Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.

Published byMiranda Joseph Modified over 9 years ago

Similar presentations

Presentation on theme: "A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International."— Presentation transcript:

1 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, kkj}@icu.ac.kr International Research Center for Information Security CONFERENCE ON RFID SECURITY-07

2 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 2 Introduction - EPCglobal  EPCglobal Inc™ Industry-driven standards RFID in supply chain management  We consider EPCglobal Architecture Framework EPCglobal Class 1 Gen 2 UHF RFID Protocol

3 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 3 Contents  Introduction  RFID-based supply chain management system EPCglobal Architecture Framework  Security Threats and Requirements  Security Assessment of Class 1 Gen 2 UHF RFID Protocol  Proposed Tag-Reader Mutual Authentication Scheme Scheme Analysis  Conclusion and Future Work

4 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 4 EPCglobal Architecture Framework EPC-IS

5 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 5 Introduction - Tag’s 4 Memory Blocks **We Focus on RESERVED memory Block** RESERVED memory Block has…. Access Password (APwd) Kill Password (KPwd)

6 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 6 Introduction - RESERVED Memory Block  Manufacturer of the product stores APwd and KPwd in the Reserved Memory Bank  Reserved Memory Bank is R/W LOCKED, Cannot be Read Cannot be Re-Written

7 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 7 Security Threats and Requirements  Tag-Reader Mutual Authentication Malicious RFID Readers  Snoop, corrupt, manipulate Cloned Fake RFID Tags  Counterfeit products Man-in-the-Middle Attack  Eavesdrop and impersonate  Tamperproof Tags RFID Tag Snatching

8 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 8 One-Way Reader to Tag Authentication Proposed by EPCglobal  Proposed by EPCglobal Class 1 Gen 2 UHF RFID Protocol  Not Secure  Un-encrypted openly sent random numbers used as pads to cover-code tag’s APwd  Tag’s Access Password easily exposed to disgruntled employee managing hand-held reader

9 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 9 Security Weakness – EPCglobal Schheme – Exposed APwd Manufacturer Reader Tag Unauthorized Access Fake Cloned Tags APwd Apwd (Exposed) Only one-way Reader-to-Tag Authentication Malicious, Compromised Reader Disgruntled Employee

10 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 10 Goals  Tag-Reader mutual authentication simple, light-weight, practically secure (supply chain)  A better cover-code or obscure tag APwd  Secure distribution of obscured tags' APwd to stakeholder's RFID readers  The manufacturer: implicitly keep track on the whereabouts of its products.  Our scheme adheres to EPCglobal standards

11 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 11 Goals NO cryptographic (hash) functions/keys within the tag NO tag - reader synchronization security keys/hash values.  We improve scheme proposed by EPCglobal to accommodate tag-reader mutual authentication. Our scheme utilizes tag's already existing,  16-bit random number generator,  XOR function,  Access & Kill Passwords.

12 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 12 Proposed Tag-Reader Mutual Authentication Scheme  Emphasis on Tag’s Access & Kill Password  Manufacturer of the product is involved in the mutual authentication process  Scenario: A pallet has reached the distributor Distributor’s reader query tag on pallet Reader and Tag must authenticate each other Reader does not know tag’s Apwd Reader contact manufacturer and follow this procedure

13 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 13 Proposed Tag- Reader Mutual Authentication

14 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 14

15 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 15

16 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 16 Pad Generation Function: PadGen(.) [1/3]

17 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 17 Pad Generation Function: PadGen(.) [2/3] Random Numbers from Tag and Manufacturer

18 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 18 Pad Generation Function: PadGen(.) [3/3]

19 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 19 Tag’s Logical Memory & Access Password Map

20 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 20 Security Analysis [1/4]  Possible Attacks APwd & KPwd are only 32-bits Brute-force attack or ciphertext-only attack  Practically Secure An enclosure (warehouse) that is sealed from external noise and radio signals from malicious readers. RFID supply chain processing environment  Extremely fast paced  Not feasible to continuously eavesdrop on one particular tag- reader communication channel  Several bulks of items pass through several readers with in a very short interval of time.

