Keyless Security in Wireless Networks

Security and privacy issues in RFID technology gain tremendous popularity recently. However, existing work on RFID authentication problems always make assumptions such as (1) hash function can be fully employed in designing RFID protocols; (2) channels between readers and server are always secure. The first assumption is not suitable for EPC Class-1 Gen-2 tags, which has been challenged in many research work, while the second one cannot be directly adopted in mobile RFID applications where wireless channels between readers and server are always insecure. To solve these problems, in this paper, we propose a novel ultralightweight and privacy-preserving authentication protocol for mobile RFID systems. We only use bitwise XOR, and several special constructed pseudo-random number generators to achieve our aims in the insecure mobile RFID environment. We use GNY logic to prove the security correctness of our proposed protocol. The security and privacy analysis show that our protocol can provide several privacy properties and avoid suffering from a number of attacks, including tag anonymity, tag location privacy, reader privacy, forward secrecy, and mutual authentication, replay attack, desynchronization attack etc. We implement our protocol and compare several parameters with existing work, the evaluation results indicate us that our protocol significantly improves the system performance.     

ECC-Based RFID Authentication Protocol

The radio frequency identification (RFID) technology has been widely used so far in industrial and commercial applications. To develop the RFID tags that support elliptic curve cryptography (ECC), we propose a scalable and mutual authentication protocol based on ECC. We also suggest a tag privacy model that provides adversaries exhibiting strong abilities to attack a tag’s privacy. We prove that the proposed protocol preserves privacy under the privacy model and that it meets general security requirements. Compared with other recent ECC-based RFID authentication protocols, our protocol provides tag privacy and performs the best under comprehensive evaluation of tag privacy, tag computation cost, and communications cost.     

Enhancing Privacy and Security of RFID System with Serverless Authentication and Search Protocols in Pervasive Environments

One of the recent realms that gathered attention of researchers is the security issues of Radio Frequency Identification (RFID) systems that have tradeoff between controlled costs and improved efficiency. Evolvement and benefits of RFID technology signifies that it can be low-cost, efficient and secured solution to many pervasive applications. But RFID technology will not intermingle into human lives until prevailing and flexible privacy mechanisms are conceived. However, ensuring strong privacy has been an enormous challenge due to extremely inadequate computational storage of typical RFID tags. So in order to relieve tags from responsibility, privacy protection and security assurance was guaranteed by central server. In this paper, we suggest serverless, forward secure and untraceable authentication protocol for RFID tags. This authentication protocol safeguards both tag and reader against almost all major attacks without the intervention of server. Though it is very critical to guarantee untraceability and scalability simultaneously, here we are proposing a scheme to make our protocol more scalable via ownership transfer. To the best of our knowledge this feature is incorporated in the serverless system for the first time in pervasive environments. One extension of RFID authentication is RFID tag searching, which has not been given much attention so far. But we firmly believe that in near future tag searching will be a significant issue RFID based pervasive systems. So in this paper we propose a serverless RFID tag searching protocol in pervasive environments. This protocol can search a particular tag efficiently without server’s intervention. Furthermore they are secured against major security threats.     

Security analysis of two lightweight RFID authentication protocols

One of the key problems in radio frequency identification (RFID) is security and privacy. Many RFID authentication protocols have been proposed to preserve security and privacy of the system. Nevertheless, most of these protocols are analyzed and it is shown that they cannot provide security against some RFID attacks. Strong authentication and strong integrity (SASI) is the first ultra-lightweight authentication protocol introduced rotation shift operation and RFID authentication protocol with permutation (RAPP) is a new ultra-lightweight authentication protocol with permutation. In this paper, we give the security analysis on these two protocols. An active attack is presented on RAPP, and using the property of the left rotation and permutation operations, we can deduce the relationship of bits of random number or secret keys at different positions, thus obtain all the secrets shared by the reader and the tag. A passive full-disclosure attack is proposed on SASI. Using SASI’s construction weakness, our attack can reveal all the secrets shared by the reader and tag by eavesdropping about 48 rounds of the authentication messages.     

