Public Key Cryptography and RFID Tags

McLoone, M.; Robshaw, Matthew J. B.

doi:10.1007/11967668_24

Cited by 40 publications

(34 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The coupon approach can be efficiently implemented in hardware [12,13]. The promising results of [12,13] should not conceal profound drawbacks of the approach.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Coupon Recalculation for the GPS Authentication Scheme

Hofferek

Wolkerstorfer

2008

Smart Card Research and Advanced Applications

View full text Add to dashboard Cite

Abstract. Equipping branded goods with RFID tags is an effective measure to fight the growing black market of counterfeit products. Asymmetric cryptography is the technology of choice to achieve strong authentication but suffers from its ample demand of area and power resources. The GPS authentication scheme showed that a coupon-based approach can cope with the limited resources of passive RFID tags. This article extends the idea of coupons by recalculating coupons during the idle time of tags when they are powered but do not actively communicate. This approach relaxes latency requirements and allows to implement GPS hardware using only 800 gate equivalents plus storage for 560 bytes. In the average case it has the same performance as the classical couponbased approach but does not suffer its susceptibility to denial-of-service attacks.

show abstract

“…The coupon approach can be efficiently implemented in hardware [12,13]. The promising results of [12,13] should not conceal profound drawbacks of the approach.…”

Section: Introductionmentioning

confidence: 99%

“…The promising results of [12,13] should not conceal profound drawbacks of the approach. First, only a limited number of authentications is possible because storage is costly.…”

Section: Introductionmentioning

confidence: 99%

Coupon Recalculation for the GPS Authentication Scheme

Hofferek

Wolkerstorfer

2008

Smart Card Research and Advanced Applications

View full text Add to dashboard Cite

show abstract

“…Bos et al report AES-128 performance on 8-bit microcontrollers of 124.6 and 181.3 CPU cycles per byte [9], and Feldhofer et al report just over 1,000 cycles per byte using low-power custom circuits [20]. Surprisingly, although asymmetric cryptography is generally up to two orders of magnitude slower than symmetric, McLoone and Robshaw demonstrate a fast and low-power implementation of an asymmetric cryptosystem for use in RFID tags [47]. Their circuitry uses 400 to 800 cycles per round (on 8-and 16-bit architectures, respectively) in the high-current configuration (comparable in terms of clock cycles to AES for RFID [20], but with half to one-tenth the gates and vastly less power), and 1,088 cycles when using about six times less current.…”

Section: Performance Considerationsmentioning

confidence: 99%

“…In other words, the overhead is constant (Oð1Þ) for a given network configuration (maximum path length), and cannot be influenced by an adversary. Fortunately, hardware cryptographic accelerators are increasingly common and inexpensive to compensate for increased security demands on low-power devices, which lead to increased computational load and reduced battery life [17], [18], [20], [33], [39], [46], [47], [49], [56].…”

Section: Performance Considerationsmentioning

confidence: 99%

Vampire Attacks: Draining Life from Wireless Ad Hoc Sensor Networks

Vasserman

Hopper

2013

IEEE Trans. on Mobile Comput.

128

View full text Add to dashboard Cite

Abstract-Ad hoc low-power wireless networks are an exciting research direction in sensing and pervasive computing. Prior security work in this area has focused primarily on denial of communication at the routing or medium access control levels. This paper explores resource depletion attacks at the routing protocol layer, which permanently disable networks by quickly draining nodes' battery power. These "Vampire" attacks are not specific to any specific protocol, but rather rely on the properties of many popular classes of routing protocols. We find that all examined protocols are susceptible to Vampire attacks, which are devastating, difficult to detect, and are easy to carry out using as few as one malicious insider sending only protocol-compliant messages. In the worst case, a single Vampire can increase network-wide energy usage by a factor of OðNÞ, where N in the number of network nodes. We discuss methods to mitigate these types of attacks, including a new proof-of-concept protocol that provably bounds the damage caused by Vampires during the packet forwarding phase.

show abstract

“…Implementations must have a small footprint not to exceed the costs, and they have to be designed for low power in order to allow a certain reading range. A lot of proposals have been published so far that deal with lightweight cryptography for RFID by using coupon-based signature functions like GPS [23,18], stream ciphers [7,12,9], asymmetric algorithms like ECC [30,4], or symmetric algorithms like AES [10], PRESENT [6], SEA [28], HIGHT [13], or DES variants [22]. At the time, the security features of conventional RFID tags range from simple secure memory-lock functionalities to integrated cryptographic engines like Mifare [19], SecureRF [26], or CryptoRF [2].…”

Section: Introductionmentioning

confidence: 99%

RFID and Its Vulnerability to Faults

Hutter

Schmidt

Plos

Cryptographic Hardware and Embedded Systems – CHES 2008

View full text Add to dashboard Cite

Abstract. Radio Frequency Identification (RFID) is a rapidly upcoming technology that has become more and more important also in securityrelated applications. In this article, we discuss the impact of faults on this kind of devices. We have analyzed conventional passive RFID tags from different vendors operating in the High Frequency (HF) and Ultra-High Frequency (UHF) band. First, we consider faults that have been enforced globally affecting the entire RFID chip. We have induced faults caused by temporarily antenna tearing, electromagnetic interferences, and optical inductions. Second, we consider faults that have been caused locally using a focused laser beam. Our experiments have led us to the result that RFID tags are exceedingly vulnerable to faults during the writing of data that is stored into the internal memory. We show that it is possible to prevent the writing of this data as well as to allow the writing of faulty values. In both cases, tags confirm the operation to be successful. We conclude that fault analysis poses a serious threat in this context and has to be considered if cryptographic primitives are embedded into low-cost RFID tags.

show abstract

Public Key Cryptography and RFID Tags

Cited by 40 publications

References 9 publications

Coupon Recalculation for the GPS Authentication Scheme

Coupon Recalculation for the GPS Authentication Scheme

Vampire Attacks: Draining Life from Wireless Ad Hoc Sensor Networks

RFID and Its Vulnerability to Faults

Contact Info

Product

Resources

About