Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 /10 Pascal URIEN, IETF 80 th, Tuesday 29 th March 2011, Prague, Czech Republic draft-irtf-hiprg-rfid-02 HIP support for RFIDs

Published byMarjory Wilkerson Modified over 9 years ago

Similar presentations

Presentation on theme: "1 /10 Pascal URIEN, IETF 80 th, Tuesday 29 th March 2011, Prague, Czech Republic draft-irtf-hiprg-rfid-02 HIP support for RFIDs"— Presentation transcript:

1

2 1 /10 Pascal URIEN, IETF 80 th, Tuesday 29 th March 2011, Prague, Czech Republic draft-irtf-hiprg-rfid-02 HIP support for RFIDs Pascal.Urien@telecom-paristech.fr http://perso.telecom-paristech.fr/~urien/hiprfid/ http://www.telecom-paristech.fr

3 2 /10 Pascal URIEN, IETF 80 th, Tuesday 29 th March 2011, Prague, Czech Republic What is new in version 02 Editorial issues Typographic corrections Java code for NFC RFIDs added to the draft Only support the T-TRANSFORM 0001 Experimental platforms Tests with NFC (javacards) RFIDs Tests with smart phone equipped with the NFC technology and (U)SIM (java) cards In progress, tests with Android platform More Info http://perso.telecom- paristech.fr/~urien/hiprfid/ Comparison between HMAC or Key-Tree T-Transforms Paper published at IEEE CCNC 2011 For N RFIDs, N small, HMAC is more efficient For N RFIDs, N= p n big, Keys Tree is more efficient, with p big and n small

4 3 /10 Pascal URIEN, IETF 80 th, Tuesday 29 th March 2011, Prague, Czech Republic Conclusion: To be done HIT structure for pseudo-random coding Proposal ? Done in an other draft ? Secure Channel establishment To be specify by an other draft. HEP (HIP Encapsulation Protocol) To be specify by an other draft. Java code for RFIDs to be improved T-TRANSFORM 0002 support

5 4 /10 Pascal URIEN, IETF 80 th, Tuesday 29 th March 2011, Prague, Czech Republic HIP-RFID in a Nutshell

6 5 /10 Pascal URIEN, IETF 80 th, Tuesday 29 th March 2011, Prague, Czech Republic About RFIDs What is an RFID ? An RFID is an electronic device that delivers an identity (ID) thanks to radio means. Link with the Internet Of Things (IoT) A Thing is associated with a RFID RFID have limited computing resources Electronic chip, whose area ranges from 1mm 2 to 25mm 2 RFIDs are usually powered by readers. Very low power consumption. Objective of this draft Defining a protocol for RFIDs, compatible with the IP ecosystem. Enforcing strong privacy, i.e. no information leakage for unauthorized ears. Managing secure channel with RFIDs (Optional) Crypto Agility: cryptographic procedures adapted to RFIDs computing resources.

7 6 /10 Pascal URIEN, IETF 80 th, Tuesday 29 th March 2011, Prague, Czech Republic HIP -RFID Overview Modified BEX exchange Negotiation of the security scheme (HIT-T-TRANSFORM attribute). Third and fourth message are MACed (typically with a HMAC function) Fourth message is optional, only mandatory when a secure ESP channel has been negotiated. This SHOULD be specified in a new draft ESP MAY be used for read write operation. The HIT is a 16 bytes random number MAY include a fix part To be fixed RFIDs never expose their identity in clear text, but hide this value (typically an EPC-Code) by a particular equation (f) that can be only solved by a dedicated entity, referred as the PORTAL. f(r1,r2, ID) f can be anything that works An integrity key is computed from KI-AUTH-KEY = g(r1,r2,ID) HIP exchanges occurred between RFIDs and PORTALs; they are shuttled by IP packets, through the Internet cloud.

8 7 /10 Pascal URIEN, IETF 80 th, Tuesday 29 th March 2011, Prague, Czech Republic HIP-RFID Architecture IP MAC PHY IP MAC PHY RFID-MAC RFID-PHY RFID-MAC RFID-PHY HIP PortalRFIDReader HEP HIP Identity Solver SPI-I SPI-R ID (EPC Code) ID (EPC Code) *HEP: HIP Encapsulation Protocol

9 8 /10 Pascal URIEN, IETF 80 th, Tuesday 29 th March 2011, Prague, Czech Republic Protocol Overview RFID READER PORTAL --+-- --+-- ---+--- ! START ! ! !<---------------! ! ! ! ! ! I1-T ! ! HIT-I HIT-R ! ! ----------------------------------------------------> ! ! ! ! R1-T ! ! HIT-I HIT-R R-T(r1) HIP-T-Transforms ! ! [*ESP-Transforms] ! ! <---------------------------------------------------- ! ! ! ! I2-T ! ! HIT-I HIT-R HIP-T-Transform [*ESP-Transform] R-T(r2) ! ! F-T=f(r1, r2, ID) [* ESP-Info] MAC-T ! ! ----------------------------------------------------> ! ! ! ! R2-T ! ! HIT-I HIT-R [* ESP-Info] MAC-T ! ! <---------------------------------------------------- ! ! ! ! Optional ESP Dialog ! ! ! Optional Mandatory (partially ?) Random value Fix or NULL value Random value HMAC(KI, I2-T) HMAC(KI, R2-T)

