Noisy Cryptographic Protocols for Low-Cost RFID Tags


Published on

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Noisy Cryptographic Protocols for Low-Cost RFID Tags

  1. 1. 3562 IEEE TRANSACTIONS ON INFORMATION THEORY, VOL. 52, NO. 8, AUGUST 2006 Noisy Cryptographic Protocols for Low-Cost RFID Tags Hervé Chabanne and Guillaume Fumaroli Abstract—Considering some passive eavesdropper, the fea- • Information reconciliation—They apply correction tech- sibility of exchanging some secret data between an RFID tag niques to come to a common string about which the ad- and its reader through public discussion is established. No key versary only has partial information; distribution is required by our solution; the tag and the reader do not have to share any common data to form a confidential • Privacy amplification—By applying a universal hash func- channel. For this, a natural phenomenon—the inherent noise on tion, they obtain another string about which the adversary their communication link—is exploited. Classical protocols, con- almost has no information. sisting after an initialization step in three phases called advantage In Section III, we show the benefit of increasing the initial distillation, information reconciliation and privacy amplification, given advantage between the RFID tag and its reader against an are then adapted to these highly constrained devices. First, the canvas of our study is presented. Next, the advantage distilla- eavesdropper in order to straighten out the subsequent compu- tion phase is discussed. Then, Brassard and Salvail’s Cascade tations. As for the information reconciliation phase, a slightly protocol is proved to be modifiable so as to reduce the hardware modified version of Cascade optimized for low-cost hardware implementation cost while still maintaining adequate correction implementation is described and analyzed in Section IV. Then rate and tolerable leaked information during the reconciliation in Section V, the choice of a universal class of hash functions phase. Finally, as for the privacy amplification phase, the work on in the privacy amplification phase is motivated. Yet, a complete low-cost universal hash functions from Yüksel et al. is pointed out, achieving to allege that public discussion under noisy environment scenario for our proposed design is summarized in Section VI. might be an interesting possibility for low cost RFID tags. Section VII concludes. Index Terms—Lightweight cryptography, noisy environment, II. SETTING AND HYPOTHESIS public discussion protocols, RFID, secret-key exchange. In the following, only uniform noise distributions are consid- ered. The decorrelated part of the noise should also be sufficient I. INTRODUCTION for the independance condition to practically hold. A completely passive eavesdropper is assumed. In particular, A N RFID tag is a small device which consists of an inte- grated circuit attached to an antenna capable of transmit- ting wirelessly a sole identifier at several meters to a reading the attacker should not be able to have any influence on the noise. For that reason, the permutation implemented during in- formation reconciliation as well as the compression function im- device in response to a query. Securing the RFID systems trans- plemented in the last stage can be fixed and disclosed to the at- missions is of great concern [1]. Its difficulty comes mainly from tacker without affecting the security of the protocol taken as a two major problems. First, the distribution of keys to billions whole. Indeed, even if the permutation or compression function of products. Second, the inability for such low cost devices to is known to the attacker in the early stages of the protocol, it has handle classical arithmetic based solutions. Many solutions have no influence on its guessing strategy. been proposed so far [2]. Here we go through a completely dif- Note that, as in [4] and depending on the actual error rates, ferent track and use the channel noise as it is done in [3], so as our solution may require many interactions between the tag and to suggest a protocol whose hardware implementation is simple the reader during the information reconciliation phase. and which ensures that the exchanges in an RFID system be confidential when a passive eavesdropper is present. After an III. GAINING THE ADVANTAGE initialization step in which a damaged version of a bit string sent The so-called satellite scenario can be described as follows. by a reader is received by a tag and possibly an eavesdropper, A bit string sent by a satellite is received by three entities , the protocol consists essentially in three phases. and as , and with different noise patterns character- • Advantage distillation—The legitimate parties turn the sit- ized respectively by , and . and can subsequently uation to their advantage if necessary; communicate over an error free channel while is eavesdrop- ping their communication. Manuscript received August 2, 2005; revised January 30, 2006. This work was The probability that a given bit from is received by , performed when G. Fumaroli was with Sagem Défence Sécurité. The material in this paper was presented in part at the ECRYPT Workshop on RFID and and as is given by Lightweight Crypto, Graz, Austria, July 2005. H. Chabanne is with Sagem Défence Sécurité, F-95610 Eragny, France. G. Fumaroli is with the Cryptography Laboratory of Thales Communications, Colombes, France. Communicated by E. Okamoto, Associate Editor for Complexity and Cryp- tography. Digital Object Identifier 10.1109/TIT.2006.878219 and 0018-9448/$20.00 © 2006 IEEE
