Enhancing Security of Class I Generation 2 RFID against Traceability and Cloning

Duc, Dang Nguyen; Lee, Hyunrok; Kim, Kwangjo

doi:10.1007/978-3-540-71641-9_15

Cited by 75 publications

(127 citation statements)

References 3 publications

Supporting

Mentioning

125

Contrasting

Unclassified

Order By: Relevance

“…The EPCglobal Class1 Gen2 tag standard only defines CRC function and pseudo-random number generator for tag to operate. Although some lightweight encryption primitives for RFID tags are introduced and claim that they are adaptive to the resource constraint of RFID tag (Duc et al, 2006;Juels, 2005;Karthikeyan & Nesterenko, 2005), most of them have not demonstrated that these schemes can really work on passive tags to achieve security requirement. Poschmann et al (Poschmann et al, 2007;Poschmann et al, 2006) had proposed a new hash function requiring less number of gates to supply the need of lightweight encryption primitives for RFID authentication.…”

Section: Proposed Smap-lrs Protocolmentioning

confidence: 99%

A Secure Mutual Authentication Protocol for Low-Cost RFID System

Yang¹,

Yeh²

2009

Development and Implementation of RFID Technology

View full text Add to dashboard Cite

Section: Proposed Smap-lrs Protocolmentioning

confidence: 99%

A Secure Mutual Authentication Protocol for Low-Cost RFID System

Yang¹,

Yeh²

2009

Development and Implementation of RFID Technology

View full text Add to dashboard Cite

“…We will conclude new security RFID solutions in Section 7. Duc et al proposed a communication scheme (Duc et al, 2006) to protect user privacy for RFID system. The scheme based on a synchronous session key between tags and back-end database server to authenticate each other.…”

Section: Password Protection and Effective Randomnessmentioning

confidence: 99%

“…Pseudonyms approaches (Juels, 2004; Juel, 2006;Molnar, 2005;Avoine, 2005) is very similar to time stamping approaches except the dynamic information is scheduled from a predefined list of pseudo-random data called pseudonynms. Challenge-response approaches (Ree , 2005; Dimitriou, 2006;Duc, 2006;Chien, 2007) are the most secured techniques developed from multi-pass authentication process to provide a wide range of security and privacy protection.Open Access Database www.intechweb.org In actual situation, EPCGlogal Gen 1 (Garcia-Alfaro et al, 2008) tag implementation uses protocols that only require RFID readers to use the tags' unique serial numbers to identify the tags. Tags with the same ID will certainly confuse the reader.…”

mentioning

confidence: 99%

An Improved Forward Secrecy Protocol for Next Generation EPCGlogal Tag

Cheng¹,

Cheng²

2009

Development and Implementation of RFID Technology

View full text Add to dashboard Cite

IntroductionRadio Frequency Identification (RFID) (Landt, 2001) is a prevalent technology that replaces barcode technology and it will be massively applied in both consumer and commercial products as the trend predicts. However, the computation power and memory of RFID including the EPCGlobal Gen-1 and Gen-2 RFID tags are restricted. These made the implementation of well-known cryptographic algorithms, both computational and memory intensive, on the tags not possible. Although various cryptographic privacy enhancing technologies for RFID have been proposed, they include Hash-lock approaches, Digital Signature approaches, Encryption approaches, Time Stamping approaches, Pseudonyms approaches and Challenge-response approaches, the EPCGlobal tags continue to operate in a limited security protection. The Hash-lock approach (Weis, 2003) is based on locking the tag using a hash of the key on the tag, where the key is stored in a back-end server. This approach assumes that tags can not be operated securely in a long isolated environment. This approach can be used for authentication, by matching the right hash of key. The cloning resistance is weak and enhanced techniques providing better privacy protection and scalability have been derived (An, 2005;Nohara, 2005; Wang, 2007). Digital signatures approaches (Juels, 2003;Bono, 2005;de Dormale, 2005) provide better tracing and forgery resistance of RFID during authentication process. The approaches use a PKI encryption technique to avoid static identifiers and information to be read by others. Authentication is performed by verifying data on the tag is signed using a valid public-key digital signature to check the valididty of authentication. Encryption approaches (Golle, 2004;Feldhofer, 2004;Ranasinghe, 2004;Ateniese, 2005) are similar to digital signature approaches except simplified private key standard or propriertay cryptographic algorithm is used. Time stamping approaches (Glidden, 2004;Molnar ,2005;Tsudik, 2006;Ith, 2007) are the most popular approaches which provide a dynamic matching of time information that help avoiding replay attacks. Pseudonyms approaches (Juels, 2004; Juel, 2006;Molnar, 2005;Avoine, 2005) is very similar to time stamping approaches except the dynamic information is scheduled from a predefined list of pseudo-random data called pseudonynms. Challenge-response approaches (Ree , 2005; Dimitriou, 2006;Duc, 2006;Chien, 2007) are the most secured techniques developed from multi-pass authentication process to provide a wide range of security and privacy protection.Open Access Database www.intechweb.org In actual situation, EPCGlogal Gen 1 (Garcia-Alfaro et al, 2008) tag implementation uses protocols that only require RFID readers to use the tags' unique serial numbers to identify the tags. Tags with the same ID will certainly confuse the reader. Gen 2 rectifies this problem by allowing reader to read tags even if two or more tags have the exact IDs. The unique sequence of communication makes anti-collision algorithm more robust and reduce the possibi...

show abstract

“…Some RFID implementation would expose tags identifications when readers inquire them. In addition, the most important security requirement for user privacy is untraceability [2,11]. With an untraceability property, an attacker cannot track tags by suing interactions with tags.…”

Section: Introductionmentioning

confidence: 99%

“…To cope with the security threats, there are several protocols had been proposed to enhance the security of RFID systems [2][3][4][5][6][7][8][9][10]. However, most of previous protocols required the support of either hash function or encryption function on the tag.…”

Section: Introductionmentioning

confidence: 99%

An Efficient Mutual Authentication Protocol on RFID Tags

Huang

Emerging Directions in Embedded and Ubiquitous Computing

View full text Add to dashboard Cite

Abstract. Recently, as low-cost radio frequency identification (RFID) becomes more pervasive in our daily lives, RFID systems may create new threats to security and privacy of individuals and organizations. It must have secure mutual authentication mechanisms to protect privacy information. However, the previous works on designing security protocols for RFID either do not conform to the EPCglobal Class 1 Generation 2 (GEN-2) standards or suffer from security flaws. In 2007, Chien and Chen proposed a mutual authentication protocol for RFID systems to improve the previous schemes. However, their scheme cannot efficiently retrieve the information of tags from its database for the authentication. To guarantee the quality of the growing popular communication services, it is urgent to construct efficient authentication for both parties of the tag and the back-end server such that the reader can quickly obtain the information of tag from its database. For light-weight calculation power of a tag and protecting the privacy of user (or product), this article proposes the RFID mutual authentication scheme based on GEN-2 standards. The proposed scheme can efficiently retrieve the information of tags from the database in the authentication process. Moreover, the proposed scheme can improve the previous schemes and provide anonymous property and forward secrecy.

show abstract

Enhancing Security of Class I Generation 2 RFID against Traceability and Cloning

Cited by 75 publications

References 3 publications

A Secure Mutual Authentication Protocol for Low-Cost RFID System

A Secure Mutual Authentication Protocol for Low-Cost RFID System

An Improved Forward Secrecy Protocol for Next Generation EPCGlogal Tag

An Efficient Mutual Authentication Protocol on RFID Tags

Contact Info

Product

Resources

About