Efficient and Low-Cost RFID Authentication Schemes

2009

Radio Frequency IDentification (RFID) is emerging in a variety of applications as an important technology for identifying and tracking goods and assets. The spread of RFID technology, however, also gives rise to significant user privacy and security issues. One possible solution to these challenges is the use of a privacy-enhancing cryptographic protocol to protect RFID communications.

2010

Radio frequency identification (RFID) technology has been widely used in ubiquitous infrastructures. However, resource constraint in the low-cost RFID systems has posed potential risks such as privacy and security problems, becoming adoption barrier for RFID-based applications. In this paper, current security issues in RFID are introduced firstly. Then, we propose a lightweight Antidesynchronization privacy preserving RFID authentication protocol. It is particularly suitable for the low-cost RFID environment for only the capacity of one-way hash function and XOR operation is needed. In this lightweight Antidesynchronization RFID authentication protocol, the backend server keeps the history of the random key update to prevent the active attackers from de-synchronizing the shared secret between the tag and the back-end server. The security and the performance of the proposed protocol are analyzed as well.

2006

RFID tags are devices of very limited computational capabilities, which only have 250-3K logic gates that can be devoted to security-related tasks. Many proposals have recently appeared, but all of them are based on RFID tags using classical cryptographic primitives such as PRNGs, hash functions, block ciphers, etc. We believe this assumption to be fairly unrealistic, as classical cryptographic constructions lie well beyond the computational reach of very low-cost RFID tags. A new approach is necessary to tackle this problem, so we propose an extremely efficient lightweight mutual-authentication protocol that offers an adequate security level for certain applications and can be implemented even in the most limited low-cost RFID tags, as it only needs around 150 gates.

Proceedings of the first ACM conference on …, 2008

In this paper, we investigate the possible privacy and security threats to RFID systems, and consider whether previously proposed RFID protocols address these threats. We then propose a new authentication protocol which provides the identified privacy and security features and is also efficient. The new protocol resists tag information leakage, tag location tracking, replay attacks, denial of service attacks, backward traceability, forward traceability (under an assumption), and server impersonation (also under an assumption). We also show that it requires less tag-side storage and computation than other similarly structured RFID protocols.

2005

for object identification as a ubiquitous infrastructure. However, current low-cost RFID tags are highly resource-constrained and cannot support its long-term security, so they have potential risks and may violate privacy for their bearers. To remove security vulnerabilities, we propose a robust mutual authentication protocol between a tag and a back-end server for low-cost RFID system that guarantees data privacy and location privacy of tag bearers. Our protocol firstly provides reader authentication and prevent active attacks based on the assumption that a reader is no more a trusted third party and the communication channel between the reader and the back-end server is insecure like wireless channel. Also, the proposed protocol exhibits forgery resistant against simple copy, or counterfeiting prevailing RFID tags. As tags only have hash function and exclusive-or operation, our proposed protocol is very feasible for low-cost RFID system compared to the previous works. The formal proof of correctness of the proposed authentication protocol is given based on GNY logic.

Lecture Notes in Computer Science, 2010

The design of secure authentication solutions for low-cost RFID tags is still an open and quite challenging problem, though many algorithms have been published lately. In this paper, we analyze two recent proposals in this research area. First, Mitra's scheme is scrutinized, revealing its vulnerability to cloning and traceability attacks, which are among the security objectives pursued in the protocol definition [1]. Later, we show how the protocol is vulnerable against a full disclosure attack after eavesdropping a small number of sessions. Then, we analyze a new EPC-friendly scheme conforming to EPC Class-1 Generation-2 specification (ISO/IEC 180006-C), introduced by Qingling and Yiju [2]. This proposal attempts to correct many of the well known security shortcomings of the standard, and even includes a BAN logic based formal security proof. However, notwithstanding this formal security analysis, we show that Qingling et al.'s protocol offers roughly the same security as the standard they try to improve, is vulnerable to tag and reader impersonation attacks, and allows tag traceability.

International Journal of Internet Technology and Secured Transactions, 2010

Indeed, RFID technology may well replace barcode technology. Although it offers many advantages over other identification systems, there are also associated security risks that are not easy to be addressed. When designing a real lightweight authentication protocol for low cost RFID tags, a number of challenges arise due to the extremely limited computational, storage and communication abilities of Low-cost RFID tags. This paper proposes a real mutual authentication protocol for low cost RFID tags. The proposed protocol prevents passive attacks as active attacks are discounted when designing a protocol to meet the requirements of low cost RFID tags. However the implementation of the protocol meets the limited abilities of low cost RFID tags.

2009

At the onset of the ubiquitous computing era, systems need to respond to a variety of challenges, in order to capitalize on the benefits of pervasiveness. One of the pivotal enablers of pervasive computing is the RFID technology which can be successfully applied in numerous applications. However, the interaction of such applications with sensitive personal data renders the need for assuring confidentiality a sine qua non. The native limitations in computing resources, ie, computational power, memory etc, that characterize ...