21 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 21 Security Analysis [2/4]  Reader Impersonation Attack: Reader to authenticate first to tag A malicious reader  Does not posses both the APwd and KPwd  cannot access manufacturer (EPC-IS) due to lack credentials.  Cloned Fake Tags and Tag Impersonation Attack: Tag to authenticate to the manufacturer. A malicious tag or a cloned fake tag  Do not posses both the APwd and KPwd, Manufacturer must detect and terminate the communication,  if a tag emulator using the same or weak random numbers  if tag is not moving through the supply chain processing

22 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 22 Security Analysis [3/4]  Tag's Access Password Never Exposed: Does not use random numbers sent in an un-encrypted form as pads Generated pads are known only to tag and manufacturer  Secure against Insider Attacks: Does not deliver the tag's APwd to any of the stakeholder's reader. The reader relays only the cover-coded APwd RFID “system level check",  A compromised reader is continuously trying to interrogate only one particular tag

23 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 23 Security Analysis [4/4]  Secure against Replay Attacks: We use two random numbers each, generated by both the tag and the manufacturer. As unique random numbers generate unique pads  Password Scalability: We adhered to the 32-bit passwords Our scheme can still be applicable, and more strengthened, when the length of the APwd and KPwd is extended

24 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 24 Implementation Analysis [1/2]  Overhead Analysis Secure channel between tag and manufacturer  PKI-based certificate, encryption and signature schemes – may be expensive Reader communicate with manufacturer to authenticate every tag  To reduce this overhead, The manufacturer can setup a secure server at every stakeholder's supply chain processing facility Only, the manufacturer can remotely access, monitor, and manage this server and also update the server with tags' Access & Kill passwords We can also assume that the manufacturer's EPC-IS is a highly resource rich entity, which is designed to take heavy computational and storage load. Secure channel with only Keyed-Message Authentication Code (MAC)

25 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 25 Implementation Analysis [2/2]  Light-Weight Tag-Reader Mutual Authentication: Our scheme does not use any special cryptographic functions. Tag already has capability  XOR operations,  Generate random numbers,  Temporarily store random numbers  Fetch the APwd and KPwd  Our scheme just needs an additional Five 16-bit temporary storage memory slots four random numbers from the manufacturer and one for PadGen(.) function. Class-1 Gen-2 tags can have a 512-bit memory capacity or more (depending on the manufacturer)

26 A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme 26 Conclusion  Our scheme Not fully secure Simple, cost-effective, light-weight to be implemented on tag Practically secure, Highly suitable to the RFID-based supply chain processing scenario Adhere to EPCglobal standard  Our scheme provides considerable challenges to thwart Cloned fake tags Malicious readers Disgruntled employees or compromised readers Tag’s APwd leakage Man-in-the-middle attacks

27 Thank you! Q&A International Research Center for Information Security

Download ppt "A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International."

Similar presentations

Mitigate Unauthorized Tracking in RFID Discovery Service Qiang Yan 1, Robert H. Deng 1, Zheng Yan 2, Yingjiu Li 1, Tieyan Li 3 1 Singapore Management University,

Mitigate Unauthorized Tracking in RFID Discovery Service Qiang Yan 1, Robert H. Deng 1, Zheng Yan 2, Yingjiu Li 1, Tieyan Li 3 1 Singapore Management University,
1 Security in Wireless Protocols Bluetooth, 802.11, ZigBee.

1 Security in Wireless Protocols Bluetooth, , ZigBee.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.

Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Security for RFID Department of Information Management, ChaoYang University of Technology. Speaker : Che-Hao Chen ( 陳哲豪 ) Date:2006/01/18.

Security for RFID Department of Information Management, ChaoYang University of Technology. Speaker : Che-Hao Chen ( 陳哲豪 ) Date:2006/01/18.
A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.

A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.
SMUCSE 5349/73491 Authentication Protocols. SMUCSE 5349/73492 The Premise How do we use perfect cryptographic mechanisms (signatures, public-key and symmetric.

SMUCSE 5349/73491 Authentication Protocols. SMUCSE 5349/73492 The Premise How do we use perfect cryptographic mechanisms (signatures, public-key and symmetric.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.

1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.
RFID Security CMPE 209, Spring 2009 Presented by:- Snehal Patel Hitesh Patel Submitted to:- Prof Richard Sinn.

RFID Security CMPE 209, Spring 2009 Presented by:- Snehal Patel Hitesh Patel Submitted to:- Prof Richard Sinn.
Sec final project A Preposition Secret Sharing Scheme for Message Authentication in Broadcast Networks 90321019 王怡君.

Sec final project A Preposition Secret Sharing Scheme for Message Authentication in Broadcast Networks 王怡君.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.

Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.
CMSC 414 Computer and Network Security Lecture 18 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 18 Jonathan Katz.
YA-TRAP: Yet Another Trivial RFID Authentication Protocol Gene Tsudik International Conference on Pervasive Computing and Communications, PerCom 2006.

YA-TRAP: Yet Another Trivial RFID Authentication Protocol Gene Tsudik International Conference on Pervasive Computing and Communications, PerCom 2006.

Similar presentations

Ads by Google