Attacks and improvements on the RFID authentication protocols based on matrix

Most of the Radio Frequency IDentification (RFID) authentication protocols, proposed to preserve security and privacy, are analysed to show that they can not provide security against some passive or active attacks. In this paper, the security of two matrix-based protocols, proposed by Karthikeyan and Nesterenko (KN protocol) and Ramachandra et al. (RRS protocol) that conform to Electronic Product Code Class-1 Generation-2 (EPC Class-1 Gen-2) standard, are investigated. Using the linear relationship of multiplication of matrix and vector, we point out that both protocols can not provide scalability, and they are vulnerable to passive impersonation attack. In addition, both protocols are totally insecure if the adversary can compromise one tag to extract the secrets. A modified lightweight matrix-based authentication protocol is presented, which can resist mainly common attacks on an RFID authentication system including eavesdropping, relay attack, desynchronization attack, impersonation attack and tag tracking attack. The new protocol also has the desirable scalability property and can keep secure under compromising attack.     

一种基于动态ID刷新机制的低成本RFID标签双向认证协议(英文)

In order to solve the various privacy and security problems in RFID system, a new low-cost RFID mutual authentication protocol based on ID updating mechanics is proposed. In the proposed scheme, the backend server keeps both the current ID and potential next ID for each tag, thus to solve the possible problem of de-synchronization attack in the most ID updating-based schemes. In the security analysis section, comparing several protocols in property required and attacker resistances, the comparison results s...     

基于Montgomery型椭圆曲线密码的RFID安全认证方案

针对现有基于椭圆曲线密码（elliptic curve cryptography,ECC）体制的 RFID（radio frequency identification device）安全认证方案不能满足相互认证、隐私保护和前向安全性等要求,提出一种基于Montgomery型椭圆曲线密码的认证方案。利用Montgomery型椭圆曲线来降低计算量,并提供标签和服务器之间的相互认证,具有匿名性和前向安全性。通过分析表明,该方案能够抵抗重放攻击、标签伪装攻击、服务器欺骗攻击、DoS攻击、位置跟踪攻击和克隆攻击。与现有方案相比,该方案在保证较低的内存、计算和通信需求的情况下,提供了较高的安全性能,能够满足RFID系统的安全性要求。     

A practical quadratic residues based scheme for authentication and privacy in mobile RFID systems

In this paper we propose a novel approach to authentication and privacy in mobile RFID systems based on quadratic residues and in conformance to EPC Class-1 Gen-2 specifications. Recently, Chen et al. (2008) [10] and Yeh et al. (2011) [11] have both proposed authentication schemes for RFID systems based on quadratic residues. However, these schemes are not suitable for implementation on low-cost passive RFID tags as they require the implementation of hash functions on the tags. Consequently, both of these current methods do not conform to the EPC Class-1 Gen-2 standard for passive RFID tags which from a security perspective requires tags to only implement cyclic redundancy checks (CRC) and pseudo-random number generators (PRNG) leaving about 2.5k–5k gates available for any other security operations. Further, due to secure channel assumptions both schemes are not suited for mobile/wireless reader applications. We present the collaborative authentication scheme suitable for mobile/wireless reader RFID systems where the security of the server–reader channel cannot be guaranteed. Our schemes achieves authentication of the tag, reader and back-end server in the RFID system and protects the privacy of the communication without the need for tags to implement expensive hash functions. Our scheme is the first quadratic residues based scheme to achieve compliance to EPC Class-1 Gen-2 specifications. Through detailed security analysis we show that the collaborative authentication scheme achieves the required security properties of tag anonymity, reader anonymity, reader privacy, tag untraceability and forward secrecy. In addition, it is resistant to replay, impersonation and desynchronisation attacks. We also show through strand space analysis that the proposed approach achieves the required properties of agreement, originality and secrecy between the tag and the server.     

可证明安全的轻量级RFID所有权转移协议

设计安全的无线射频识别协议有助于实现智慧城市的规划和构建完善的智慧网络。安全的RFID所有权转移协议要求同时具备安全性和隐私性,标签的前向不可追踪性和后向不可追踪性是RFID系统实际应用中需要考量的两个重要的隐私性能。针对现有供应链系统中所有权转移协议存在的各种安全隐私问题,该文改进了原有前向不可追踪性定义的错过密钥更新过程的不合理的假设,提出了强前向不可追踪性的概念。提出了一个基于二次剩余定理的轻量级RFID所有权转移协议,并使用改进的模型和定义形式化证明了协议的安全性和隐私性。证明结果表明新方案既可以抵御内部读卡器恶意假冒攻击,追踪攻击,标签假冒攻击和异步攻击,又满足强前向不可追踪性和后向不可追踪性等隐私性能;新协议在实现低成本和高效率认证的基础上,比其他协议安全性和隐私性更好。     

