- 1 - Secure and Serverless RFID Authentication and Search Protocols Chiu C. Tan, Bo Sheng, and Qun Li IEEE Transactions on Wireless Communication APRIL.

Slides:

Advertisements

Similar presentations

Mitigate Unauthorized Tracking in RFID Discovery Service Qiang Yan 1, Robert H. Deng 1, Zheng Yan 2, Yingjiu Li 1, Tieyan Li 3 1 Singapore Management University,

Advertisements

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

1 Security in Wireless Protocols Bluetooth, , ZigBee.

KAIS T Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig(CMU), Sensys

A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.

Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.

AUTHENTICATION APPLICATIONS - Chapter 14 Kerberos X.509 Directory Authentication (S/MIME)

Achieving Better Privacy Protection in WSNs Using Trusted Computing Yanjiang YANG, Robert DENG, Jianying ZHOU, Ying QIU.

Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.

A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.

1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.

Security in RFID Presented By… NetSecurity-Spring07

Authentication. Terminology  Authentication التثبت من الهوية  Access Control (authorization) التحكم في الوصول  Note the difference between the two.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

RFID Security and Privacy Part 2: security example.

Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.

1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科教授 (Prof. Jinn-Ke Jan) 陳育毅.

#1 Privacy in pervasive computing What can technologists do? David Wagner U.C. Berkeley In collaboration with David Molnar, Andrea Soppera, Ari Juels.

YA-TRAP: Yet Another Trivial RFID Authentication Protocol Gene Tsudik International Conference on Pervasive Computing and Communications, PerCom 2006.

RFID in Mobile Commerce and Security Concerns Chassica Braynen April 25, 2007.

1 Security Weakness in a Three-Party Password-Based Key Exchange Protocol Using Weil Pairing From ： ePrint (August 2005) Author ： Junghyun Nam, Seungjoo.

R R FID Authentication : M inimizing Tag Computation CHES2006 Rump Session, Yokohama. Japan Ph.D. Jin Kwak Kyushu University, JAPAN

Technical Issues in Library RFID Privacy David Molnar UC-Berkeley Computer Science.

David Molnar, David Wagner - Authors Eric McCambridge - Presenter.

An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks DAOJING HE, YI GAO, SAMMY CHAN, CHUN CHEN, JIAJUN BU Ad Hoc & Sensor Wireless.

Practical Techniques for Searches on Encrypted Data Yongdae Kim Written by Song, Wagner, Perrig.

Presented by: Arpit Jain Guided by: Prof. D.B. Phatak.

Chapter 10: Authentication Guide to Computer Network Security.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September

多媒體網路安全實驗室 An Efficient RFID Authentication Protocol for Low-cost Tags Date ： Reporter : Hong Ji Wei Authors : Yanfei Liu From : 2008 IEEE/IFIP.

Using ISO tags for Authentication Eddie LaCost Embedded RF.

- 1 - RFID Security and Privacy: A Research Survey Ari Juels RSA Laboratories IEEE Journal on Selected Areas in Communication (J-SAC) in 2006 Taesung Kim.

10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.

EPCglobal Network Security: Research Challenges and Solutions Yingjiu Li Assistant Professor School of Information Systems Singapore Management University.

RFID (RADIO FREQUENCY IDENTIFICATION)

Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :

Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions Shaoying Cai 1 Yingjiu Li 1 Tieyan Li 2 Robert H. Deng 1 1 Singapore.

Cryptanalysis and Improvement of an Access Control in User Hierarchy Based on Elliptic Curve Cryptosystem Reporter : Tzer-Long Chen Information Sciences.

Shanti Bramhacharya and Nick McCarty. This paper deals with the vulnerability of RFIDs A Radio Frequency Identifier or RFID is a small device used to.

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

© copyright NTT Information Sharing Platform Laboratories Cryptographic Approach to “Privacy-Friendly” Tags Miyako Ohkubo, Koutarou Suzuki, and Shingo.

Secure and efficient key management in mobile ad hoc networks Authors: Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, and Spyros Magliveras Sources:

Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.

SPEAKER: HONG-JI WEI DATE: Secure Anonymous Authentication Scheme with Roaming for Mobile Networks.

ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University.

AUTHENTICATION APPLICATIONS - Chapter 14 Kerberos X.509 Directory Authentication (S/MIME)

User authentication schemes with pseudonymity for ubiquitous sensor network in NGN Authors: Binod Vaidya, Joel J. Rodrigues and Jong Hyuk Park Source:

Establishing authenticated channels and secure identifiers in ad-hoc networks Authors: B. Sieka and A. D. Kshemkalyani (University of Illinois at Chicago)

Hoda Jannati School of Computer Science

Your Wireless Network has No Clothes* William A. Arbaugh, Narendar Shankar Y.C. Justin Wan University of Maryland Presentation by Eddy Purnomo,

1 Key-Exchange Protocol Using Pre-Agreed Session-ID Kenji Imamoto Kyushu University, JAPAN.

多媒體網路安全實驗室 Anonymous Authentication Systems Based on Private Information Retrieval Date： Reporter: Chien-Wen Huang 出處: Networked Digital Technologies,

Identifying the Missing Tags in a Large RFID System Tao Li (University of Florida, US) Shigang Chen (University of Florida, US) Yibei Ling (Telcordia Technologies,

1 Protecting Your Privacy with a Mobile Agent Device in RFID Environment Authors: Sang-Soo Yeo, Soo-Cheol Kim, Sung Kwon Kim, Gilcheol Park, Seok Soo Kim,

SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.