  2. 2. CHABANNE AND FUMAROLI: NOISY CRYPTOGRAPHIC PROTOCOLS FOR LOW-COST RFID TAGS 3563 Shannon bound in terms of amount of leaked information. How- ever, Cascade would be too complex to fit into simple low cost tags. Practically, when the error rate is sufficiently low—which can be easily achieved by performing enough Bit Pair Iteration protocol passes—most errors are corrected during the first pass of Cascade. From this observation, we propose introducing two Fig. 1. Initialization scenario. (a) Actual scenario. (b) Equivalent scenario. major changes in Cascade. • First, the same block size is set for every pass. The block size should also divide the string size, so that only fixed respectively, where denotes the Hamming distance. length blocks have to be analyzed. The worst case is achieved when both and are greater • Second, a permutation is set once and for all and cabled than . Should that be the case, and have to perform an inside the tag. It is hence straightforward to apply it to advantage distillation phase to gain the advantage over i.e., to the string. On the contrary, choosing the permutation at eventually get less errors than . random and sending it through the communication channel The Bit Pair Iteration Protocol introduced in [5] turns out to at the beginning of each pass as required in Cascade would be a quite efficient one implementing the advantage distillation have been infeasible in low-cost tags. phase. and group their bits by pair and then tell each other Much less efficient than Cascade, but also much easier to im- the parity of each pair. If both parities do not match, then plement, our protocol still converges in the stated context. and get rid of the pair. Otherwise, they undertake to keep the information associated with the involved pair while giving as A. Proposed Reconciliation Protocol little information as possible. Namely, they keep only the first Let bit of the pair since globally got one bit of information about • be the length of the strings to be reconciled, the pair from its parity. The retained bit might still differ, but • be the block size with , it can be shown that and ’s bits agree more and more each • be a pre-cabled permutation in the set of all bijections of time the process is repeated [5]. . For our purpose, let be the reader, be the tag and be The protocol is composed of several identical passes. Let some passive eavesdropper. Then either or has to send the and , respectively, denote and ’s string at the beginning of initial string in the satellite’s place. If is the initial sender the protocol. The th pass of our protocol is described as follows. (see Fig. 1(a)), then and . 1) and , respectively, compute and Let the communication channels and be . considered independant and ’s version of the string taken as 2) and divide and in blocks. reference. The previous scenario is then equivalent to having 3) For from 1 to . sent the string and and having received it with independant a) Let and denote the th block of and ’s noise patterns respectively characterized by and string, respectively. If the parity of and (see Fig. 1(b)). are the same, and continue with the next block Hence even if at the outset. Let (or the next pass if all blocks in the current pass have denote the Shannon bit entropy function for already been checked out). Otherwise, they perform a some random variable on a set . A string received with prob- dichotomic search which returns a position such that ability provides information bit. Let . (resp. ) be the information rate learnt b) inverts to correct the error. by (resp. by ). Since is strictly decreasing on [0, 1/2], we get in terms of Shannon information. B. Protocol Analysis Under these conditions, and always have an advantage Estimating the amount of leaked information during the over , a fact already known to Wyner in [6]. reconciliation phase is needed by the subsequent phases and Note that the advantage distillation phase is not necessary achieved through the following proposition. anymore whatever low may be. Practically however, Proposition 1: Let be the block size, (resp. ) be implementing the Bit Pair Iteration Protocol in the first stage the bit error rate (resp. the bit leak rate) after passes of the provides one with an effective way of increasing both the relia- reconciliation protocol. We have bility of and ’s string as well as the eavesdropper’s disad- 1) vantage . IV. LOW-COST RECONCILIATION PROTOCOL Some errors in ’s string may remain. During the informa- tion reconciliation phase, and exchange some information where denotes the bit error rate at the beginning of the to correct these errors. Cascade, introduced in [7], is built so reconciliation protocol; that and efficiently correct their errors while maintaining 2) the information leaked to relatively low (see [7] for a detailed description). Cascade’s performance is actually very close to the
  3. 3. 3564 IEEE TRANSACTIONS ON INFORMATION THEORY, VOL. 52, NO. 8, AUGUST 2006 Proof: 1) Let be a random variable representing the number of er- rors in a given block of size when the string’s bit error probability is . If the errors are uniformely distributed at the beginning of the protocol and the permutation is chosen at random among all permutations of (or has adequate properties, see the following section), it is legitimate to consider that these errors remain uniformely distributed within the string at the beginning of each pass. Thus, can be approximated by a binomial law with pa- rameters . Let be the probability that is odd, we Fig. 2. Bit error rate e as a function of k and i. have Since one error per odd parity block is corrected, we get 2) Let us consider the -th pass of the protocol with Fig. 3. Bit leak rate d as a function of k and i. . For each block, at least one bit is revealed for parity testing. If the block’s parity is odd, then more bits are revealed to locate the error. Thus, the bit leak rate The rest of the section formally describes a quality measure during the th pass is given by for such a candidate permutation. Let be the set containing the positions in the -th block, for . Let denote the cardinality of the set of all elements Hence, such that for all with we have where denote the set of all subsets of