A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan...
Introduction - EPCglobal <ul><li>EPCglobal Inc™  </li></ul><ul><ul><li>Industry-driven standards  </li></ul></ul><ul><ul><...
Contents <ul><li>Introduction </li></ul><ul><li>RFID-based supply chain management system </li></ul><ul><ul><li>EPCglobal ...
EPCglobal Architecture Framework A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme EPC-IS
Introduction - Tag’s 4 Memory Blocks A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme <ul><li>**We...
Introduction - RESERVED Memory Block <ul><li>Manufacturer of the product stores  APwd and KPwd  in the Reserved Memory Ban...
Security Threats and Requirements <ul><li>Tag-Reader Mutual Authentication </li></ul><ul><ul><li>Malicious RFID Readers </...
One-Way Reader to Tag Authentication Proposed by EPCglobal A Simple and Cost-effective RFID Tag-Reader Mutual Authenticati...
Security Weakness – EPCglobal Schheme – Exposed APwd A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Sch...
Goals <ul><li>Tag-Reader mutual authentication </li></ul><ul><ul><li>simple, light-weight, practically secure (supply chai...
Goals <ul><ul><li>NO cryptographic (hash) functions/keys within the tag  </li></ul></ul><ul><ul><li>NO tag - reader synchr...
Proposed Tag-Reader Mutual Authentication Scheme <ul><li>Emphasis on Tag’s Access & Kill Password </li></ul><ul><li>Manufa...
A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Proposed Tag-Reader Mutual Authentication
A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
Pad Generation Function: PadGen(.) [1/3] A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
Pad Generation Function: PadGen(.) [2/3] A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Random N...
Pad Generation Function: PadGen(.) [3/3] A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Tag’s Logical Memory & Access Password Map
Security Analysis [1/4] <ul><li>Possible Attacks </li></ul><ul><ul><li>APwd & KPwd are only 32-bits </li></ul></ul><ul><ul...
Security Analysis [2/4] <ul><li>Reader Impersonation Attack:  </li></ul><ul><ul><li>Reader to authenticate first to tag </...
Security Analysis [3/4] <ul><li>Tag's Access Password Never Exposed: </li></ul><ul><ul><li>Does not use random numbers sen...
Security Analysis [4/4] <ul><li>Secure against Replay Attacks: </li></ul><ul><ul><li>We use two random numbers each, gener...
Implementation Analysis [1/2] <ul><li>Overhead Analysis </li></ul><ul><ul><li>Secure channel between tag and manufacturer ...
Implementation Analysis [2/2] <ul><li>Light-Weight Tag-Reader Mutual Authentication: </li></ul><ul><ul><li>Our scheme does...
Conclusion <ul><li>Our scheme  </li></ul><ul><ul><li>Not fully secure  </li></ul></ul><ul><ul><li>Simple, cost-effective, ...
Thank you! Q&A International Research Center for Information Security
Upcoming SlideShare
Loading in …5
×

A Simple and Cost-effective RFID Tag-Reader Mutual ...

1,115 views

Published on

Published in: Business, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,115
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
27
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

A Simple and Cost-effective RFID Tag-Reader Mutual ...

  1. 1. A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, kkj}@icu.ac.kr International Research Center for Information Security CONFERENCE ON RFID SECURITY-07
  2. 2. Introduction - EPCglobal <ul><li>EPCglobal Inc™ </li></ul><ul><ul><li>Industry-driven standards </li></ul></ul><ul><ul><li>RFID in supply chain management </li></ul></ul><ul><li>We consider </li></ul><ul><ul><li>EPCglobal Architecture Framework </li></ul></ul><ul><ul><li>EPCglobal Class 1 Gen 2 UHF RFID Protocol </li></ul></ul>A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  3. 3. Contents <ul><li>Introduction </li></ul><ul><li>RFID-based supply chain management system </li></ul><ul><ul><li>EPCglobal Architecture Framework </li></ul></ul><ul><li>Security Threats and Requirements </li></ul><ul><li>Security Assessment of Class 1 Gen 2 UHF RFID Protocol </li></ul><ul><li>Proposed Tag-Reader Mutual Authentication Scheme </li></ul><ul><ul><li>Scheme </li></ul></ul><ul><ul><li>Analysis </li></ul></ul><ul><li>Conclusion and Future Work </li></ul>A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  4. 4. EPCglobal Architecture Framework A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme EPC-IS
  5. 5. Introduction - Tag’s 4 Memory Blocks A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme <ul><li>**We Focus on RESERVED memory Block** </li></ul><ul><li>RESERVED memory Block has…. </li></ul><ul><ul><li>Access Password (APwd) </li></ul></ul><ul><ul><li>Kill Password (KPwd) </li></ul></ul>
  6. 6. Introduction - RESERVED Memory Block <ul><li>Manufacturer of the product stores APwd and KPwd in the Reserved Memory Bank </li></ul><ul><li>Reserved Memory Bank is R/W LOCKED, </li></ul><ul><ul><li>Cannot be Read </li></ul></ul><ul><ul><li>Cannot be Re-Written </li></ul></ul>A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  7. 7. Security Threats and Requirements <ul><li>Tag-Reader Mutual Authentication </li></ul><ul><ul><li>Malicious RFID Readers </li></ul></ul><ul><ul><ul><li>Snoop, corrupt, manipulate </li></ul></ul></ul><ul><ul><li>Cloned Fake RFID Tags </li></ul></ul><ul><ul><ul><li>Counterfeit products </li></ul></ul></ul><ul><ul><li>Man-in-the-Middle Attack </li></ul></ul><ul><ul><ul><li>Eavesdrop and impersonate </li></ul></ul></ul><ul><li>Tamperproof Tags </li></ul><ul><ul><li>RFID Tag Snatching </li></ul></ul>A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  8. 8. One-Way Reader to Tag Authentication Proposed by EPCglobal A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme <ul><li>Proposed by EPCglobal Class 1 Gen 2 UHF RFID Protocol </li></ul><ul><li>Not Secure </li></ul><ul><li>Un-encrypted openly sent random numbers used as pads to cover-code tag’s APwd </li></ul><ul><li>Tag’s Access Password easily exposed to disgruntled employee managing hand-held reader </li></ul>
  9. 9. Security Weakness – EPCglobal Schheme – Exposed APwd A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Manufacturer Reader Tag Unauthorized Access Fake Cloned Tags APwd APwd Apwd (Exposed) Only one-way Reader-to-Tag Authentication Malicious, Compromised Reader Disgruntled Employee
  10. 10. Goals <ul><li>Tag-Reader mutual authentication </li></ul><ul><ul><li>simple, light-weight, practically secure (supply chain) </li></ul></ul><ul><li>A better cover-code or obscure tag APwd </li></ul><ul><li>Secure distribution of obscured tags' APwd to stakeholder's RFID readers </li></ul><ul><li>The manufacturer: implicitly keep track on the whereabouts of its products. </li></ul><ul><li>Our scheme adheres to EPCglobal standards </li></ul>A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  11. 11. Goals <ul><ul><li>NO cryptographic (hash) functions/keys within the tag </li></ul></ul><ul><ul><li>NO tag - reader synchronization security keys/hash values. </li></ul></ul><ul><li>We improve scheme proposed by EPCglobal to accommodate tag-reader mutual authentication. </li></ul><ul><ul><li>Our scheme utilizes tag's already existing, </li></ul></ul><ul><ul><ul><li>16-bit random number generator, </li></ul></ul></ul><ul><ul><ul><li>XOR function, </li></ul></ul></ul><ul><ul><ul><li>Access & Kill Passwords. </li></ul></ul></ul>A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  12. 12. Proposed Tag-Reader Mutual Authentication Scheme <ul><li>Emphasis on Tag’s Access & Kill Password </li></ul><ul><li>Manufacturer of the product is involved in the mutual authentication process </li></ul><ul><li>Scenario: </li></ul><ul><ul><li>A pallet has reached the distributor </li></ul></ul><ul><ul><li>Distributor’s reader query tag on pallet </li></ul></ul><ul><ul><li>Reader and Tag must authenticate each other </li></ul></ul><ul><ul><li>Reader does not know tag’s Apwd </li></ul></ul><ul><ul><li>Reader contact manufacturer and follow this procedure </li></ul></ul>A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  13. 13. A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Proposed Tag-Reader Mutual Authentication
  14. 14. A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  15. 15. A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  16. 16. Pad Generation Function: PadGen(.) [1/3] A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  17. 17. Pad Generation Function: PadGen(.) [2/3] A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Random Numbers from Tag and Manufacturer
  18. 18. Pad Generation Function: PadGen(.) [3/3] A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  19. 19. A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Tag’s Logical Memory & Access Password Map
