1 / 27

Low-Cost Untraceable Authentication Protocols for RFID

Low-Cost Untraceable Authentication Protocols for RFID. Yong Ki Lee, Lejla Batina, Dave Singelée, Ingrid Verbauwhede BCRYPT workshop on RFID Security February 5, 2010, Leuven. Outline of the talk. Challenges in RFID networks Security problems Privacy problems Cryptographic building blocks

Download Presentation

Low-Cost Untraceable Authentication Protocols for RFID

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Low-Cost Untraceable Authentication Protocols for RFID Yong Ki Lee, Lejla Batina, Dave Singelée, Ingrid Verbauwhede BCRYPT workshop on RFID Security February 5, 2010, Leuven

  2. Outline of the talk • Challenges in RFID networks • Security problems • Privacy problems • Cryptographic building blocks • ECC-based authentication protocols • Search protocol • Hardware architecture • Conclusion

  3. RFID technology • Radio Frequency Identification as we explain it to Dave’s tech-savvy grandmother: • Passive tag • Battery assisted (BAP) • Active tag with onboard power source

  4. RFID applications • Asset tracking • Barcode replacement • RFID passports • Mobile credit card payment systems • Transportation payment systems • Sporting events (timing / tracing) • Animal identification • …

  5. RFID security problems (I) • Impersonation attacks • Genuine readers • Malicious tags => Tag-to-server authentication

  6. RFID security problems (II) • Eavesdropping • Replay attacks • Man-in-the-middle attacks • Cloning • Side-channel attacks • …

  7. RFID privacy problems (I) Mr. Jones in 2020 [A. Juels. RSA Laboratories]

  8. Wig model #4456 (cheap polyester) Replacement hip medical part #459382 Das Kapitaland Communist-party handbook 1500 Euros in wallet Serial numbers: 597387,389473… 30 items of lingerie RFID privacy problems (II) Mr. Jones in 2020 [A. Juels. RSA Laboratories]

  9. RFID privacy problems (III) • RFID Privacy problem • Malicious readers • Genuine tags => Untraceability

  10. RFID privacy problems (IV) • Untraceability • Inequality of two tags: the (in)equality of two tags must be impossible to determine • Theoretical framework of Vaudenay[ASIACRYPT ‘07]: • Narrow vs wide privacy • Weak vs strong privacy

  11. Reader Tag Challenge Response Cryptographic authentication protocol • Tag proves its identity • Security (entity authentication) • Privacy • Challenge-response protocol

  12. Technological requirements • Scalability • Implementation issues • Cheap implementation • Memory • Gate area • Lightweight • Efficient => Influence on cryptographic building blocks

  13. Implementation cost • Symmetric encryption • AES: 3-4 kgates • Cryptographic hash function • SHA-3: 10 – 30 kgates) [ECRYPT II: SHA-3 Zoo] • Public-key encryption • Elliptic Curve Cryptography (ECC): 11-15 kgates =>Public key cryptography is suitable for RFID

  14. ECC-based authentication protocols • Rely exclusively on ECC !!! • Wide-strong privacy • Two sub-modules • ID-transfer scheme • Pwd-transfer scheme • Combination => 3 protocols • Computational requirements • Security requirements

  15. System parameters

  16. Example: Secure ID Transfer Tag: x1, Y=yP Server: y rt1€ Z T1← rt1P T1 rs1€ Z T2←( rt1+ x1)P T2 (y-1T2 – T1) ( ) -1= x1P 16

  17. ID-transfer scheme (protocol 1)

  18. ID + Pwd-transfer scheme (protocol 3)

  19. Search protocol (I) • Linear search: scalability issues • Search for one particular tag • Design requirements: • One-round authentication • Dedicated authentication • Security against replay attacks • Wide-weak privacy • Combine with ECC-based authentication protocol

  20. Search protocol (II)

  21. Hardware architecture

  22. Performance comparison

  23. Conclusion • Security & privacy in RFID networks • Challenging research problem • Public-key cryptography is suitable for RFID tags • ECC hardware implementation • Wide-strong authentication protocols • Search protocol

  24. Questions??

  25. EXTRA SLIDES

  26. Pwd-transfer scheme

  27. ID + Pwd-transfer scheme (protocol 2)

More Related