Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions Shaoying Cai 1 Yingjiu Li 1 Tieyan Li 2 Robert H. Deng 1 1 Singapore.

Slides:

Advertisements

Similar presentations

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.6 Kerberos.

Advertisements

Mitigate Unauthorized Tracking in RFID Discovery Service Qiang Yan 1, Robert H. Deng 1, Zheng Yan 2, Yingjiu Li 1, Tieyan Li 3 1 Singapore Management University,

By Md Emran Mazumder Ottawa University Student no:

1 An Ultra-lightweight Authentication Protocol in RFID Speaker: 魏家惠.

Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

TAODV: A Trusted AODV Routing Protocol for MANET Li Xiaoqi, GiGi March 22, 2004.

A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.

Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.

Security for RFID Department of Information Management, ChaoYang University of Technology. Speaker : Che-Hao Chen ( 陳哲豪 ) Date:2006/01/18.

A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.

1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.

RFID Security CMPE 209, Spring 2009 Presented by:- Snehal Patel Hitesh Patel Submitted to:- Prof Richard Sinn.

Cryptography In Censorship Resistant Web Publishing Systems By Hema Hariharan Swati B Shah.

RFID Security and Privacy Part 2: security example.

Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.

Pseudo Trust: Zero-Knowledge Based Authentication in Anonymous Peer-to-Peer Protocols Li Lu, Lei Hu State Key Lab of Information Security, Graduate School.

1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科教授 (Prof. Jinn-Ke Jan) 陳育毅.

A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

RFID Cardinality Estimation with Blocker Tags

1 Cryptographically Strong Pseudorandom Functions and Their Applications 陳昱升碩士學位論文中興大學資訊科學系 2006 年 6 月.

Persistent Security for RFID Mike Burmester & Breno de Medeiros RFIDSec’07.

Physical-layer Identification of RFID Devices Authors: Boris Danev, Thomas S. Heyde-Benjamin, and Srdjan Capkun Presented by Zhitao Yang 1.

- 1 - Secure and Serverless RFID Authentication and Search Protocols Chiu C. Tan, Bo Sheng, and Qun Li IEEE Transactions on Wireless Communication APRIL.

Radio Frequency Identification By Bhagyesh Lodha Vinit Mahedia Vishnu Saran Mitesh Bhawsar.

Panagiotis Rizomiliotis and Stefanos Gritzalis Dept. of Information and Communication Systems Engineering University of the Aegean, Greece GHB#: A Provably.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September

多媒體網路安全實驗室 An Efficient RFID Authentication Protocol for Low-cost Tags Date ： Reporter : Hong Ji Wei Authors : Yanfei Liu From : 2008 IEEE/IFIP.

1 Presented by July-2013, IIM Indore. 2  RFID = Radio Frequency IDentification.  RFID is ADC (Automated Data Collection) technology that:-  uses radio-frequency.

EPCglobal Network Security: Research Challenges and Solutions Yingjiu Li Assistant Professor School of Information Systems Singapore Management University.

WEP Protocol Weaknesses and Vulnerabilities

Physically Unclonable Function– Based Security and Privacy in RFID Systems Leonid Bolotnyy and Gabriel Robins Dept. of Computer Science University of Virginia.

4BP1 Electronic & Computer Engineering Paul Gildea th Year Interim Project Presentation.

Shanti Bramhacharya and Nick McCarty. This paper deals with the vulnerability of RFIDs A Radio Frequency Identifier or RFID is a small device used to.

Low-Cost Untraceable Authentication Protocols for RFID Yong Ki Lee, Lejla Batina, Dave Singelée, Ingrid Verbauwhede BCRYPT workshop on RFID Security February.

Overall: 9/10. GOODWORK ON  Good information  Very detailed  Nice Introduction  RFID has many similarities with barcoding but with the unique characteristics.

Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.

© copyright NTT Information Sharing Platform Laboratories Cryptographic Approach to “Privacy-Friendly” Tags Miyako Ohkubo, Koutarou Suzuki, and Shingo.

Qinghan Xiao, Cam Boulet and Thomas Gibbons Second International Conference on Availability, Reliability and Security, 2007 Speaker : 黃韋綸 RFID Security.

ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University.

National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE

On The Untraceability of Anonymous RFID Authentication Protocol with Constant Key-Lookup Presented By Professor LI Yingjiu.

Enabling Secure Secret Updating for Unidirectional Key Distribution in RFID-Enabled Supply Chains Shaoying Cai 1, Tieyan Li 2, Changshe Ma 1, Yingjiu Li.

Establishing authenticated channels and secure identifiers in ad-hoc networks Authors: B. Sieka and A. D. Kshemkalyani (University of Illinois at Chicago)

Hoda Jannati School of Computer Science

1 Protecting Your Privacy with a Mobile Agent Device in RFID Environment Authors: Sang-Soo Yeo, Soo-Cheol Kim, Sung Kwon Kim, Gilcheol Park, Seok Soo Kim,

Wireless Network Security CSIS 5857: Encoding and Encryption.

SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.

RFID Paper presentation The Security of EPC Gen2 Compliant RFID Protocols Source ： Applied Cryptography and Network Security, VOL. 5037, 2008, pp

Modelling Privacy for Off-line RFID Systems Flavio Garcia Radboud University Nijmegen together with Peter van Rossum RFIDSec 2009.

Hash-based Enhancement of Location Privacy for Radio- Frequency Identification Devices using Varying Identifiers Author ： Dirk Henrici and Paul Muller.

Security of the Internet of Things: perspectives and challenges

1 Security problems on RFID tags (short introduction) Sakurai Lab., Kyushu Univ. Junichiro SAITO

English for Advance Learners I

A Dynamic ID-Based Generic Framework for Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications,

Mobile RFID Topics in Internet JinKyu, Yoo

A lightweight authentication scheme based on self-updating strategy for space information network Source: International Journal Of Satellite Communications.

A Secure Anonymity Preserving Authentication Scheme for Roaming Service in Global Mobility Networks Source: Wireless Personal Communications, ahead of.

Zahra Ahmadian Recursive Linear and Differential Cryptanalysis of Ultra-lightweight Authentication Protocols Zahra Ahmadian

Changshe Ma, Yingjiu Li, Robert Deng, Tieyan Li

RFID Security & Privacy at both Physical and System Levels - Presentation to IoT-GSI 26th August 2011 Robert H. Deng & Yingjiu Li School of Information.

Revisting Unpredictability-Based RFID Privacy Models

RFID Privacy Models & A Minimal Condition

Chair Professor Chin-Chen Chang Feng Chia University

Security and Privacy in Pervasive/Ubiquitous Computing Systems

Randomized PRF Tree Walking Algorithm for Secure RFID

An Improved Novel Key Management Protocol for RFID Systems

Presentation transcript:

Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions Shaoying Cai 1 Yingjiu Li 1 Tieyan Li 2 Robert H. Deng 1 1 Singapore Management University 2 Institute for Infocomm Research (I 2 R) March 16-18, 2009, Zurich, Switzerland Second ACM Conference on Wireless Network Security (WiSec ‘09)

Overall RFID Authentication Protocol for Low-Cost Tags B. Song and C. J. Mitchell (WiSec 08) RFID Tag Ownership Transfer B. Song (RFIDsec 08) Tag impersonation attack Server impersonation attack De-synchronization attack Song-Mitchell Protocol Song’s Secret Update Protocol

Outline RFID Background Attacks and Improvements to the Song–Mitchell Protocol Attacks and Improvements to the Song’s Secret Update Protocol Conclusions

Radio Frequency Identification System Components: Tag, Reader, Back-end database Characteristics : Wireless connection ( tag  reader ) Limited capability of the tags 100 meters TagReader Attacker Attacker Model: Active attacker Backend Server

Privacy and Security Concerns of Mutual Authentication Protocol Tag information privacy Tag location privacy Resistance to server\tag impersonation attack Resistance to replay attack Resistance to de-synchronization attack Forward and backward security

Privacy Concerns of Ownership Transfer New owner privacy Old owner privacy Authorization recovery

Song-Mitchell Mutual Authentication Protocol t i = h(s i ) Implicit tag authentication Identification Server authentication Update

Server Impersonation Attack r1r1 M 1, M 2 M3M3 M 1, M 3 r1’r1’ M 1 ’, M 2 ’ M3’M3’ Em, you are valid. I’m serve r Result ?

Result of Server Impersonation Attack r1r1 M 1, M 2 T i Search database, Search… Search…. But, [(s i,t i ) new, (s i,t i ) old ] Server [t’] Who are you? It’s me, T i …. I was changed by Attacker.

Tag Impersonation Attack r1’r1’ M 1 ’, M 2 ’ r1r1 M 1, M 2 M3M3 Yeah, you are T i. I’m serve r I’m tag T i TiTi Result ?

Vulnerability Analysis : >> : S >> l/2 = [S] R || [S] L

Modified Song-Mitchell Protocol

Song's secret update protocol t i  t i ’

De-Synchronization Attack r 1, M 1, M 2 r 2 ’, M 3 ’ T i r 1, M 1 ’, M 2 ’ Update T i ’s secret to t i ’ T i Updates to t i ’’

Modified Tag Update Protocol

Conclusions Song-Mitchell mutual authentication protocol Tag secret update protocol Server impersonation attack Tag impersonation attack De-synchronization attack

Discussion F denotes a computationally complex function such as hash and keyed hash, and k is an integer between 1 and 2N Performance Formal Proof Will be given in our future work.

Q & A?

Thank you! Shaoying Cai: