Rfid

In the name of Allah the Most Beneficent, the Most Merciful.

DESIGN OF RADIO FREQUENCY IDENTIFICATION SYSTEM SECURITY METHOD

SupervisorDr. Imran Ali Jokhio

Co-SupervisorProf. Dr. B.S.Chowdhry

Presented ByDurr MuhammadB09MEESE-58

Institute of Information and Communication TechnologiesMehran University of Engineering & Technology

Jamshoro Sindh

PRESENTATION OUTLINEIntroductionBackgroundRFID SystemAims and ObjectivesLiterature ReviewMethodologyCryptographic ApproachSimple scheme for tag AuthenticationAuthentication Protocol ProposalProtocol DescriptionConclusionReferences

Introduction

Radio Frequency Identification (RFID) Technology uses radio waves to automatically identify wirelessly. Contact less Without visibility

Privacy and security concerns slow down the fast adaption of RFID technology for many application. A number of authentication protocols that address these concerns have been proposed but real-world solutions that are secure maintain low communication cost And can be integrated into EPCglobal C1G2 tag protocol.

This thesis represents a novel authentication protocol which offers a high level of security through the combination of random key scheme with a strong cryptography. This protocol is applicable to,

− Memory Resources − Power

− Computational constraint platforms such as RFID tags.1

BackgroundThe hindrances of this thesis are,

− Mutual authentication − Untraceability− Forward and backward security − Resistance-to-replay − Denial-of-service− Man-in-the-middle

The proposed protocol is integrated into the EPCglobal C1G2 tag which assures low implementation cost.

Keywords : − cryptographic authentication proposed protocol − passive computation capable tag − RFID Systems.

2

RFID SystemAn RFID system consist of three components: - Tags

- Reader - Back-end-server.

The RFID tags being considered are passive that are powered by the reader through RF carrier.

Operating frequency of the reader ranges from 860 to 960 MHz depending on the local regulations.

Tags operate with modest amount of energy , however , they can perform computationally intensive operation such as en/deciphering of messages.

Reader is a combination of customary RFID reader and application software that runs on personal computer.

Back-end-server is trusted entity that maintains all the crucial tag such as key tables, timestamps and IDs.

3

Continue…

4

Fig.1. RFID System

Aims and Objectives• To investigate security and privacy challenges faced by RFID devices.

• To highlight the privacy and security threats faced due to RFID devices.

• To identify RFID major threats

• To investigate threats impacts with respect to serious consequences

• To investigate measures to overcome Security Issues in RFID devices

• To investigate secure storage and transmission of data

• To design a security method to secure RFID tag.

5

Literature Review• Weis, S., Sarma, S., Rivest, R., Engels, D: from Laboratory for

Computer Science and Auto-ID Center introduced Low-Cost RFID System in which they analyze the security and Privacy Issues (2004).

• Security Issues are: -- Eavesdropping, -- Traffic analysis (Location Privacy), -- Spoofing (aid thieves) or denial of service.• Privacy concerns are removing and stealing tag.• They used different schemes • Hash-Based Access Control (locking or unlocking tag and

managing key in database to ensure forward security) -- Spoofing is not protected -- Replay attack occur

6

Continue…

• Random Access Control -- Pseudo-random number generation (past transaction

guarantee) -- Brute-force search (not better for large databases) -- XORing technique is used (XOR provide no security) -- Randomized version to disguise the ID so that output is not fixed overtime but impersonation is the serious security flaw. -- Not embedded with EPCglobal standard.• Silent Tree Walking

--Binary tree walking anti-collision algorithm to derive tag contents.

-- This scheme does protect against long-range eavesdropping of forward channel with little added complexity .

7

Continue…

• Dimitriou, T.: Athens Information Technology, A light-weight RFID Protocol to protect Traceability and Cloning Attack (2005). He presents RFID authentication that enforces user privacy and protect against tag cloning .

• Common secret and PRNG used to obscure the message contents.

• Simple and enhanced protocol rely on the secret shared key between reader and tag (back-end database).

• Impersonation, replay or cloning, protection against these attacks but not all.

8

Methodology Surveying RFID applications.

Selection of a candidate application. (SCM)

Analysis of the candidate application to devise security requirements.

Analysis of attacks on RFID tags.

