Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.

Slides:



Advertisements
Similar presentations
Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.
Advertisements

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
1 An Ultra-lightweight Authentication Protocol in RFID Speaker: 魏家惠.
Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
1 Security in Wireless Protocols Bluetooth, , ZigBee.
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
Interlock Protocol - Akanksha Srivastava 2002A7PS589.
Fast and Reliable Estimation Schemes in RFID Systems Murali Kodialam and Thyaga Nandagopal Bell Labs, Lucent Technologies.
A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems Aameek Singh and Ling Liu Presented by: Korporn Panyim.
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.
Explorations in Anonymous Communication Andrew Bortz with Luis von Ahn Nick Hopper Aladdin Center, Carnegie Mellon University, 8/19/2003.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.
RFID Security and Privacy Part 2: security example.
بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.
#1 Privacy in pervasive computing What can technologists do? David Wagner U.C. Berkeley In collaboration with David Molnar, Andrea Soppera, Ari Juels.
YA-TRAP: Yet Another Trivial RFID Authentication Protocol Gene Tsudik International Conference on Pervasive Computing and Communications, PerCom 2006.
RFID Cardinality Estimation with Blocker Tags
Physics 114: Lecture 11 Error Analysis
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
Strong Password Protocols
Fast and Reliable Estimation Schemes in RFID Systems Murali Kodialam and Thyaga Nandagopal Bell Labs, Lucent Technologies Presented by : Joseph Gunawan.
- 1 - Secure and Serverless RFID Authentication and Search Protocols Chiu C. Tan, Bo Sheng, and Qun Li IEEE Transactions on Wireless Communication APRIL.
Cong Wang1, Qian Wang1, Kui Ren1 and Wenjing Lou2
Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September
多媒體網路安全實驗室 An Efficient RFID Authentication Protocol for Low-cost Tags Date : Reporter : Hong Ji Wei Authors : Yanfei Liu From : 2008 IEEE/IFIP.
EPCglobal Network Security: Research Challenges and Solutions Yingjiu Li Assistant Professor School of Information Systems Singapore Management University.
Practical Attacks on a Proximity Card Jonathan Westhues June
Shanti Bramhacharya and Nick McCarty. This paper deals with the vulnerability of RFIDs A Radio Frequency Identifier or RFID is a small device used to.
On the Cost of Reconstructing a Secret, or VSS with Optimal Reconstruction Phase Ronald Cramer, Ivan Damgard, Serge Fehr.
Linkability of Some Blind Signature Schemes Swee-Huay Heng 1, Wun-She Yap 1 Khoongming Khoo 2 1 Multimedia University, 2 DSO National Laboratories.
1 Lecture 9: Cryptographic Authentication objectives and classification one-way –secret key –public key mutual –secret key –public key establishing session.
Digital Signatures, Message Digest and Authentication Week-9.
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.
Qinghan Xiao, Cam Boulet and Thomas Gibbons Second International Conference on Availability, Reliability and Security, 2007 Speaker : 黃韋綸 RFID Security.
ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University.
Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.
Hoda Jannati School of Computer Science
RFID SECURITY.
Computer Science Department of University of Virginia  Voltage on a tag Radio Frequency Identification Systems New Ideas and Algorithms Introduction to.
Interleaving and Collusion Attacks on a Dynamic Group Key Agreement Scheme for Low-Power Mobile Devices * Junghyun Nam 1, Juryon Paik 2, Jeeyeon Kim 2,
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P System Aameek Singh, Ling Liu College of Computing, Georgia Tech International.
1 Protecting Your Privacy with a Mobile Agent Device in RFID Environment Authors: Sang-Soo Yeo, Soo-Cheol Kim, Sung Kwon Kim, Gilcheol Park, Seok Soo Kim,
Auditing Information Leakage for Distance Metrics Yikan Chen David Evans TexPoint fonts used in EMF. Read the TexPoint manual.
Dos and Don’ts of Client Authentication on the Web Kevin Fu, Emil Sit, Kendra Smith, Nick Feamster Presented: Jesus F. Morales.
1 Authenticated Key Exchange Rocky K. C. Chang 20 March 2007.
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
Keyword search on encrypted data. Keyword search problem  Linux utility: grep  Information retrieval Basic operation Advanced operations – relevance.
9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
1 Security problems on RFID tags (short introduction) Sakurai Lab., Kyushu Univ. Junichiro SAITO
Innovations in P2P Communications David A. Bryan College of William and Mary April 11, 2006 Advisor: Bruce B. Lowekamp.
7/10/20161 Computer Security Protection in general purpose Operating Systems.
Changshe Ma, Yingjiu Li, Robert Deng, Tieyan Li
Revisting Unpredictability-Based RFID Privacy Models
RFID Security Tony Arous Vincent Yu.
Randomized PRF Tree Walking Algorithm for Secure RFID
An Improved Novel Key Management Protocol for RFID Systems
Computer Security Protection in general purpose Operating Systems
Presentation transcript:

Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary

2 What is RFID? ID #: Name: Fischer, B

3 Using RFID Query Data Tag Reader

4 Basic Requirements for RFID ● Authentication  We want reader to distinguish a fake RFID tag from a real RFID tag. ● Privacy  We want the information from the RFID tag to be read only by authorized RFID readers.  This also includes location information about the tag. Why authentication and privacy?

