Presentation is loading. Please wait.

Presentation is loading. Please wait.

Overview of the latest RFID Research 21 st March 20071 Overview of the latest RFID Research at Auto-ID Lab, ADELAIDE Alfio Grasso Deputy Director, Auto-ID.

Published byDerek Gray Modified over 9 years ago

Similar presentations

Presentation on theme: "Overview of the latest RFID Research 21 st March 20071 Overview of the latest RFID Research at Auto-ID Lab, ADELAIDE Alfio Grasso Deputy Director, Auto-ID."— Presentation transcript:

1 Overview of the latest RFID Research 21 st March 20071 Overview of the latest RFID Research at Auto-ID Lab, ADELAIDE Alfio Grasso Deputy Director, Auto-ID Lab, Adelaide

2 Overview of the latest RFID Research 21 st March 2007 2 Overview Auto-ID Lab, Adelaide Security Anti-Counterfeiting and Security Authentication Lightweight Cryptography Specialised RFID Tag Antenna Design Conclusions

3 Overview of the latest RFID Research 21 st March 20073 Adelaide, Auto-ID Lab

4 Overview of the latest RFID Research 21 st March 2007 4 The Auto-ID Laboratories

5 Overview of the latest RFID Research 21 st March 2007 5 Auto-ID Labs One of 7 Auto-ID Labs around the world MIT, USA Cambridge, UK Adelaide, Australia Keio, Japan Fudan, China St Gallen, Switzerland ICU, Korea

6 Overview of the latest RFID Research 21 st March 2007 6 Three entities Auto-ID Lab EPCglobal research  via sub-award from MIT RFID Automation Contract Research  Eight Consultancies  One Research Contract  One Research Project Australasian Adoption Research Initiative RFID adoption, Networking, Resources

7 Overview of the latest RFID Research 21 st March 2007 7 Contract Research Separate from the EPCglobal funded work Commercial Infrastructure Adelaide Research & Innovation Pty Ltd Intellectual Property Protection Pork CRC Research Contract Joint Strike Fighter

8 Overview of the latest RFID Research 21 st March 2007 8 Auto-ID Lab, Personnel Prof. Peter Cole Mr. Alfio Grasso Dr. Behnam Jamali Mr. Damith Ranasinghe Mr. Kin Seong Leong Ms. Mun Leng Ng Mr. Raja Ghosal Mr. Manfred Jantscher (visiting)

9 Overview of the latest RFID Research 21 st March 20079 Anti-counterfeiting and Security Authentication Lightweight Cryptography

10 Overview of the latest RFID Research 21 st March 2007 10 Auto-ID Labs In 2006 Global Auto-ID Labs launched the Flagship Project Anti-Counterfeiting and Secure Supply-Chain Focuses on protection against counterfeiting and on product traceability. The main emphasis is on EPC technology without neglecting other methods. In addition to the technology, topics include the impacts on processes within an enterprise, the assessment of customer acceptance and the analysis of business cases in order to examine operational efficiency. http://www.autoidlabs.org/publications/page.html

11 Overview of the latest RFID Research 21 st March 2007 11 RFID Channels Insecure communication channel Authorised Interrogator Powering channel Forward channel (Reader to Tag commands) Backward channel (Tag to Reader responses) Legitimate Tag Physical channel

12 Overview of the latest RFID Research 21 st March 2007 12 Security and Privacy Concepts Security aims Confidentiality Integrity Authentication Non-reputation Availability Privacy aims Anonymity Unlinkability

13 Overview of the latest RFID Research 21 st March 2007 13 Security Models Unconditional security Perfect security, assumes unrestricted computational power of an adversary Computational security No known algorithm to break it within polynomial time Practical security No breaking algorithm within N operations, with N chosen to be high. Modern primitives offer practical security. Provable security Possible to show the complexity of breaking a primitive is equivalent to solving a well know supposedly hard mathematical problem

14 Overview of the latest RFID Research 21 st March 2007 14 Security Services Confidentiality Only authorised parties receive information Authentication The ability of a party to be sure the message is from a claimed source Integrity Assures us a message is not altered on the way Non-reputation Proof of transmission and reception Access Control Restricts and controls access to a system Availability Provides means to assure a system is available when needed

15 Overview of the latest RFID Research 21 st March 2007 15 Attacks Ciphertext-only attack Known-plaintext attack Chosen-plaintext attack Adaptive chosen-plaintext attack Chosen-ciphertext attack Adaptive chosen-ciphertext attack Known-key attack Man-in-the-middle attack Replay attack Impersonation attack Dictionary attack Incomplete session attack