To devise an attack taxonomy in the context of candidate application.

To design a security method for RFID tags in the context of candidate application.

Evaluation of the security method with formal methods.

9

Simple Tag Authentication Scheme

In this scheme, authentic reader and tag share a common secret K. when reader challenge a tag with a random number ra , the tag performs the function C on the challenge ra using the secret K. Then it backscatters the result m to the reader .

If C is reversible and the secret K is known, the reader can reveal the original challenge . As an authentic tag knows the secret K, the reader will authenticate the tag.

raReader Tag m performance analysis, m=C(ra, k)Reader TagAuthenticate the tag if

ra=C-1(m, k) Fig.2.Simple Tag Authentication Scheme.

10

Continue… In this scheme followings are the main key features of the protocol, − Novel authentication protocol that is based on private key Cryptography − the protocol is applicable to passive RFID tags. − protocol is embedded with EPCglobal C1G2 standard protocol. − Employing of Ciphers to hide the message content. − Use the resources of WISP tag platform to implement Ciphers.Tag-to-reader is the main bottleneck of an RFID system because passive tag can

harvest power from a reader which is the main trade-off between security and computation/ communication cost.

11

Cryptographic Approach

Identification. - Claim to be have a certain identity (e.g. username)

Authentication. - Proof of identity - Showing knowledge, - possession, inherent feature

12

I am Asad

Continue….

13

INTERROGATATOR TRANSPONDER[1] Reader issues a query command.

[2] Evaluate slot counter.a) If the slot counter is zero then the tag responds with RN16.b) If slot counter is not zero then decrement slot counter.

[3] Reader Acknowledges tag by issuing ACK with same RN16.

[4] Evaluate RN16.a) If RN16 is valid then respond with EPC .b) If RN16 is invalid then do nothing.

[5] Reader issues Req_RN containing same RN16.

[6] Evaluate RN16:If RN16 is valid then respond with handle .b) If RN16 is invalid then do nothing.

[7] Reader issues access command using handle to cover code the password (PW_low).

[8] Decrypt PW_low by XORing handle.

[9] Reader issues Req_RN containing handle.

[11] Reader issues Access command using handle to cover code the password (PW_low).

[10] Evaluate RN16 (handle) a) if RN16 is valid then respond with EPC.b) If RN16 is invalid then do nothing.

[12] Decrypt PW_high by XORing handle .if PW_low and PW_high are correct then authenticate reader and allow further operation.

Query

RN16

ACK(RN16)

EPC

Req_RN(RN1

6)

handle

Command (handle XOR PW-low)

Req_RN (handle)

handle

Command (handle XOR

PW_high)Au

then

tica

tion

Id

en

tifi

cati

on

Protocol Authentication Proposal

This proposed cryptographic authentication protocol that is same computational and communication abilities like YA-TRAP because YA-TRAP also places low computational burden on the tag. The main design goal is to

− Retain high level of security − Low implementation costs. Improving the weaknesses of YA-TRAP which is susceptible to − DOS attack because the reader can transfer the data (in particular the timestamp Tr) without

fully authenticating itself to the tag. − Ciphers in place of one-way-hash function to keep the message content secret. − Security relies on key tables (A and B) that are stored at the tag level.Key tables are generated during the manufacturing process and along with a

primary timestamp Tt and the tag’s ID (EPC) they are written on the tag.

14

Continue…

The main idea of the proposed protocol is that a tag can authenticate the reader/server as only an authentic entity can know the unique key pairs.

15

Key table A

Index Key

keyA[i] 0x03…

keyA[i+1]

0x01…

…. ….

keyA[n] 0xAF……

Key Table B

Index Key

KeyB[i] 0x03…

keyB[i+1]

0x01…

keyB[i+2]

0xAF…

…. ….

Key Pair

Key Pair

Key Pair

Fig.3 KEY TABLES

Continue…

Tag ID Tag Timestamp

Table Index Key

1 0 A i 0x03…

1 0 A i+1 0x01…

…. …. …. …. ….

1 0 A n 0xAF…

…. …. …. …. ….

1 0 B I 0x03…

1 0 B i+1 0x01…

…. …. …. …. ….

1 0 B n 0xAF

…. …. …. …. ….

