A Practical Implementation Attack on Weak Pseudorandom Number Generator Designs for EPC Gen2 Tags |
| |
Authors: | Joan Melià-Seguí Joaquin Garcia-Alfaro Jordi Herrera-Joancomartí |
| |
Affiliation: | 1.Universitat Oberta de Catalunya,Barcelona,Spain;2.Institut Telecom, Telecom Bretagne,Cesson-Sevigne,France;3.Universitat Autònoma de Barcelona, Edifici Q,Bellaterra,Spain |
| |
Abstract: | The Electronic Product Code Generation 2 (EPC Gen2) is an international standard that proposes the use of Radio Frequency
Identification (RFID) in the supply chain. It is designed to balance cost and functionality. As a consequence, security on
board of EPC Gen2 tags is often minimal. It is, indeed, mainly based on the use of on board pseudorandomness, used to obscure
the communication between readers and tags; and to acknowledge the proper execution of password-protected operations. In this
paper, we present a practical implementation attack on a weak pseudorandom number generator (PRNG) designed specifically for
EPC Gen2 tags. We show that it is feasible to eavesdrop a small amount of pseudorandom values by using standard EPC commands
and using them to determine the PRNG configuration that allows to predict the complete output sequence. |
| |
Keywords: | |
本文献已被 SpringerLink 等数据库收录! |
|