Presentation is loading. Please wait.

Presentation is loading. Please wait.

RFID Security Tony Arous Vincent Yu.

Published byElijah Bond Modified over 5 years ago

Similar presentations

Presentation on theme: "RFID Security Tony Arous Vincent Yu."— Presentation transcript:

1 RFID Security Tony Arous Vincent Yu

2 Recap Current RFID protocols can be cracked very quickly
As little as 15 minutes Need to authenticate readers to block insecure use

3 Questions from Last Time
Are the devices going to be active (battery-powered) or passive? We plan on using passive tags in order to keep the functionality and ease of use factors. Does the encryption change the power consumption? No, power is a concern when working with long-range applications.

4 Questions from Last Time
How will you build on existing systems and change devices that are out there? Upgraded firmware on the individual tags will be needed. Some tags will require full hardware replacement. Will you experiment/simulate the real RFID tags? Hopefully, yes. Under the time constraints, offering suggestions to the existing protocols will be more realistic.

5 Different Encryption Schemes
Data Encryption Standard (DES) 56-bit key Triple DES Advanced Encryption Standard (AES) 128 bit key

6 Data Encryption Standard
Effectively DES is only a 56-bit encryption 8-bits are used as parity. DES encrypts and decrypts data in 64-bit blocks, using a 64-bit key. Takes 64-bit plain text and outputs 64-bit cipher text. Normally DES has 16 rounds (repeats 16 times) to produce the cipher text. As the number of rounds increase, the security increases exponentially.

7 How a DES Key is Made

8 The DES Sub-key 1. Start with round (R) 1 and go to 16
2. Split the current 56-bit key, K, up into two 28-bit blocks, L (the left-hand half) and R (the right-hand half). 3. Rotate L and R left by the number of bits specified in the table above. 4. Join L and R together to get the new K. 5. Apply Permuted Choice 2 (PC-2) to K to get the final K[R], where R is the round number we are on. 6. Repeat the procedure until 16 subkeys K[1]-K[16] have been determined.

9 Problems with DES As computers become more powerful, brute force methods to crack DES encryption became easier. A new encryption method was needed to secure information

10 Triple DES Basically the same as DES, but runs it three times
3x64 = 192-bit encryption Problems: 3 times slower than DES

11 Advanced Encryption Standard
AES is a symmetric key encryption technique which was created to replace DES Block size of 128-bits and key size of 128, 192 or 256-bits. The AES algorithm is based on permutations and substitutions. Permutations are rearrangements of data, and substitutions replace one unit of data with another. AES performs permutations and substitutions using several different techniques.

12 Creating AES keys 4 Step Process 1. SubBytes 2. ShiftRows
3. MixColumns 4. AddRoundKey

13 AES Encryption SubBytes

14 AES Encryption ShiftRows

15 MixColumns MixColumns

16 AES Encryption AddRoundKey

17 Juels-Pappu Banknote Protection Scheme
Protocol being used by European Central Bank in Euro notes Advantages: Block banknote counterfeiting Track illicit monetary flows by authorized parties (such as airports) Prohibit tracking by unauthorized parties

18 J-P BP Scheme Each banknote has serial number
Signed by European bank Used for anti-counterfeiting When requested, the tag sends the encrypted value of the serial number and not the number itself “Periodic probabilistic” re-encryptions of the serial number take place by the merchants

19 J-P BP Scheme Re-encryption process requires visual contact with each note A specific key is printed on each banknote However, law enforcement agencies can access the tag without the key

20 J-P BP Scheme Requirements
Each tag requires an EEPROM of at least 780 bits Fortunately, most RFIDs already have about 950 bits of storage available Valid instructions: Read Write Keyed-Read Keyed-Write Not widespread today

21 J-P BP Scheme Initialization Routine
Select serial number S and compute: ∑=Sign(SKB,S||den) Compute access key D, such that: D = h(∑) Encrypt C with random number r, such that: C = Enc(PKL, ∑||S,r) Results on tags: C=> λ-cell, r=> δ-cell Print onto banknote: S and ∑

22 J-P BP Scheme Re-Encryption
Read S and ∑ visually and compute: D = h(∑) Using D, find C and r. Verify that: C = Enc(PKL, ∑||S,r) Choose a new r and keyed-write it into δ. Compute the new C = Enc(PKL, ∑||S,r) and put it into λ.