of size . Eventually, an adequate measure according to the stated reconciliation problem for a permutation might be defined as The formula also holds for corresponding to the trivial case . Smaller obviously lead to cheapest hardware implementa- tion of the protocol and faster bit error rate decrease (see Fig. 2). Suppose . An ideal permutation according to However, the parameter cannot be chosen too small because and is such that it also leads to higher bit leak rates (see Fig. 3). This analysis shows that there is a tradeoff between error correction rate and leaked information rate according to the initial bit error rate and available gate count. The most accurate is reached with . C. Choice of a Permutation V. TOWARD PRIVACY AMPLIFICATION The estimate of remaining errors pass after pass is based on the hypothesis that the permutation is chosen at random. At the end of the reconciliation protocol, and agreed However, the choice of a permutation with adequate properties on a string with very high probability. In this last phase, they proves sufficient practically. publicly pick a compression function which, applied to this An adequate permutation for our reconciliation protocol partially secret string, allows them to derive a shorter – but al- should map distinct positions in a given block to distinct most perfectly secure – key . Thereby, can be chosen has a blocks. This would guarantee the composition of the blocks be secret key during the subsequent exchanges in, for example, the very different from pass to pass. so-called one-time pad encryption scheme.
  4. 4. CHABANNE AND FUMAROLI: NOISY CRYPTOGRAPHIC PROTOCOLS FOR LOW-COST RFID TAGS 3565 The compression function is actually chosen from a universal TABLE I class of hash functions we introduce in the following definition. E ’S ERROR RATE AFTER INITIALIZATION Definition 1 (Universal Class of Functions): A class of functions from to is universal if, for all pairs of distinct elements in , the probability that the event occurs is at most when is chosen randomly uni- formely in . TABLE II Some universal class of functions are quite easy to imple- COMPRESSION RATE ACHIEVED BY THE BIT PAIR ITERATION PROTOCOL ment. In particular, [8] proposes the universal class of hash functions WH-64 with Toeplitz that can be implemented from WH-16 which requires only 460 logic gates. A. Discussion on the Achievable Key Length TABLE III Let denotes the standard Shannon entropy and denotes R’S ERROR RATE AFTER BIT PAIR ITERATION PROTOCOL the collision entropy. The following theorems allow us to derive the length of . Theorem 1 (Bennett, Brassard, Crépeau, Maurer [3]): Let be a random variable with values in the set , and be another random variable corresponding to the choice of an element in a TABLE IV universal class of hash functions according to a E ’S ERROR RATE AFTER BIT PAIR ITERATION PROTOCOL uniform distribution. Then Theorem 2 (Cachin, Maurer [9]): Let and be random are decreased so that less information bits are needed during variables with alphabets and , respectively, and let be the reconciliation phase. The Bit Pair Iteration Protocol leads an arbitrary security parameter. With probability at least , to a reduction rate thus and we get a new shorter string of takes on a value for which length (see Table II). With regard to , ’s bit error probability is while ’s is (see Tables III and IV). See [5] for details on evaluating the bit error probability and compression rate of the Bit Pair Iteration Protocol. Before Proposition 2 (Achievable Secret Key Length): Let reconciliation, ’s associated collision entropy is estimated at • be a lower bound on ’s collision entropy about the secret . string hold by before information reconciliation; Note that it is not necessary to store the entire initial -bit • be the number of bits revealed during information rec- string inside . Rather, the received initialization bits should be onciliation; stored in a smaller buffer. When this buffer is full, its content is • et be arbitrary security parameters. immediately processed by the Bit Pair Iteration protocol and the Then the final secret string length is about which resulting bits are stored in the -bit buffer that will be used for only learns information bits with probability at information reconciliation. least . Our reconciliation protocol is then implemented with an ad Proof: See [9]. hoc block length. passes of our protocol are performed where is chosen such that and ’s shared errors evaluates to VI. TOTAL EVALUATION OF OUR PROPOSAL while the number of revealed exchanged bits The hardware implementation of these protocols is easily is not too high. Both and are computed using scalable. It can be optimized to reach a compromise with the Proposition 1. and share a partially secret string of communication efficiency and gate count. length . Again, note that a permutation on the set Suppose that broadcasts an -bit string that is received by must be precabled once and for all tags. Depending on imple- and with a bit error rate respectively and . After this mentation, this should require no more than two -bit registers. initialization phase, considering owns the reference version, In a last phase, and apply a compression function to and ’s version are the image of ’s string received through this partially secret string. This compression function is usually a binary symmetric channel with a bit error rate respectively picked at random from a universal class of hash functions. In and (see Table I). our setting, this compression function is fixed once and for all Although ’s bit error rate is higher than ’s, several passes of tags. An advisable choice is the universal class of hash functions the Bit Pair Iteration protocol are performed. In so doing, the proposed in [8] especially well suited for our context since this advantage is increased while ’s bit errors compared to ’s should require roughly 640 logic gates.