16 Overview of the latest RFID Research 21 st March 2007 16 Some Security Issues Eavesdropping Corporate espionage. Victim of theft Cloning and Physical attacks Fraud: counterfeiting RFID-labeled items. Theft: replace merchandise with decoy label. Denial of service. Corrupt data with fake tags. Disrupt RFID-dependent infrastructures. Communication layer weaknesses Insecurities from tag generated random numbers Power analysis of the powering channel

17 Overview of the latest RFID Research 21 st March 2007 17 Some Privacy Issues Profiling Identify a person’s interest by the RFID items they carry Tracking Any RFID item can potentially identify the person If a payment is made via a credit card, any tags on that person can be used to identify that person, and track them Once the identity is known they can be tracked. RFID enabled currency can be used to determine cash on a target.

18 Overview of the latest RFID Research 21 st March 2007 18 RFID Security Framework Low cost labels. 200-4000 gates available for security (cost limitation). Time available for operations : 5 -10 ms. Label reading speeds: 1000-1500 labels/s. Data transmission rates: in the order of 100kbps. Labels reveal their presence through a non-identifying signal. The long term security of label contents can not be guaranteed. Power utilization of security related silicon should not exceed the tag power consumption range of 50-100 microwatts.

19 Overview of the latest RFID Research 21 st March 2007 19 Initial Proposals Kill tags at checkout. Customers may want to build applications. Erase unique identifiers at checkout. Still allows tracking by tag “constellations”. Restrict and detect unauthorized reads. Cheap to build, hard to always detect. Some scope is found with security schemes designed with reader distance based trust Use strong cryptography to protect tags. Too expensive for low-cost (5-cent) tags.

20 Overview of the latest RFID Research 21 st March 200720 Cryptography

21 Overview of the latest RFID Research 21 st March 2007 21 Kerchoff’s principle Do not rely on keeping an algorithm secret. Even if you think no one will think of it, someone almost certainly will. Publish an algorithm but keep the key secret. That key should be chosen from amongst a large number of possible keys, that could be used. Have some mathematical foundation for the belief that it will be hard to extract the key from what can be overheard.

22 Overview of the latest RFID Research 21 st March 2007 22 Shannon insights Add confusion and diffusion Confusion: encoding the information, e.g.  Swapped (A -> X), shifted (A +3 =D), or A c (mod p), Diffusion: spreading the information, adding redundant information, or noise

23 Overview of the latest RFID Research 21 st March 2007 23 Public Key Cryptography Public key ciphers Examples RSA Diffie-Hellman ECC Digital signatures These form the second group of keyed cryptographic tools. Based on key pairs instead a single shared key. Only one key need be kept secret. Sometimes called asymmetric key systems. The receiving party issues the public encrypting key and keeps to itself the decrypting key.

24 Overview of the latest RFID Research 21 st March 2007 24 Public Key Encryption The key pair used in the example is the secret key SBob of Bob and the public key PBob of Bob.

25 Overview of the latest RFID Research 21 st March 2007 25 Precautions needed In practice P is prime of 300 digits and a and b are at least 100 digits long Is vulnerable to man in the middle attack Cure is to digitally sign what is sent if a public key infrastructure is available, or use a pre-shared password.

26 Overview of the latest RFID Research 21 st March 2007 26 Elliptic Curve Cryptography Uses the discrete log problem but over a finite abelian group of points x, y on an elliptic curve y 2 = x 3 + a*x + b mod (p) ECC keys can be shorter for the same security when compared with other systems No mathematical proof of the difficulty has been published but the scheme is accepted as a standard by USA National Security Agency. Keys must be large enough. A 109 bit key has been broken (roughly same security to RSA 640) 160 bits ECC - same security as RSA 1024 bits. 224 bits ECC - same security as RSA 2048 bits.

27 Overview of the latest RFID Research 21 st March 200727 One Time Codes

28 Overview of the latest RFID Research 21 st March 2007 28 Need for something simpler RFID tags cannot support the computing burdens of the usual systems that are supported by significant computing power at both ends of a communication link, nor even of the lightweight protocols listed above. There is a need for something significantly simpler One Time Codes Only proven security method by Shannon Entropy (1949) Provides Perfect Secrecy

29 Overview of the latest RFID Research 21 st March 2007 29 One time codes: 1 Have available a set of purely random numbers in the tag and matching tag dependent number in a secure data based Some are to authenticate the tag to a reader, some to authenticate a reader to a tag, some might be to permit authenticated change of tag identity to prevent trace of items Use certain of these to XOR with tag identities to disguise them from eavesdroppers.