Wireless Personal Communications, 2010

Many RFID authentication protocols have been proposed to preserve security and privacy. Nevertheless, most of these protocols are analyzed and it is shown that they can not provide security against some RFID attacks. Moreover, some of the secure ones are criticized, because they suffer from scalability at the reader/server side as in tag identification or authentication phase they require a linear search depending on number of tags in the system. Recently, new authentication protocols have been presented to solve scalability issue, i.e. they require constant time for tag identification with providing security. In this paper, we analyze two of these new RFID authentication protocols SSM (very recently proposed by Song and Mitchell) and LRMAP (proposed by Ha et al.) and to the best of our knowledge, they have received no attacks yet. These schemes take O(1) work to authenticate a tag and are designed to meet the privacy and security requirements. The common point of these protocols is that normal and abnormal states are defined for tags. In the normal state, server authenticates the tag in constant time, while in the abnormal state, occurs rarely, authentication is realized with linear search. We show that, however, these authentication protocols do not provide untraceability which is one of their design objectives. We also discover that the SSM protocol is vulnerable to a desynchronization attack, that prevents a legitimate reader/server from authenticating a legitimate tag. Furthermore, in the light of these attacks, we conclude that allowing tags to be in different states may give clue to an adversary in tracing the tags, although such a design is preferred to achieve scalability and efficiency at the server side.

International Journal of Network Security & Its Applications, 2010

Indeed, RFID technology may well replace barcode technology. Although it offers many advantages over other identification systems, there are also associated security risks that are not easy to be addressed. When designing a real lightweight authentication protocol for low cost RFID tags, a number of challenges arise due to the extremely limited computational, storage and communication abilities of Low-cost RFID tags. This paper proposes a real mutual authentication protocol for low cost RFID tags. The proposed protocol prevents passive attacks as active attacks are discounted when designing a protocol to meet the requirements of low cost RFID tags. However the implementation of the protocol meets the limited abilities of low cost RFID tags.

Emerging Directions in Embedded and Ubiquitous Computing

RFID technology is a ubiquitous technology, and seems destined to become more a more ubiquitous. Traditional cryptographic primitives are not supported on low-cost RFID tags since, at most, 4K gates can be devoted to security-related tasks. Despite this, there are a vast number of proposals based on the use of classical hash functions, an assumption that is not realistic (at least at the present time). Furthermore, none of the published authentication protocols are resistant to active attacks. We try to address these two issues in this work by designing a new authentication protocol, secure against passive and active attacks, inspired by Shieh et al.'s protocol for smart-cards, but adapted to RFID systems. The original Shieh et al.'s scheme is considered one of the most secure an efficient protocols in the smart-card field. Because in this protocol tags should support a hash-function on-board, a new lightweight hash function, named Tav-128, is also proposed. A preliminary security analysis is shown, as well as a study on its hardware complexity, which concludes that its implementation is possible with around 2.6K gates.

2006

Low-cost Radio Frequency Identification (RFID) tags affixed to consumer items as smart labels are emerging as one of the most pervasive computing technologies in history. This presents a number of advantages, but also opens a huge number of security problems that need to be addressed before its successful deployment. Many proposals have recently appeared, but all of them are based on RFID tags using classical cryptographic primitives such as Pseudorandom Number Generators (PRNGs), hash functions, or block ciphers. We believe this assumption to be fairly unrealistic, as classical cryptographic constructions lie well beyond the computational reach of very low-cost RFID tags. A new approach is necessary to tackle the problem, so we propose a minimalist lightweight mutual authentication protocol for low-cost RFID tags that offers an adequate security level for certain applications, which could be implemented even in the most limited low-cost tags as it only needs around 300 gates.

Concurrency and Computation: Practice and Experience, 2012

In 2008, a scalable radio frequency identification (RFID) authentication protocol was proposed by Yanfei Liu to provide security and privacy for RFID tags. This protocol only needs O.1/ time complexity to find out the identifier of the RFID tag irrespective of the total number of the tags in the system. Based on our analysis, however, a security flaw, which has gone unnoticed in the design of the protocol, makes the scheme vulnerable to tracking attack, tag impersonation attack, and desynchronization attack, if the attacker has the possibility to tamper with only one RFID tag. Because low-cost devices are not tamper-resistant, such an attack could be feasible, and we can apply the resulting attacks on authentication, untraceability, and desynchronization resistance of the protocol. To counteract such flaws, we revise the scheme with a stateful variant and also show that the proposed model requires less tag and server-side computation. PRACTICAL ATTACKS AND IMPROVEMENTS TO AN RFID PROTOCOL 2071 3. RELATED WORK ‡ A protocol is backward traceable if an adversary has all the internal state of a target tag at time t and he is able to trace the past interactions of the tag that occurred at time t 0 < t. In the learning phase of the attack, two tags T 0 and T 1 are selected, and the tag T 0 is queried by the adversary A, and he captures x 0 of T 0 .