23 J-P BP Scheme Tracing Freely obtain C from cell λ
Decrypt C using SKL and then obtain: Dec(SKL,C) = ∑||S Check if ∑ is a valid signature

24 ElGamal Encryption Messages/information (m) are encrypted with a public key (k): E*(k,m)=(Easym(k,r,h1(r,m)),Esym(h2(r),m)) Esym is a symmetric encryption with the key. Easym is an asymmetric encryption with the key and a random value. Primary ElGamal Encryption h1 and h2 are hash functions.

25 Problems Re-encryption is critical to the success of this technique
The actions is sparked by an external entity, not the tag itself Therefore, invalid re-encryptions can easily take place

26 Problems Use of a pre-determined access-key (the serial number) is useful for requiring visual access At the same time, it causes problems with tracing the tag

27 Next Time… Our final recommendations Backward-compatibility issues
Merging a protocol scheme with a sophisticated encryption technique Backward-compatibility issues

Download ppt "RFID Security Tony Arous Vincent Yu."

Similar presentations

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
Embedded Wireless Sensors Tony Arous Vincent Yu. Recap  RFID– Radio Frequency Identification  Sensors help to easily keep track of various information.

Embedded Wireless Sensors Tony Arous Vincent Yu. Recap  RFID– Radio Frequency Identification  Sensors help to easily keep track of various information.
 Stream ciphers o Encrypt chars/bits one at a time o Assume XOR w the key, need long key to be secure  Keystream generators (pseudo-random key) o Synchronous.

 Stream ciphers o Encrypt chars/bits one at a time o Assume XOR w the key, need long key to be secure  Keystream generators (pseudo-random key) o Synchronous.
Modelling and Analysing of Security Protocol: Lecture 2 Cryptology for Protocols Analysis Tom Chothia CWI.

Modelling and Analysing of Security Protocol: Lecture 2 Cryptology for Protocols Analysis Tom Chothia CWI.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
ICS 454 Principles of Cryptography Advanced Encryption Standard (AES) (AES) Sultan Almuhammadi.

ICS 454 Principles of Cryptography Advanced Encryption Standard (AES) (AES) Sultan Almuhammadi.
1 Database Security & Encryption

1 Database Security & Encryption
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
Network Security. Cryptography Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy:

Network Security. Cryptography Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy:
CSCE 201 Introduction to Information Security Fall 2010 Data Protection.

CSCE 201 Introduction to Information Security Fall 2010 Data Protection.
Chapter 20 Symmetric Encryption and Message Confidentiality.

Chapter 20 Symmetric Encryption and Message Confidentiality.
Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.

Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.
Chapter 3 Encryption Algorithms & Systems (Part D)

Chapter 3 Encryption Algorithms & Systems (Part D)
DATA & COMPUTER SECURITY (CSNB414) MODULE 3 MODERN SYMMETRIC ENCRYPTION.

DATA & COMPUTER SECURITY (CSNB414) MODULE 3 MODERN SYMMETRIC ENCRYPTION.
Network Security Lecture 3 Secret Key Cryptography

Network Security Lecture 3 Secret Key Cryptography
The Federal Information Processing Standards (FIPS) Encryption Suite Sean Smith COSC 316 - 001.

The Federal Information Processing Standards (FIPS) Encryption Suite Sean Smith COSC
CS480 Cryptography and Information Security

CS480 Cryptography and Information Security

Similar presentations

Ads by Google