Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
A Survey of RFID Authentication Protocols Compiled by : Dr. Vidyasagar Potdar Yawer Yousuf Khan
Introduction <ul><li>RFID   technology used for   identification of objects ,  where data is carried by   radio waves. </l...
RFID Architecture <ul><li>Types of tags :  </li></ul>Semi Passive Active Passive
RFID Architecture (cont.) Operational Process
RFID Architecture (cont.) RFID Architecture
Applications of RFID <ul><li>Contactless cards for building access </li></ul><ul><li>Interactive appliances like mobile ph...
Security Issues <ul><li>Authentication  to provide a certain level of trust between reader and tag & vice versa </li></ul>...
Types of attacks <ul><li>Eavesdropping of communication between tag and reader </li></ul><ul><li>Full-Disclosure Attacks t...
Classification of Authentication Protocols: what, why and how? <ul><li>Authentication Protocols: </li></ul><ul><li>Provide...
Classification of Authentication Protocols: what, why and how? <ul><li>Need for Classification of authentication protocols...
Classification of Authentication Protocols: what, why and how? <ul><li>Classification is based on these points </li></ul><...
Preliminary Concepts <ul><li>Definition 1: </li></ul><ul><li>Forced Challenge (F):  Data is a random nonce generated by th...
Preliminary Concepts <ul><li>Definition 2: </li></ul><ul><li>Origin Authentication (OA):  If the protocol contains the mes...
Process of Classification <ul><li>Step 1:  Identify the type of authentication used in a given protocol </li></ul><ul><li>...
Process of Classification <ul><li>Always, Verifier is A and prover is B </li></ul><ul><li>There are  eight  generic protot...
Prototypes of Authentication A   B :  APubKey {  B ,  r B   } A   B :  r B DA F, Ack A   B :  APubKey {  B ,  r B   ...
Prototypes of Mutual Authentication 1. A   B:  r A 2. A   B:  r B A:  APriKey {  B ,  r B   } B:  BPriKey {  A ,  r A ...
Prototypes of Mutual Authentication 1. A   B:  r A 2. A  B:  APubKey { B ,  r B   ,  BPriKey {  A ,  r A   } } or, 1....
Prototypes of Mutual Authentication 1. A   B:  BPubKey {  A ,  r A   } 2. A  B:  APubKey {  B ,  r B  },  r A 3. A ...
Minimalist Approach <ul><li>Protocols named  LMAP [3] ,  M2AP [4]  and   EMAP [5]  proposed by Pedro Peris-Lopez  et al   ...
Minimalist Approach <ul><li>on  index-pseudonyms  (96-bits) which is a row of a table to store all information related to ...
Conclusion <ul><li>We studied several protocols and focussed on three main researches LMAP, EMAP and M2AP </li></ul><ul><l...
References <ul><li>DongGook Park, Colin Boyd, and Ed Dawson, &quot;Classification of Authentication Protocols: A Practical...
Thank You
Upcoming SlideShare
Loading in …5
×