10 9 /10 Pascal URIEN, IETF 80 th, Tuesday 29 th March 2011, Prague, Czech Republic T-TRANSFORM 0001, HMAC K = HMAC-SHA1(r1 | r2, ID) F-T = HMAC-SHA1(K, CT1 | "Type 0001 key ") CT1 = 0x00000001 (32 bits) KI-AUTH-KEY = HMAC-SHA1(K, CT2 | "Type 0001 key") CT2 = 0x00000010 (32 bits)

11 10 /10 Pascal URIEN, IETF 80 th, Tuesday 29 th March 2011, Prague, Czech Republic T-TRANSFORM 0002, Keys-Tree A Keys-Tree manages a maximum of p n RFIDs, with np keys Each RFID stores n keys RFID-Index = I= Function(EPC- Code) I= a n p n-1 + a n-1 p n-2 +… + a 1 Each term a i is associated with a key K i,j 1≤ i ≤ n 0≤ j ≤ p-1 j= a i f(r1,r2,EPC-Code)= H 1 |H 2 |…|H n Hi = HMAC(r1|r2, K i,j ) Tree depth=n p child nodes K 1,1 K 2,1 K 3,4 K 4,2

Download ppt "1 /10 Pascal URIEN, IETF 80 th, Tuesday 29 th March 2011, Prague, Czech Republic draft-irtf-hiprg-rfid-02 HIP support for RFIDs"

Similar presentations

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
Doc.: IEEE 802.11-00/087 Submission May, 2000 Steven Gray, NOKIA Jyri Rinnemaa, Jouni Mikkonen Nokia Slide 1.

Doc.: IEEE /087 Submission May, 2000 Steven Gray, NOKIA Jyri Rinnemaa, Jouni Mikkonen Nokia Slide 1.
draft-urien-tls-psk-emv-00

draft-urien-tls-psk-emv-00
Voice and Data Encryption over mobile networks July 2012 IN-NOVA TECNOLOGIC IN-ARG SA www.in-arg.com MESH VOIP.

Voice and Data Encryption over mobile networks July 2012 IN-NOVA TECNOLOGIC IN-ARG SA MESH VOIP.
Smart Card Security Xufen Gao CS 265 Spring, 2004 San Jose State University.

Smart Card Security Xufen Gao CS 265 Spring, 2004 San Jose State University.
Secure Mobile IP Communication

Secure Mobile IP Communication
UWB UWB: High speed(>100Mbps), small area(WPAN), accurate positioning and distance measuring. Blue tooth: although it’s low speed, it has a more mature.

UWB UWB: High speed(>100Mbps), small area(WPAN), accurate positioning and distance measuring. Blue tooth: although it’s low speed, it has a more mature.
Low-Power Interoperability for the IPv6 Internet of Things Presenter - Bob Kinicki Low-Power Interoperability for the IPv6 Internet of Things Adam Dunkels,

Low-Power Interoperability for the IPv6 Internet of Things Presenter - Bob Kinicki Low-Power Interoperability for the IPv6 Internet of Things Adam Dunkels,
Slide 1/7 03/17/03 56th IETF San Francisco CA, March 16-21, 2003 “EAP support in smartcards” My name is Pascal Urien, ENST Draft-urien-EAP-smartcard-01.txt.

Slide 1/7 03/17/03 56th IETF San Francisco CA, March 16-21, 2003 “EAP support in smartcards” My name is Pascal Urien, ENST Draft-urien-EAP-smartcard-01.txt.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.

Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
Doc.: IEEE 802.11-04/0408r0 Submission March 2004 Colin Blanchard, BTSlide 1 3GPP WLAN Interworking Security Colin Blanchard British Telecommunications.

Doc.: IEEE /0408r0 Submission March 2004 Colin Blanchard, BTSlide 1 3GPP WLAN Interworking Security Colin Blanchard British Telecommunications.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.

Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
1 /12 Pascal URIEN, IETF 72 rd, Monday July 28 th Dublin, Ireland draft-urien-hip-tag-00.txt HIP support for RFID

1 /12 Pascal URIEN, IETF 72 rd, Monday July 28 th Dublin, Ireland draft-urien-hip-tag-00.txt HIP support for RFID
1 /11 Pascal URIEN, IETF 77 th, Monday March 22 nd Anaheim, California draft-urien-hip-tag-03.txt HIP support for RFID

1 /11 Pascal URIEN, IETF 77 th, Monday March 22 nd Anaheim, California draft-urien-hip-tag-03.txt HIP support for RFID
Host Identity Protocol

Host Identity Protocol

Similar presentations

Ads by Google