Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Survey paper

304 views

Published on

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

Survey paper

  1. 1. A Survey of RFID Authentication Protocols Compiled by : Dr. Vidyasagar Potdar Yawer Yousuf Khan
  2. 2. Introduction <ul><li>RFID technology used for identification of objects , where data is carried by radio waves. </li></ul><ul><li>Seen as a replacement to barcode system. </li></ul><ul><li>RFID system consists of a RFID Transponder ( tag ) and a RFID Interrogator ( Reader ). </li></ul><ul><li>A tag uniquely identifies an object. </li></ul><ul><li>Frequencies : LF (124-135 kHz), HF(13.56 MHz), UHF(860-960 MHz) </li></ul><ul><li>Reading range : LF (up to half meter), HF(upto 1 meter), UHF( upto tens of meters) </li></ul>
  3. 3. RFID Architecture <ul><li>Types of tags : </li></ul>Semi Passive Active Passive
  4. 4. RFID Architecture (cont.) Operational Process
  5. 5. RFID Architecture (cont.) RFID Architecture
  6. 6. Applications of RFID <ul><li>Contactless cards for building access </li></ul><ul><li>Interactive appliances like mobile phones </li></ul><ul><li>Payment tokens like SpeedPass TM </li></ul><ul><li>In Retail markets </li></ul><ul><li>Passports </li></ul><ul><li>Toll payment </li></ul><ul><li>Implantation in humans and animals. </li></ul>
  7. 7. Security Issues <ul><li>Authentication to provide a certain level of trust between reader and tag & vice versa </li></ul><ul><li>Integrity of the data exchanged between reader and tag </li></ul><ul><li>Availability of the bandwidth for communication </li></ul><ul><li>Confidentiality of communication reader and tag </li></ul><ul><li>Anonymity against unauthorised interrogation </li></ul>
  8. 8. Types of attacks <ul><li>Eavesdropping of communication between tag and reader </li></ul><ul><li>Full-Disclosure Attacks to obtain private data of the tag </li></ul><ul><li>Masquerading the legitimate tags </li></ul><ul><li>Replay Attack </li></ul><ul><li>DoS Attack </li></ul><ul><li>Blocking Attack </li></ul>
  9. 9. Classification of Authentication Protocols: what, why and how? <ul><li>Authentication Protocols: </li></ul><ul><li>Provide level of trust between the reader and the tag </li></ul><ul><li>Limitations include limited readwrite memory, few logic gates to perform computational tasks </li></ul>
  10. 10. Classification of Authentication Protocols: what, why and how? <ul><li>Need for Classification of authentication protocols: </li></ul><ul><li>Distinguishing on the basis of general prototypes which can cover various fundamental protocols. </li></ul><ul><li>Numerous Protocols are being proposed every year </li></ul><ul><li>Similar type of protocols may have same type of errors and their solutions. </li></ul>
  11. 11. Classification of Authentication Protocols: what, why and how? <ul><li>Classification is based on these points </li></ul><ul><li>Underlying algorithm used in the protocols. </li></ul><ul><li>Procedure of message exchange. </li></ul><ul><li>Secure combination of above two . </li></ul><ul><li>Complex Cryptographic functions or the structure of Protocol may limit the classification process </li></ul><ul><li>Concentration on message exchange to help abstracting away from cryptographic mechanism </li></ul>
  12. 12. Preliminary Concepts <ul><li>Definition 1: </li></ul><ul><li>Forced Challenge (F): Data is a random nonce generated by the verifier, delivered as a plaintext or a ciphertext to the prover </li></ul><ul><li>Self Challenge (S): Data is generated by the prover himself </li></ul><ul><li>No Challenge (Ø): No challenge value exchanged in the protocol </li></ul>
  13. 13. Preliminary Concepts <ul><li>Definition 2: </li></ul><ul><li>Origin Authentication (OA): If the protocol contains the message of the form APriKey {  } </li></ul><ul><li>Destination Authentication (DA): If the protocol contains message of the form APubKey {·} </li></ul><ul><li>Implicit Authentication ( IA ): If the protocol contains no message of the form APriKey {·} or APubKey {·} </li></ul>
  14. 14. Process of Classification <ul><li>Step 1: Identify the type of authentication used in a given protocol </li></ul><ul><li>Step 2: Identify the type of challenge values used between two sender and receiver </li></ul><ul><li>Step 3: In case of DA with forced challenge, protocols are further classified as DA F, No Ack (No Acknowledgment) and DA F, Ack .(Yes, Acknowledgment). </li></ul>