Survey paper

  • Login to see the comments

  • Be the first to like this

Survey paper

  1. 1. A Survey of RFID Authentication Protocols Compiled by : Dr. Vidyasagar Potdar Yawer Yousuf Khan
  2. 2. Introduction <ul><li>RFID technology used for identification of objects , where data is carried by radio waves. </li></ul><ul><li>Seen as a replacement to barcode system. </li></ul><ul><li>RFID system consists of a RFID Transponder ( tag ) and a RFID Interrogator ( Reader ). </li></ul><ul><li>A tag uniquely identifies an object. </li></ul><ul><li>Frequencies : LF (124-135 kHz), HF(13.56 MHz), UHF(860-960 MHz) </li></ul><ul><li>Reading range : LF (up to half meter), HF(upto 1 meter), UHF( upto tens of meters) </li></ul>
  3. 3. RFID Architecture <ul><li>Types of tags : </li></ul>Semi Passive Active Passive
  4. 4. RFID Architecture (cont.) Operational Process
  5. 5. RFID Architecture (cont.) RFID Architecture
  6. 6. Applications of RFID <ul><li>Contactless cards for building access </li></ul><ul><li>Interactive appliances like mobile phones </li></ul><ul><li>Payment tokens like SpeedPass TM </li></ul><ul><li>In Retail markets </li></ul><ul><li>Passports </li></ul><ul><li>Toll payment </li></ul><ul><li>Implantation in humans and animals. </li></ul>
  7. 7. Security Issues <ul><li>Authentication to provide a certain level of trust between reader and tag & vice versa </li></ul><ul><li>Integrity of the data exchanged between reader and tag </li></ul><ul><li>Availability of the bandwidth for communication </li></ul><ul><li>Confidentiality of communication reader and tag </li></ul><ul><li>Anonymity against unauthorised interrogation </li></ul>
  8. 8. Types of attacks <ul><li>Eavesdropping of communication between tag and reader </li></ul><ul><li>Full-Disclosure Attacks to obtain private data of the tag </li></ul><ul><li>Masquerading the legitimate tags </li></ul><ul><li>Replay Attack </li></ul><ul><li>DoS Attack </li></ul><ul><li>Blocking Attack </li></ul>
  9. 9. Classification of Authentication Protocols: what, why and how? <ul><li>Authentication Protocols: </li></ul><ul><li>Provide level of trust between the reader and the tag </li></ul><ul><li>Limitations include limited readwrite memory, few logic gates to perform computational tasks </li></ul>
  10. 10. Classification of Authentication Protocols: what, why and how? <ul><li>Need for Classification of authentication protocols: </li></ul><ul><li>Distinguishing on the basis of general prototypes which can cover various fundamental protocols. </li></ul><ul><li>Numerous Protocols are being proposed every year </li></ul><ul><li>Similar type of protocols may have same type of errors and their solutions. </li></ul>
  11. 11. Classification of Authentication Protocols: what, why and how? <ul><li>Classification is based on these points </li></ul><ul><li>Underlying algorithm used in the protocols. </li></ul><ul><li>Procedure of message exchange. </li></ul><ul><li>Secure combination of above two . </li></ul><ul><li>Complex Cryptographic functions or the structure of Protocol may limit the classification process </li></ul><ul><li>Concentration on message exchange to help abstracting away from cryptographic mechanism </li></ul>
  12. 12. Preliminary Concepts <ul><li>Definition 1: </li></ul><ul><li>Forced Challenge (F): Data is a random nonce generated by the verifier, delivered as a plaintext or a ciphertext to the prover </li></ul><ul><li>Self Challenge (S): Data is generated by the prover himself </li></ul><ul><li>No Challenge (Ø): No challenge value exchanged in the protocol </li></ul>
  13. 13. Preliminary Concepts <ul><li>Definition 2: </li></ul><ul><li>Origin Authentication (OA): If the protocol contains the message of the form APriKey {  } </li></ul><ul><li>Destination Authentication (DA): If the protocol contains message of the form APubKey {·} </li></ul><ul><li>Implicit Authentication ( IA ): If the protocol contains no message of the form APriKey {·} or APubKey {·} </li></ul>
  14. 14. Process of Classification <ul><li>Step 1: Identify the type of authentication used in a given protocol </li></ul><ul><li>Step 2: Identify the type of challenge values used between two sender and receiver </li></ul><ul><li>Step 3: In case of DA with forced challenge, protocols are further classified as DA F, No Ack (No Acknowledgment) and DA F, Ack .(Yes, Acknowledgment). </li></ul>