30 Overview of the latest RFID Research 21 st March 2007 30 One time codes: 2 Need a large supply to cater for many authentications Options Reserve a pair for final authentication by end user Recharge in a secure environment Assume an eavesdropper cannot be every where and use old codes for identity change for fresh reader or tag authentications Better to use a shrinking function

31 Overview of the latest RFID Research 21 st March 200731 Shrinking Generators

32 Overview of the latest RFID Research 21 st March 2007 32 The Shrinking Function Two linear shift registers, A (data) and S (sampling), with different seeds, clocked together. Outputs are combined as follows If S is 1, output is A If S is 0, there is no output and another clock is applied This scheme has been resistant to cryptanalysis for 12 years. No known attacks if feedback polynomials are secret and registers are too long for an exhaustive search.

33 Overview of the latest RFID Research 21 st March 2007 33 Shrinking Generator Minimal hardware complexity Shrink the output from LFSR R1 Produce irregular sequence K Practical alternative to a one time pads Known attacks have exp time complexity  Keep connection polynomials secret  Use maximum length LFSRs LFSR R2 LFSR R1 Output (K) CE CLK D Q Buffer Clock

34 Overview of the latest RFID Research 21 st March 200734 Physically Uncloneable Functions in RFID

35 Overview of the latest RFID Research 21 st March 2007 35 Simple challenge-response protocol Reader chooses a challenge, x, which is a random number and transmits it to the label. The label computes and transmits the value y to the reader (here e is the encryption rule that is publicly known and K is a secret key known only to the reader and the particular label). The reader then computes. Then the reader verifies that. )(xey K 

36 Overview of the latest RFID Research 21 st March 2007 36 A lightweight primitive Physically Uncloneable Functions Easy to compute but hard to predict Alternative to storing keys on insecure hardware devices f(c 1,c 2,c 3,…,c m, k) { c 1,c 2,c 3,…,c m } }1,0{),...,,,( 321  n ccccc where {r}{r} }1,0{),...,,,( 321  m rrrrr k ={ gate and wire delay variations due to IC fabrication process variations}

37 Overview of the latest RFID Research 21 st March 2007 37 Use of PUFs on RFID tags to securely store keys 800 challenge-response pairs to uniquely identify over 10 9 chips PUF structure

38 Overview of the latest RFID Research 21 st March 2007 38 Tag authentication Use sets of challenges and responses to authenticate tags The response bit string can be compared with that stored in a secure database Similarly to a one time pad, challenges can not be used again

39 Overview of the latest RFID Research 21 st March 2007 39 Backend support A secure backend database is required to store challenge response pairs A secure method of distributing challenge response pairs are required Labels need to be characterised prior to deployment

40 Overview of the latest RFID Research 21 st March 2007 40 Lightweight hardware Use XOR operation to allow challenge sets to be reused simple to implement and low computation complexity

41 Overview of the latest RFID Research 21 st March 2007 41 Mutual authentication Use Reader generated Random numbers Reuse hardware on tag (CRC generator) Achieves mutual authentication and prevents unauthorised users from obtaining tag EPC

42 Overview of the latest RFID Research 21 st March 200742 Specialised RFID tag antenna design Tag Constraints Small UHF Animal Ear Tag (pigs) Small HF Animal Ear Tags (pigs, sheep) Compact Metal Mount Tags (UHF) Dual Frequency Tag Antennas

43 Overview of the latest RFID Research 21 st March 2007 43 RFID Tag Constraints Consist of Basic requirement: - Compact - Reliable - Inexpensive

44 Overview of the latest RFID Research 21 st March 200744 Small UHF Animal Ear Tags

45 Overview of the latest RFID Research 21 st March 2007 45 A Simple Loop Antenna Front view Back view

46 Overview of the latest RFID Research 21 st March 2007 46 UHF ear tag

47 Overview of the latest RFID Research 21 st March 200747 Small HF Animal Ear Tags

48 Overview of the latest RFID Research 21 st March 2007 48 HF ear tag

49 Overview of the latest RFID Research 21 st March 200749 Compact Metal Mount UHF Tag

50 Overview of the latest RFID Research 21 st March 2007 50 Metallic Environment Surrounding  Warehouses full of metallic shelves  Industrial area with heavy machinery Object to be identified Canned food Metallic mechanical parts Metallic beer kegs Challenge To get sufficient fields to reach RFID tag antenna near metal.