5 No Authentication Query Fisher, B Accept Query Fisher, B Accept ??? Fake Tag Real Tag

6 No Privacy Paparazzi Query Law Enforcement Fisher, B Query Fisher, B ??

7 Location Privacy Query Fisher, B

8 Using a Server (adapted Dimitriou 2005)

9 Our paper ● Serverless solution, while still providing authentication and privacy.  Server solutions requires constant connection between reader and server. Not always possible ! ● Ability to search,i.e. how to find 1 tag from a larger group of tags.  Authentication. Reader can detect a fake tag.  Privacy. Unauthorized reader cannot get back useful information from searching for a tag

10 Remainder of this talk ● Introduce our serverless solution. ● Introduce the problem of searching RFID tags. ● Conclude.

11 First dig at the problem... Query Secret t Access List (adapted from Weis et. al. 2003)

12 Checking Authentication Query Secret x Secret x not in access list. Reader rejects tag ! FAKE Access List Reader checks access list

13 Checking Privacy Query Secret t Access List Unauthorize d Blank Unauthorized reader does not have secret t. Cannot obtain ID ! Every tag reply uses a different random N. Cannot track movements of the tag!

14 However, do not lose the reader Query Secret t, ID FAKE Secret t, ID Fools legitimate reader ! Access List

15 If you first don't succeed..... ● Problem: Reader knows tag secret t ● Idea : Let the reader check if tag knows secret t, without telling reader t. ● Use 1-way hash function. ● Create reader id for each reader, r. ● Instead of telling reader t, use f(r,t). f() is a 1-way hash function.

16 If you first don't succeed..... Query, r ID,t, f() Access List

17 Stealing the reader Query, s Secret f(r,t) FAKE Secret f(r,t) Access List Reader s expects f(s,t). Reader not fooled ! Access List

18 However..... Query, r ID,t, f() Fake Access List

19 When reader queries again... Query, r Fake tag fools legitimate reader r ! Fake Checks access list Access List

20 Third times a charm... ● Problem:  Reader always issues same query, susceptible to replay attack.  Tag response always the same, vulnerable against tracking. ● Idea: Use random numbers to differentiate query and response.

21 Third times a charm... ID,t, f(),h() Access List Check against access list.

22 Eavesdropping now gets ID,t, f(),h() Access List Fake

23 When reader queries again Access List Fake Reader will pick a different random number each time. Reader not fooled ! When checked against access list, reader will not get back ID.

24 When unauthorized reader queries ID,t, f(),h() Unauthorized Tag uses a different random number each time Unauthorized reader repeats the same query at different places Gets back a different reply. No tracking !

25 A little bit faster.... Problem : Access list could have many entries. Slow. ID,t, f(),h() Tag returns the first m bits of h(f(r,t)) Reader can pre-compute this value ahead of time. Not affected by random numbers. Access List Return the first m bits of h(f(r,t))

26 Onto searching ● RFID search problem:  Find 1 particular tag from a collection of tags, while still providing authentication and privacy. ● Simple solution:  Collect IDs from every tag, using technique presented earlier.  Find the tag you want. ● Not efficient.

27 Needle in a haystack ID4 Keep silent Reader cannot distinguish fake tag. An unauthorized reader can still query. No protection against eavesdropper.

28 Use the same trick as before ID4 Access List

29 Seems to work..... ● We basically invert the same techniques presented earlier on. ● One major exception....

30 What went wrong?

31 What went wrong? Does not matter if tag changes random number Still able to track, since only 1 tag will reply !

32 What went wrong? ● Basic nature of search. We expect to find 1 tag from a group of tags. ● In other words, always have 1 tag replying. The very act of replying identifies the tag !

33 Possible techniques 1. Try to prevent readers from repeatedly using the same random number. 2. Try to create a query that can be satisfied by more than 1 tag. 3. Try to generate noise to mask reply.

34 Possible solution ID4 Check the first m bits Reader obtains ID using access list and checks. Reader receives more than 1 tag reply Access List

35 Under this scheme Eavesdropper receives multiple replies. Each tag chooses a different random number Cannot perform tracking !

36 To summarize... ● Provide authentication and privacy protections for RFID. ● Done without need for persistent connections with central server. ● Examined security considerations when searching for RFID tags. ● Suggested solutions for secure RFID search

37 Acknowledgments ● We like to thank reviewers for their helpful comments. Questions ?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.