  15. 15. Process of Classification <ul><li>Always, Verifier is A and prover is B </li></ul><ul><li>There are eight generic prototypes for classification for verifier to prover Authentication </li></ul><ul><li>For Mutual Authentication </li></ul><ul><li>There should be 8 2 = 64 prototypes, but the protocols in which the responder entity B, act as an initiator can be regarded as illegal </li></ul><ul><li>In all 47 prototypes are legal </li></ul>
  16. 16. Prototypes of Authentication A  B : APubKey { B , r B } A  B : r B DA F, Ack A  B : APubKey { B , r B } DA F, NoAck A  B : APubKey { B } DA  Destination Authentication (DA) A  B : r B A  B : APriKey { B , r B } OA F A  B : TS A , APriKey { B , TS A } OA S A  B : APriKey { B } OA  Origin Authentication (OA) A  B : r B A: Ap riKey { B , r B } IA F A : ApriKey { B } IA Ø Implicit Authentication (IA) Example Authentication Type
  17. 17. Prototypes of Mutual Authentication 1. A  B: r A 2. A  B: r B A: APriKey { B , r B } B: BPriKey { A , r A } IA F -IA F A: APriKey { B } B: BPriKey { A }     1. A  B: BPubKey { A } DA   1. A  B: r A B: IA F-  Example Prototype
  18. 18. Prototypes of Mutual Authentication 1. A  B: r A 2. A  B: APubKey { B , r B , BPriKey { A , r A } } or, 1. A  B: r A 2. A  B: BPriKey { A , r A , APubKey { B , r B } } OA F - DA F , NoAck 1. A  B: r A 2. A  B: BPriKey { A , r A }, r B 3. A  B: APrikey { B , r B } OA F -OA F 1. A  B: r A , TS A , APriKey { B , TS A } B: BPriKey { r A } IA F -OA S Example Prototype
  19. 19. Prototypes of Mutual Authentication 1. A  B: BPubKey { A , r A } 2. A  B: APubKey { B , r B }, r A 3. A  B: r B DA F,Ack -DA F,Ack 1. A  B: BPubKey { A , r A } 2. A  B: APubKey { B , r B } DA F,NoAck -DA F,NoAck 1. A  B: BPubKey { A , r A } 2. A  B: r A , r B 3. A  B: APriKey { B , r B } DA F,Ack -OA F 1. A  B: BPubKey { A , r A , TS A , APriKey { B , TS A } } or, 1. A  B: TSA , APriKey { B , TS A , BPubKey { A , r A } } DA F,NoAck -OA S Example Prototype
  20. 20. Minimalist Approach <ul><li>Protocols named LMAP [3] , M2AP [4] and EMAP [5] proposed by Pedro Peris-Lopez et al </li></ul><ul><li>Comes under Implicit Authentication with forced challenge- Implicit Authentication with forced challenge IA F -IA F </li></ul><ul><li>simple binary operations like XOR, OR, AND, mod 2m are used by using few hundred gates </li></ul>
  21. 21. Minimalist Approach <ul><li>on index-pseudonyms (96-bits) which is a row of a table to store all information related to the tag </li></ul><ul><li>a 480 EEPROM and a 96-bit key divided into 4 parts updates after each message cycle </li></ul><ul><li>Vulnerable to De-synchronization attack and subsequently full-disclosure attack </li></ul>
  22. 22. Conclusion <ul><li>We studied several protocols and focussed on three main researches LMAP, EMAP and M2AP </li></ul><ul><li>Several protocols can be classified according to [1] to provide generic study of RFID authentication protocols. </li></ul>
  23. 23. References <ul><li>DongGook Park, Colin Boyd, and Ed Dawson, &quot;Classification of Authentication Protocols: A Practical Approach&quot;, Proceedings of Information Security Workshop (ISW 2000), Springer-Verlag, LNCS Vol.1975 , pp.194-208 </li></ul><ul><li>Ari Juels, “RFID Security and Privacy: A research Survey”, September 2005, Manuscript, RSA Laboratories , 2005. </li></ul><ul><li>Peris-Lopez, Pedro and Hernandez-Castro, Julio Cesar and Estevez-Tapiador, Juan and Ribagorda, Arturo, “LMAP: A Real Lightweight Mutual Authentication Protocol for Low-cost RFID tags ” Printed handout of Workshop on RFID Security -- RFIDSec 06 , July 2006. </li></ul><ul><li>Peris-Lopez, Pedro and Hernandez-Castro, Julio Cesar and Estevez-Tapiador, Juan and Ribagorda, Arturo,”M2AP: A Minimalist Mutual-Authentication Protocol for Low-cost RFID Tags”, Lecture Notes in Computer Science, 912--923, Springer-Verlag, Sep-2006. </li></ul><ul><li>Peris-Lopez, Pedro and Hernandez-Castro, Julio Cesar and Estevez-Tapiador, Juan M. and Ribagorda, Arturo, “EMAP: An Efficient Mutual Authentication Protocol for Low-cost RFID Tags”, OTM Federated Conferences and Workshop: IS Workshop -- IS'06, 2006, 4277 Lecture Notes in Computer Science , P-352--361, November Springer-Verlag. </li></ul><ul><li>Li, Tieyan and Wang, Guilin “Security Analysis of Two Ultra-Lightweight {RFID} Authentication” Protocols IFIP SEC 2007 . </li></ul><ul><li>Li, Tieyan and Deng, Robert~H., “Vulnerability Analysis of {EMAP} - An Efficient RFID Mutual Authentication Protocols” Second International Conference on Availability, Reliability and Security -- AReS 2007 April 2007 Vienna, Austria. </li></ul><ul><li>http://www.simtech.a-star.edu.sg/events/images/rg_RFID_BigSafe2.jpg </li></ul>
  24. 24. Thank You

×