  15. 15. Process of Classification <ul><li>Always, Verifier is A and prover is B </li></ul><ul><li>There are eight generic prototypes for classification for verifier to prover Authentication </li></ul><ul><li>For Mutual Authentication </li></ul><ul><li>There should be 8 2 = 64 prototypes, but the protocols in which the responder entity B, act as an initiator can be regarded as illegal </li></ul><ul><li>In all 47 prototypes are legal </li></ul>
  16. 16. Prototypes of Authentication A  B : APubKey { B , r B } A  B : r B DA F, Ack A  B : APubKey { B , r B } DA F, NoAck A  B : APubKey { B } DA  Destination Authentication (DA) A  B : r B A  B : APriKey { B , r B } OA F A  B : TS A , APriKey { B , TS A } OA S A  B : APriKey { B } OA  Origin Authentication (OA) A  B : r B A: Ap riKey { B , r B } IA F A : ApriKey { B } IA Ø Implicit Authentication (IA) Example Authentication Type
  17. 17. Prototypes of Mutual Authentication 1. A  B: r A 2. A  B: r B A: APriKey { B , r B } B: BPriKey { A , r A } IA F -IA F A: APriKey { B } B: BPriKey { A }     1. A  B: BPubKey { A } DA   1. A  B: r A B: IA F-  Example Prototype
  18. 18. Prototypes of Mutual Authentication 1. A  B: r A 2. A  B: APubKey { B , r B , BPriKey { A , r A } } or, 1. A  B: r A 2. A  B: BPriKey { A , r A , APubKey { B , r B } } OA F - DA F , NoAck 1. A  B: r A 2. A  B: BPriKey { A , r A }, r B 3. A  B: APrikey { B , r B } OA F -OA F 1. A  B: r A , TS A , APriKey { B , TS A } B: BPriKey { r A } IA F -OA S Example Prototype
  19. 19. Prototypes of Mutual Authentication 1. A  B: BPubKey { A , r A } 2. A  B: APubKey { B , r B }, r A 3. A  B: r B DA F,Ack -DA F,Ack 1. A  B: BPubKey { A , r A } 2. A  B: APubKey { B , r B } DA F,NoAck -DA F,NoAck 1. A  B: BPubKey { A , r A } 2. A  B: r A , r B 3. A  B: APriKey { B , r B } DA F,Ack -OA F 1. A  B: BPubKey { A , r A , TS A , APriKey { B , TS A } } or, 1. A  B: TSA , APriKey { B , TS A , BPubKey { A , r A } } DA F,NoAck -OA S Example Prototype
  20. 20. Minimalist Approach <ul><li>Protocols named LMAP [3] , M2AP [4] and EMAP [5] proposed by Pedro Peris-Lopez et al </li></ul><ul><li>Comes under Implicit Authentication with forced challenge- Implicit Authentication with forced challenge IA F -IA F </li></ul><ul><li>simple binary operations like XOR, OR, AND, mod 2m are used by using few hundred gates </li></ul>
  21. 21. Minimalist Approach <ul><li>on index-pseudonyms (96-bits) which is a row of a table to store all information related to the tag </li></ul><ul><li>a 480 EEPROM and a 96-bit key divided into 4 parts updates after each message cycle </li></ul><ul><li>Vulnerable to De-synchronization attack and subsequently full-disclosure attack </li></ul>
  22. 22. Conclusion <ul><li>We studied several protocols and focussed on three main researches LMAP, EMAP and M2AP </li></ul><ul><li>Several protocols can be classified according to [1] to provide generic study of RFID authentication protocols. </li></ul>
  23. 23. References <ul><li>DongGook Park, Colin Boyd, and Ed Dawson, &quot;Classification of Authentication Protocols: A Practical Approach&quot;, Proceedings of Information Security Workshop (ISW 2000), Springer-Verlag, LNCS Vol.1975 , pp.194-208 </li></ul><ul><li>Ari Juels, “RFID Security and Privacy: A research Survey”, September 2005, Manuscript, RSA Laboratories , 2005. </li></ul><ul><li>Peris-Lopez, Pedro and Hernandez-Castro, Julio Cesar and Estevez-Tapiador, Juan and Ribagorda, Arturo, “LMAP: A Real Lightweight Mutual Authentication Protocol for Low-cost RFID tags ” Printed handout of Workshop on RFID Security -- RFIDSec 06 , July 2006. </li></ul><ul><li>Peris-Lopez, Pedro and Hernandez-Castro, Julio Cesar and Estevez-Tapiador, Juan and Ribagorda, Arturo,”M2AP: A Minimalist Mutual-Authentication Protocol for Low-cost RFID Tags”, Lecture Notes in Computer Science, 912--923, Springer-Verlag, Sep-2006. </li></ul><ul><li>Peris-Lopez, Pedro and Hernandez-Castro, Julio Cesar and Estevez-Tapiador, Juan M. and Ribagorda, Arturo, “EMAP: An Efficient Mutual Authentication Protocol for Low-cost RFID Tags”, OTM Federated Conferences and Workshop: IS Workshop -- IS'06, 2006, 4277 Lecture Notes in Computer Science , P-352--361, November Springer-Verlag. </li></ul><ul><li>Li, Tieyan and Wang, Guilin “Security Analysis of Two Ultra-Lightweight {RFID} Authentication” Protocols IFIP SEC 2007 . </li></ul><ul><li>Li, Tieyan and Deng, Robert~H., “Vulnerability Analysis of {EMAP} - An Efficient RFID Mutual Authentication Protocols” Second International Conference on Availability, Reliability and Security -- AReS 2007 April 2007 Vienna, Austria. </li></ul><ul><li>http://www.simtech.a-star.edu.sg/events/images/rg_RFID_BigSafe2.jpg </li></ul>
  24. 24. Thank You

×