  20. 20. Security Analysis [1/4] <ul><li>Possible Attacks </li></ul><ul><ul><li>APwd & KPwd are only 32-bits </li></ul></ul><ul><ul><li>Brute-force attack or ciphertext-only attack </li></ul></ul><ul><li>Practically Secure </li></ul><ul><ul><li>An enclosure (warehouse) that is sealed from external noise and radio signals from malicious readers. </li></ul></ul><ul><ul><li>RFID supply chain processing environment </li></ul></ul><ul><ul><ul><li>Extremely fast paced </li></ul></ul></ul><ul><ul><ul><li>Not feasible to continuously eavesdrop on one particular tag-reader communication channel </li></ul></ul></ul><ul><ul><ul><li>Several bulks of items pass through several readers with in a very short interval of time. </li></ul></ul></ul>A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  21. 21. Security Analysis [2/4] <ul><li>Reader Impersonation Attack: </li></ul><ul><ul><li>Reader to authenticate first to tag </li></ul></ul><ul><ul><li>A malicious reader </li></ul></ul><ul><ul><ul><li>Does not posses both the APwd and KPwd </li></ul></ul></ul><ul><ul><ul><li>cannot access manufacturer (EPC-IS) due to lack credentials. </li></ul></ul></ul><ul><li>Cloned Fake Tags and Tag Impersonation Attack: </li></ul><ul><ul><li>Tag to authenticate to the manufacturer. </li></ul></ul><ul><ul><li>A malicious tag or a cloned fake tag </li></ul></ul><ul><ul><ul><li>Do not posses both the APwd and KPwd, </li></ul></ul></ul><ul><ul><li>Manufacturer must detect and terminate the communication, </li></ul></ul><ul><ul><ul><li>if a tag emulator using the same or weak random numbers </li></ul></ul></ul><ul><ul><ul><li>if tag is not moving through the supply chain processing </li></ul></ul></ul>A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  22. 22. Security Analysis [3/4] <ul><li>Tag's Access Password Never Exposed: </li></ul><ul><ul><li>Does not use random numbers sent in an un-encrypted form as pads </li></ul></ul><ul><ul><li>Generated pads are known only to tag and manufacturer </li></ul></ul><ul><li>Secure against Insider Attacks: </li></ul><ul><ul><li>Does not deliver the tag's APwd to any of the stakeholder's reader. </li></ul></ul><ul><ul><li>The reader relays only the cover-coded APwd </li></ul></ul><ul><ul><li>RFID “system level check&quot;, </li></ul></ul><ul><ul><ul><li>A compromised reader is continuously trying to interrogate only one particular tag </li></ul></ul></ul>A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  23. 23. Security Analysis [4/4] <ul><li>Secure against Replay Attacks: </li></ul><ul><ul><li>We use two random numbers each, generated by both the tag and the manufacturer. </li></ul></ul><ul><ul><li>As unique random numbers generate unique pads </li></ul></ul><ul><li>Password Scalability: </li></ul><ul><ul><li>We adhered to the 32-bit passwords </li></ul></ul><ul><ul><li>Our scheme can still be applicable, and more strengthened, when the length of the APwd and KPwd is extended </li></ul></ul>A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  24. 24. Implementation Analysis [1/2] <ul><li>Overhead Analysis </li></ul><ul><ul><li>Secure channel between tag and manufacturer </li></ul></ul><ul><ul><ul><li>PKI-based certificate, encryption and signature schemes – may be expensive </li></ul></ul></ul><ul><ul><li>Reader communicate with manufacturer to authenticate every tag </li></ul></ul><ul><li>To reduce this overhead, </li></ul><ul><ul><li>The manufacturer can setup a secure server at every stakeholder's supply chain processing facility </li></ul></ul><ul><ul><li>Only, the manufacturer can remotely access, monitor, and manage this server and also update the server with tags' Access & Kill passwords </li></ul></ul><ul><ul><li>We can also assume that the manufacturer's EPC-IS is a highly resource rich entity, which is designed to take heavy computational and storage load. </li></ul></ul><ul><ul><li>Secure channel with only Keyed-Message Authentication Code (MAC) </li></ul></ul>A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  25. 25. Implementation Analysis [2/2] <ul><li>Light-Weight Tag-Reader Mutual Authentication: </li></ul><ul><ul><li>Our scheme does not use any special cryptographic functions. </li></ul></ul><ul><ul><li>Tag already has capability </li></ul></ul><ul><ul><ul><li>XOR operations, </li></ul></ul></ul><ul><ul><ul><li>Generate random numbers, </li></ul></ul></ul><ul><ul><ul><li>Temporarily store random numbers </li></ul></ul></ul><ul><ul><ul><li>Fetch the APwd and KPwd </li></ul></ul></ul><ul><li>Our scheme just needs an additional </li></ul><ul><ul><li>Five 16-bit temporary storage memory slots </li></ul></ul><ul><ul><li>four random numbers from the manufacturer and one for PadGen(.) function. </li></ul></ul><ul><ul><li>Class-1 Gen-2 tags can have a 512-bit memory capacity or more (depending on the manufacturer) </li></ul></ul>A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  26. 26. Conclusion <ul><li>Our scheme </li></ul><ul><ul><li>Not fully secure </li></ul></ul><ul><ul><li>Simple, cost-effective, light-weight to be implemented on tag </li></ul></ul><ul><ul><li>Practically secure, </li></ul></ul><ul><ul><li>Highly suitable to the RFID-based supply chain processing scenario </li></ul></ul><ul><ul><li>Adhere to EPCglobal standard </li></ul></ul><ul><li>Our scheme provides considerable challenges to thwart </li></ul><ul><ul><li>Cloned fake tags </li></ul></ul><ul><ul><li>Malicious readers </li></ul></ul><ul><ul><li>Disgruntled employees or compromised readers </li></ul></ul><ul><ul><li>Tag’s APwd leakage </li></ul></ul><ul><ul><li>Man-in-the-middle attacks </li></ul></ul>A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme
  27. 27. Thank you! Q&A International Research Center for Information Security

×