohl University of Virginia SPAR Seminar Johns Hopkins University 17 October.

Computer Science Department of University of Virginia  Voltage on a tag Radio Frequency Identification Systems New Ideas and Algorithms Introduction to.

Chapter 8 – Tree-based Anti-Collision Protocols for RFID tags

Jonathan Katz University of Maryland Andrew Lindell Aladdin Knowledge Systems and Bar-Ilan University 04/08/08 CRYP-108 Aggregate Message- Authentication.

Modelling Privacy for Off-line RFID Systems Flavio Garcia Radboud University Nijmegen together with Peter van Rossum RFIDSec 2009.

Netprog: Chat1 Chat Issues and Ideas for Service Design Refs: RFC 1459 (IRC)

Security of the Internet of Things: perspectives and challenges

Swarming Secrets Shlomi Dolev (BGU), Juan Garay (AT&T Labs), Niv Gilboa (BGU) Vladimir Kolesnikov (Bell Labs) Allerton 2009.

BAHIR DAR UNIVERSITY Institute of technology Faculty of Computing Department of information technology Msc program Distributed Database Article Review.

3506-D WEST LAKE CENTER DRIVE,

Public Key Cryptography

Introduction Wireless devices offering IP connectivity

Authors: Hung-Yu, Chi-Sung Laih

Information Complexity Lower Bounds

Stochastic Streams: Sample Complexity vs. Space Complexity

網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments

New Characterizations in Turnstile Streams with Applications

What is a Radio-Frequency Identification (RFID) tag?

Boneh-Franklin Identity Based Encryption Scheme

Data Compression.

Zahra Ahmadian Recursive Linear and Differential Cryptanalysis of Ultra-lightweight Authentication Protocols Zahra Ahmadian

Presented by: Dr. Munam Ali Shah

Possible Impact of quantum computing

Cryptographic Hash Functions Part I

Changshe Ma, Yingjiu Li, Robert Deng, Tieyan Li

RFID Security & Privacy at both Physical and System Levels - Presentation to IoT-GSI 26th August 2011 Robert H. Deng & Yingjiu Li School of Information.

Revisting Unpredictability-Based RFID Privacy Models

Chat Refs: RFC 1459 (IRC).

Combating Tag Cloning with COTS RFID Devices

CS/ECE 478 Introduction to Network Security

The Secure Sockets Layer (SSL) Protocol

Reducing Total Network Power Consumption

An Improved Novel Key Management Protocol for RFID Systems

Cryptographic Hash Functions Part I

Hash-based Primitives Credits: Dr. Peng Ning and Dr. Adrian Perrig

ONLINE SECURE DATA SERVICE

Topic 13: Message Authentication Code

Selective Blocking of RFID Tags for Consumer Privacy

RFID Object Localization

Randomness and Statistical Tests

刘振上海交通大学计算机科学与工程系电信群楼3-509

IOT Technologies: Radio Frequency Identification (RFID)

Presentation transcript:

Randomized PRF Tree Walking Algorithm for Secure RFID Leonid Bolotnyy and Gabriel Robins Department of Computer Science University of Virginia lb9xk@cs.virginia.edu, robins@cs.virginia.edu

Talk Outline Identification Problem Reader-tag Authentication Problem Secure Binary-Tree Walking Algorithm Reader-tag Authentication Problem Multi-tag RFID Systems

Identification Problem Tag ID Tags Reader Local Server

Secure Identification Problem Tag ID Tags Reader Local Server

Passive vs. Active Adversary Reader Tag Eavesdropper Backward Range Forward Range

Secure Binary-Tree Walking R. Rivest, S. Weis, EPCglobal, Inc. Each tag generates a random number Reader tree-walks these random numbers Selected tag transmits its real-ID 1 11 111 10 110 101 100 01 011 010 00 001 000

Algorithm Analysis Major questions about the algorithm: 1. How to deal with collisions on real-IDs? 2. How to choose optimal random number length? 3. How to choose the threshold? n: number of tags, m: random number length Number of tags per random number will have a Poisson distribution (Expected number of random IDs with k tags) (Expected total number of colliding tags) (Cost function) where t is the smallest exponent for which

Optimal random number length Use average n over many traverse runs

Determining threshold bits) (Expected number of tags on a branch after Pr[ tags match in threshold number of bits] = For n = 2000, after about 11 bits, we expect zero, one, or two bits per branch Still have a “long” way to finish traversing the tree Costly over all branches if we traverse every branch to the end Start the threshold at 2 Increase threshold by 1 if collision occurs Decrease threshold by 1 if over the entire traverse no collisions occurred

Randomized PRF Tree Walking Algorithm Goal: Efficiently solve reader-tag authentication problem in the presence of many tags Steps of the algorithm: 1. Each tag generates a random number, and the reader performs a tree-walk on these numbers 2. Once a tag is selected, the reader and the tag engage in a tree-waking private authentication protocol 3. The reader moves the tag to a different position in a tree.

Binary Tree of Secrets D. Molnar and D. Wagner Privacy and Security in Library RFID Issues, Practices, and Architecture

Step 1 Each tag generates a random number, and the reader performs a tree-walk on these numbers

Step 2 Once a tag is selected, the reader and the tag engage in a tree-waking private authentication protocol

Step 3 The reader moves the tag to a different position in a tree

Properties of the Algorithm Allows on-line addition and removal of tags Provides security against active eavesdroppers Offers security against foreign readers Enables dynamic tradeoff between security, privacy and singulation time Effective against active attacks stealing a tag tracking and hotlisting Requires a tag to be equipped with pseudo-random function, XOR unit random number generator writable memory

Space and Time Complexity Evolution D. Molnar and D. Wagner Our algorithm Our algorithm assuming secrets are hard to steal Our algorithm assuming tags are read often and/or secrets are very hard to steal

Random Number Generator V Random Bits No Connect Will Ware http://willware.net/hw-rng.html The voltage signal is amplified, disturbed, stretched, and sampled, resulting in random bits.

New Idea: Multi-Tags Attach more than one tag to an object Redundant Tags Dual-Tags Own Memory Only Shared Memory Only Own and Shared Memory Triple-Tags n-Tags 1 3 4 2

Benefits of Multi-Tag Systems New applications Increased expected voltage on a tag Increased expected communication range Increased availability Increased memory Increased reliability Increased durability Enhanced security

Our Current and Future Work Find New and Improve Existing Algorithms A. Juels, S. Weis Authentication algorithms with human protocols D. Molnar, D. Wagner Tag identification with delegation, ownership transfer A. Juels Efficient cloning-resistant identification algorithms New and emerging problems Let’s Collaborate!