可证明安全的RFID标签所有权转移协议

随着物品所有权的转移,其上附着的RFID标签的所有权也需要转移。安全和隐私问题是标签所有权转移过程中需要研究的重点问题。在通用可组合框架下,形式化定义了RFID标签所有权转移的理想函数。提出了一个新的轻量级RFID标签所有权转移协议,并证明了该协议安全地实现了所定义的理想函数,即具有双向认证、标签匿名性、抗异步攻击、后向隐私保护和前向隐私保护等安全属性。与已有的RFID标签所有权转移协议相比,新协议中RFID标签的计算复杂度和存储空间需求都较低,并且与新旧所有者的交互较少,能够更加高效地实现低成本标签的所有权转移。     

Are RNGs Achilles’ Heel of RFID Security and Privacy Protocols?

Security and privacy concerns have been growing with the increased utilisation of RFID technology in our daily lives. To mitigate these issues, numerous privacy-friendly authentication protocols have been published in the last decade. Random number generators (RNGs) are necessarily used in RFID tags to provide security and privacy. However, low-end RNGs can be the weakest point in a protocol scheme and using them might undesirably cause severe security and privacy problems. On the other hand, having a secure RNG with large entropy might be a trade-off between security and cost for low-cost RFID tags. Furthermore, RNGs used in low-cost RFID tags might not work properly in time. Therefore, we claim that the vulnerability of using an RNG deeply influences the security and privacy level of the RFID system. To the best of our knowledge, this concern has not been considered in the RFID literature. Motivated by this need, in this study, we first revisit Vaudenay’s privacy model which combines the early models and presents a new mature privacy model with different adversary classes. Then, we extend the model by introducing RANDOMEYE privacy, which allows analyzing the security of RNGs in RFID protocols. We further apply our extended model to two existing RFID schemes.     

ITPMAP: An Improved Three-Pass Mutual Authentication Protocol for Secure RFID Systems

Radio frequency identification (RFID) is a wireless technology used in various applications to minimize the complexity of everyday life. However, it opens a large number of security and privacy issues that require to be addressed before its successful deployment. Many RFID authentication protocols are proposed in recent years to address security and privacy issues, and most of them are based on lightweight cryptographic techniques such as pseudo-random number generators (PRNGs), or bitwise logical operations. However, the existing RFID authentication protocols suffer from security weaknesses, and cannot solve most of the security and privacy problems. A new solution is necessary to address security and privacy issues. In this paper, an improved three-pass mutual authentication protocol (ITPMAP) for low-cost RFID tags is proposed to offer an adequate security level for RFID systems. The proposed ITPMAP protocol uses one PRNG on the tag side and heavy-weighted cryptographic techniques (i.e., digital signature and password-based encryption schemes) on the back-end server side instead of lightweight cryptographic techniques to address the security and privacy issues. The ITPMAP protocol is secure against various attacks such as cloning, spoofing, replay, and desynchronization attacks. Furthermore, as a proof of concept, the ITPMAP protocol is adopted to propose the design of three real-life RFID systems; namely: Signing and Verification of Graduation Certificate System, issuing and verification of e-ticketing system, and charging and discharging of prepaid card system. The Unified Modeling Language is used to demonstrate the design of the proposed ITPMAP protocol and systems. Java language is used for the implementation of the proposed systems. In addition, the “Mifare Classic” tags and readers are used as RFID apparatuses for the proposed systems.     

一种基于散列函数的RFID安全认证方法

RFID系统中有限的标签芯片资源,导致数据与信息的安全成为RFID系统的重要问题之一,散列函数的单向性为RFID的识别和认证提供了一种既可靠又有效的途径.在分析了现有几种典型散列认证协议的基础上,提出了一种新的基于散列函数的安全认证协议.本协议旨在解决手持式、无线连接的RFID阅读器与标签、服务器间的识别,利用散列函数实现服务器、阅读器以及电子标签三者之间的相互认证.经过安全性与性能的分析,新协议在采用较小的存储空间和较低的运算开销的情况下,可抵抗已知的大多数攻击,有效地保证了RFID系统中数据和隐私的安全,实现了终端与服务器间的双向认证和匿名认证,非常适合于在大型分布式系统中使用.     