  5. 5. 3566 IEEE TRANSACTIONS ON INFORMATION THEORY, VOL. 52, NO. 8, AUGUST 2006 The security parameter being set to and , requires some bandwidth and few gates. Moreover, no key man- highly secret information bits can actually be distilled from the agement is needed. Though not tested against physical experi- only partially secure bits. More precisely, with probability at mentation, the feasibility of our scenario is very likely provided least which can be very close to provided is big low signal-to-noise ratio during the initialization phase. Even- enough, learns at most bit about this highly secret tually, our approach seems pragmatic for this difficult problem. string. Example ACKNOWLEDGMENT Let us assume that the intrinsic observed error rates are The authors would like to thank the anonymous referees for and . broadcasts a 600-bit string. The bit helpful comments. error rates of and relative to the string held by become and , respectively. and perform one REFERENCES pass of the Bit Pair Iteration protocol. The a posteriori bit error rate of and become and . The com- [1] S. A. Weis, “Security and Privacy in Radio-Frequency Identification Devices,” Master’s, Mass. Inst. Technol. (MIT), Cambridge, MA, pression rate is , thus the length of the string becomes 2003. bits. ’s collision entropy about the string shared by [2] Web-Based Bibliography 2003–2005 [Online]. Available: http:// and can be estimated at ., Security and privacy in RFID sys- tems, unpublished Our reconciliation protocol is performed with the parameters [3] C. H. Bennett, G. Brassard, C. Crépeau, and U. Maurer, “General- , and initial bit error probability ized privacy amplification,” IEEE Trans. Inf. Theory, vol. 41, no. 6, . After one pass of the protocol, the expected number of pp. 1915–1923, Nov. 1995. [4] C. Castelluccia and G. Avoine, “Noisy tags: A pretty good key ex- errors in the common string is and the expected change protocol for RFID tags,” in Int. Conf. Smart Card Research number of disclosed bits is . After four pass and Advanced Applications—CARDIS (Lecture Notes in Computer Sci- of the protocol, the expected number of errors in the common ence). Berlin, Germany: Springer-Verlag, 2006. [5] M. Gander and U. Maurer, “On the secret-key rate of binary random string is and the expected number variables,” in Proc. 1994 IEEE Int. Symp. Information Theory, Trond- of disclosed bits is . As for the security param- heim, Norway, Jun./Jul. 1994, p. 351. eters, let and . Then, with probability at least [6] A. Wyner, “The wire-tap channel,” Bell Syst. Tech. J., vol. 54, pp. 1355–1387, 1975. , at least highly se- [7] G. Brassard and L. Salvail, “Secret-key reconciliation by public discus- cret bits can be distilled about which ’s information is at most sion,” in Proc. EUROCRYPT ’93: Workshop on the Theory and Appli- . cations of Cryptographic Technics on Advances in Cryptology. New York: Springer-Verlag, 1994, pp. 410–423. [8] K. Yüksel, “Universal Hashing for Ultra-Low-Power Cryptographic VII. CONCLUSION Hardware Applications,” Master’s thesis, Worcester Poly. Inst., Worcester, MA, 2004. This paper shows how to exploit the noisy environment of [9] C. Cachin and U. Maurer, “Linking information reconciliation and pri- RFID tags to circumvent low-end eavesdroppers. Our solution vacy amplification,” J. Cryptol., vol. 10, no. 2, pp. 97–110, 1997.