RFID Paper presentation The Security of EPC Gen2 Compliant RFID Protocols Source ： Applied Cryptography and Network Security, VOL. 5037, 2008, pp

Fall 2006CS 395: Computer Security1 Key Management.

Hash-based Enhancement of Location Privacy for Radio- Frequency Identification Devices using Varying Identifiers Author ： Dirk Henrici and Paul Muller.

多媒體網路安全實驗室 A Secure Privacy-Preserving Roaming Protocol Based on Hierarchical Identity-Based Encryption for mobile Networks 作者 :Zhiguo Wan,Kui Ren,Bart.

Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.

Security of the Internet of Things: perspectives and challenges

1/18 Talking to Strangers: Authentication in Ad-Hoc Wireless Networks Dirk Balfanz 외 2 명 in Xerox Palo Alto Research Center Presentation: Lee Youn-ho.

1 Security problems on RFID tags (short introduction) Sakurai Lab., Kyushu Univ. Junichiro SAITO

What is a Radio-Frequency Identification (RFID) tag?

Privacy Preserving Ranked Multi-Keyword

RFID Security & Privacy at both Physical and System Levels - Presentation to IoT-GSI 26th August 2011 Robert H. Deng & Yingjiu Li School of Information.

Revisting Unpredictability-Based RFID Privacy Models

Randomized PRF Tree Walking Algorithm for Secure RFID

An Improved Novel Key Management Protocol for RFID Systems

Presentation transcript:

- 1 - Secure and Serverless RFID Authentication and Search Protocols Chiu C. Tan, Bo Sheng, and Qun Li IEEE Transactions on Wireless Communication APRIL 2008 Taesung Kim

- 2 - Contents Abstract Introduction Related Work RFID Privacy and Security RFID Authentication RFID Search

- 3 - Introduction What is Radio Frequency Identification? Tag Antenna Reader

- 4 - Introduction Solution for RFID Security and Privacy problem –Central database model –Three players in this model RFID reader, tag, database – 리더와 태그의 상호인증에 database 에 저장된 인증정보를 이용 –Database 와 연결이 없는 오프 사이트 위치에 있는 리더는 태그의 정보를 볼 수 없다. Simple alternative –Downloading database to reader –Mobile reader can be stolen. –An adversary will have access to information which include unique tag id and password. –The adversary can make fake tag based on this information.

- 5 - Introduction This paper suggest –Security protection as the central database model without persistent connection to the database. RFID searching problem –Single reader, multiple tag 상황에서 특정 tag 의 정보를 검색하 는 경우. –Authenticating each tag one at a time is a time consuming process. This paper suggest several solutions for RFID searching problem.

- 6 - Related Work Weis –randomized hash lock –Tag reply to reader query (r, ID ⊕ f k (r)) –where r is a random number generated by the tag, –k is the tag’s secret key –and f k is a pseudorandom function. A secure database searches the ID/secret key, then the real tag ID returned to reader. Molnar and Wagner –Randomized hash lock scheme does not defend against an eavesdropper. –Reader 가 secret key 를 알고 있다고 가정 –Reader 와 tag 가 각각 random number 를 만들고 교환한다.

- 7 - Related Work –Tag reply ID ⊕ f k (0, r1, r2) –Compromised reader problem. Dimitriou –Tag reply (h(ID i ), nt, h IDi (nt, nr)) –where ID i is the tag secret. –nt, nr are both random nubers generated by tag and reader Database return h IDi+1 (nt, nr) The tag update its screct ID i+1

- 8 - RFID Authentication Notations CA Trusted party, responsible for authenticating readers and deploying tags RiRi RFID reader i riri id for RFID reader R i LiLi access list for RFID reader R i n number of entries in L i TiTi RFID tag i id i id for RFID tag T i titi secret for RFID tag T i h(x) one-way hash function f(x,y) Concatenate x and y, then applying h(.), h(x||y) l number of bits of hash h(.) m CA defined number of bits, m < l

- 9 - RFID Authentication Set up –R obtains r and L from a certificate authority, CA. –Tag, T contains a unique value id, a unique secret t. –Access List L i

RFID Authentication Authentication Protocol

RFID Search 특정 태그를 찾고자 할 때 Reader issues a search request such that only authenticated tag can understand. The tag reply in such that only an authenticated reader can understand.

RFID Search Secure search protocol

RFID Search Search protocol improvement –Tag remember the last used random number.

RFID Search Search protocol improvement –A challenge and response method

RFID Search Search protocol improvement –A noise to mask the reply

Thank you!