51 Overview of the latest RFID Research 21 st March 2007 51 Common Tag for Metallic Objects Conventional planar passive UHF RFID tags not suitable for metallic item identification. Existing RFID tags Normally big in area. To be small, need high dielectric constant substrate which may be expensive.

52 Overview of the latest RFID Research 21 st March 2007 52 Design Concept Small in size Hrec = 10 mm, Lrec = 25 mm, Wrec = 5 mm Exploits the theory of boundary conditions for better performance

53 Overview of the latest RFID Research 21 st March 2007 53 Compact UHF Metal Mount Tag The UHF antenna design for tagging metallic objects Small top loaded monopole above a ground with a series inductor to achieve a reasonable match to the RFID chip impedance.

54 Overview of the latest RFID Research 21 st March 200754 Dual Frequency Antenna UHF and HF

55 Overview of the latest RFID Research 21 st March 2007 55 Dual Frequency Antenna Supply Chain uses UHF Range Some Item Level Tagging application require HF Local Fields (reduced read range) No known impact on materials,  Pharmaceuticals Both UHF and HF Item Level Tagging workgroups defining an air interface protocol that is functionally equivalent Chip designs may soon be released that conform to both EPCglobal’s HF and UHF specifications Need for a two port dual frequency antenna

56 Overview of the latest RFID Research 21 st March 2007 56 Concept Merge HF loop antenna and UHF dipole antenna, by providing a matching circuit Transforms the UHF short circuit present at the HF antenna terminals to an open circuit at the UHF dipole HF antenna consists of overlapping coils to provide capacitance Gap on UHF antenna prevents short of HF antenna, but strip on underside provides a UHF path.

57 Overview of the latest RFID Research 21 st March 2007 57 Practical Example

58 Overview of the latest RFID Research 21 st March 200758 Conclusions

59 Overview of the latest RFID Research 21 st March 2007 59 Conclusions Auto-ID Lab, Adelaide setup to provide assistance to Australasian Industry in adopting EPCglobal technology Current research directed to RFID solutions in security, authentication, and anti-counterfeiting Public Key Cryptography and or Secret Channel, Symmetric Key, (eg: DES, newer AES) are all well established but cannot be applied, directly to RFID tags  Severe cost constraints and other limitations restrains the use of complex security engines Some approaches using one time codes, PUFs and shrinking functions are promising. Vulnerabilities are still being researched. Active research and development in small UHF and HF tag antennas

60 Overview of the latest RFID Research 21 st March 200760 Most papers and presentations on our website http://autoidlabs.eleceng.adelaide.edu.au/researchpapers.htm

61 Overview of the latest RFID Research 21 st March 200761 Questions

62 Overview of the latest RFID Research 21 st March 2007 62 Further Information Alfio Grasso Deputy Director Auto-ID Lab, Adelaide University of Adelaide Web: autoidlab.eleceng.adelaide.edu.au/autoidlab.eleceng.adelaide.edu.au/ Email : alf@eleceng.adelaide.edu.aualf@eleceng.adelaide.edu.au Ph: +61-8- 8303 6473 Mob: +61 402 037 968

Download ppt "Overview of the latest RFID Research 21 st March 20071 Overview of the latest RFID Research at Auto-ID Lab, ADELAIDE Alfio Grasso Deputy Director, Auto-ID."

Similar presentations

1 Auto-ID Lab ADELAIDE (RFID Automation) Alfio Grasso Deputy Director Auto-ID Lab Adelaide General Manager RFID Automation.

1 Auto-ID Lab ADELAIDE (RFID Automation) Alfio Grasso Deputy Director Auto-ID Lab Adelaide General Manager RFID Automation.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Physical Unclonable Functions and Applications

Physical Unclonable Functions and Applications
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.

A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
CS1001 Lecture 24. Overview Encryption Encryption Artificial Intelligence Artificial Intelligence Homework 4 Homework 4.

CS1001 Lecture 24. Overview Encryption Encryption Artificial Intelligence Artificial Intelligence Homework 4 Homework 4.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Similar presentations

Ads by Google