Server‐less RFID authentication and searching protocol with enhanced security

This paper focuses on two interesting radio‐frequency identification (RFID) cryptographic protocols: the server‐less RFID authentication protocol that allows readers to authenticate tags without the help of any online backend servers, and the RFID searching protocol in which the verifier explicitly specifies the target tag to be searched and authenticated. These two kinds of RFID protocols play important roles in many RFID applications; however, the existing protocols either had security weaknesses or exhibited poor efficiency. This paper shows the weaknesses, and then proposes our server‐less RFID authentication protocol and RFID searching protocol. The proposed protocols greatly enhance the security using one more hashing. Copyright © 2011 John Wiley & Sons, Ltd.     

Security Enhanced RFID Authentication Protocols for Healthcare Environment

RFID technology, which is concerned as one of the core technologies of Internet of Things, has been widely deployed in healthcare environment and brings a lot of convenience for people’s daily life. However, the security and privacy challenges of RFID authentication protocols are receiving more and more attention. One of the problems is that the current RFID protocols usually use a backend server to store the detailed information of tagged objects, which may lead to the issue of information leakage if the server is hacked or attacked by the adversary. To address this challenge, in this paper, we propose a security enhanced RFID authentication protocol for healthcare environment using the technique of indistinguishability obfuscation, which prevents the leakage of sensitive data from the backend server. Meanwhile, we extend the protocol to fit for the scenario of cloud environment where the tags’ information is stored in the cloud server. To our knowledge, our protocols are the first applications of indistinguishability obfuscation in the field of RFID authentication system. Moreover, our protocols are scalable and practical, and they are analyzed to achieve most of the security properties of the RFID system.

     

无后台服务器的射频识别标签安全查询协议

在许多射频识别(RFID)应用中,经常需要在多个标签中确定某个特定标签是否存在。在这种环境下,标签查询协议必不可少。然而,已有的协议要么存在安全漏洞,要么查询效率低下。利用Hash函数和时间戳,提出一个无后台服务器的RFID标签查询协议。GNY逻辑被用于证明新协议的正确性。分析显示提出的协议可以高效的实现特定标签的查询,且能够抵抗一些主要攻击,实现对标签隐私的保护。     

Lightweight Cryptographic Authentication in Passive RFID-Tagged Systems

The explosion in recent interest in radio-frequency identification (RFID) tags stems primarily from advances in information processing in supply chain management. Given their processing power and memory capabilities, RFID tags can be used in a wide range of applications including those where barcodes can and cannot be used. Although the potential exists, it is hampered by the relatively high unit cost of implementation and issues related to privacy and security. As with any technology, unit cost of RFID tags and their related systems is bound to come down. As for security and privacy issues, the main impediments are limited processing power, memory, and external power to operate these tags. In spite of these resource constraints, recent years have seen a plethora of new authentication protocols that promise to alleviate security and privacy concerns associated with the use of RFID tags. We evaluate a few protocols that have been suggested for use in passive RFID-tagged systems and identify vulnerabilities that may be present. When appropriate, we present modifications of existing protocols to prevent identified vulnerabilities.     

一个针对低成本RFID标签的双向认证协议

文中提出了一种为低成本RFID标签设计的双向认证协议。分析RFID系统可能存在的安全和隐私威胁,包括重放、冒充、后向和前向跟踪、异步攻击和标签位置跟踪。该协议能够有效地防护以上攻击并且与相关方案具备更优的计算性能。     

轻型的RFID安全认证协议LAP

RFID标签存在着处理能力弱、存储空间小和电源供给有限等局限性,传统的公钥算法或散列函数等复杂运算不能满足实际应用的需求。针对现有轻量级RFID认证协议的不足,设计了基于广义逆矩阵的RFID安全认证协议LAP。该协议采用了硬件复杂度较低的CRC校验及计算量较小的矩阵运算。通过安全隐私和性能分析,LAP协议适用于低成本、存储与计算受限的RFID标签。     

Security analysis of the song-mitchell authentication protocol for low-cost RFID tags

In this paper, we describe an attack against one of the most efficient authentication protocols for low-cost RFID tags recently proposed by Song and Mitchell. A weak attacker, i.e. an attacker that has no access to the internal data of a tag, is able to impersonate a legitimate reader/server, and to desynchronize a tag. The attack is very efficient and has minimal computational complexity. Finally, we propose a simple solution to fix the flaw.