16 Fig.4.Server Data Base.

Protocol DescriptionREADER/SERVER

17

TAG

Generate and transfer Rr

Fetch subset KA of all keys with number Rt and associated tag timestamps Tt(i).WHILE(key found=false)&& (i<#of keys)Decrypt h1:[Tt,Rrt]=h(inv)(h1,key)IF (Rr=Rri): key found=true End IF End WHILEIF (key found=true): delete all keys KA except the one found . Check if one of the associated tag timestamps Tti matches Tt. IF this is not the case, generate a warning. Store assumption about m4.Fetch th related key keyB[Rt+1] and encrypt the readerTimestamp and Rt: m3=h2=h(Tr||Rt,KeyB[Rt+1])ELSE:Generate random number: m3=Rr2END IFReply m3

Decrypt h3 with the key keyA[Rt] or keyB[Rt+1] basedOn assumption about m4.Reveal tag ID based on assumption about m4 by an exclusive OR operation with Tr or TtAuthenticate the tag if it is one of the possible tags.

Generate RtLook up keyA[Rt] and KeyB[Rt+1]Encrypt Tt and Rr with keyA[Rt]h1 = h(Tt||Rr,KeyA[Rt]Reply h1 and Rt

Decrypt h2 with keyB[Rt+1][Tr,Rt]=hinv(h2,keyB[Rt+1])IF Tr>Tt:Update timestamp Tt=TrSet key key=keyB[Rt+1]ELSE:Set key key = keyA[Rt]END IFEncrypt ID and timestamp with key m4 =h3=h(IDXORTt,key)ELSE:Generate and reply randomNumber Rt2m4 =Rt2END IF

Reply m4

m1 =Rr

m2 =Rt||h1

m3 =h2

m4 =h3

Continue…The authentication process can have three possible scenarios:[1] Reader is not authentic: Reply random number Rt2.[2] Reader is authentic but timestamp is wrong: Use keyA[ Rt ] to encrypt h3 and do

not update the timestamp.[3] Reader is authentic and timestamp is right : Update timestamp and use keyB[ Rt+1]

to encrypt h3.The reader can authenticate the tag based on the assumption made after the first

round.

18

Conclusion

The security features of different protocols are to be analyzed to design the secured RFID system.

Security and privacy threats are described and used encryption method that gives better way to secure communication. Encryption may either symmetric or A-symmetric because both have their own issues.

This proposed protocol provides: − Mutual authentication

− Untraceability− Forward and backward security − Resistance-to-replay − Denial-of-service− Man-in-the-middle

19

References[1]. S. Liu, O.V. Gavrylyako, P.G. Bradford, Implementing the TEA algorithm on sensors: Department

of Computer Science , The University of Alabama, 2004.[2]. Asif Z., Munir M, Integrating the Supply Chain with RFID, In: Fox School of Business and

Management Temple University (Volume 15, Article 24, March 2005)[3]. G. Tsudik, YA TRAP: Yet Another Trivial RFID Authentication Protocol: CS Department ,

University of California, Irvine, 2006.[4]. Thorsten B., George Q., RFID in Operations and Supply Chain Management (2007)[5]. H. Chae. D.J. Yaeger, J.R. Smith, K. Fu, Maximalist cryptography and computation on the WISP

UHF RFID Tag, in: proceedings of the International Conference on RFID security, 2007.[6]. G. Tsudik, A family of dances: Trivial RFID identification and Authentication Protocols, in:

Computer Science Department, University of California, Irvine, 2007.[7]. Omer k., Beygo., C., Eraslan, Enhancing Security and Usability Features of NFC, In: School of

Computing Blekieng Institute of Technology Sweden (Thesis no: MCS 2009-30, September 2009).[8]. Dr.V., Coskun, Kerem Ok, Current Issues in Near Field Communication Technology, In: ISIKI

University, Istanbul, Department of Information Technology (University of Thessaly September 23rd, 2010)

[9]. Kapil N., Vhatkar, G., P., Bhole, Internal Location Based System for Mobile Devices Using Passive RFID and Wireless Technology (2010).

[10]. Gul N. Khan, X. Yu, F.Yuan, A novel based authentication Protocol for RFID Systems, Department of Electrical and Computer Engineering, Reyrson University, Toronto, canada, 2011.

20