Upload
sunil-rm
View
1.054
Download
1
Embed Size (px)
DESCRIPTION
RFID authentication protocol,security
Citation preview
A Gen2-Based RFID Authentication Protocol
for Security and Privacy
Sunil Kumar R.M3rd sem ,M.Tech (QIP)
CSE.RVCE.
Under the guidance of Anjun kumar K
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
2
Overview
Radio Frequency Identification (RFID) Security Threats. End user’s Concern. Classification of RFID protocols. Generation 2 protocol. Duc ’s CRC Based protocol . Secured Gen2 protocol . Tags-to-Reader Authenticity . Security analysis. Gen 2 + protocol against different Attacks. Conclusion .
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
3
RFID Architecture
three key phases. Firstly items-tag are
scanned by reader;
Secondly in backend transmitted data coming through antenna (RF-wave) are being recognized by RFID-based system PC. It acts as a middleware communication gateway among items, reader and system database;
And at the end it filters out and store data in RFID-databases for checking the data fault and relevant operation.
Tags Reader
Gateway
Database
Database
Application
User Interface
Backend
Fig.1. A General Overview of RFID Architecture
Scanned
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
4
TAGS Paper thin 2X2inch in size.
Read-only or Read/writable
Storage capacity of 2KB data that contain 96bits serial number.
Tags come in many flavors: passive, battery assisted, active, different frequencies, various anti-collision technologies, printed/wire wounded antenna etc.
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
5
RFID Tags are of three types
Active tags. Semi passive tags. Passive tags.
Reading range of tags:Class-0 tag : 5 to 10 cmClass-1 tag: several meters.
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
6
Security Threats.
Eaves dropping listens to all the communications through RF and dumps them for later cracking.
Reply attack attacker repeats the same messages logged from eaves dropping.
Cloning. Tag tracing attacker can easily trace the tag
n communicate with it. Invading privacy. Data forging data about the several items
may be changed by the attackers.
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
7
End users concern
In future each items will have an RFID and a person needs a reader to manage all his items.
RFID provides three functions about an item: The price of an item
Luxurious items. Handful items. Cheap consumable items.
The effective reading range class-0 13.56 MHz 3.52 meters.class-1 915 MHz 3 meters.forward channel 100 meters.
The popularity of RFID tags: lots of companies are applying RFID for better flow control and quality control and try to benefit from high speed.
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
8
Classification of RFID protocols
Secure solutions: Uses hash value as Meta ID. To verify a tag a verifier
needs to search the back end DB and compute some Hashed value. The DB looks for the TID & sends it back it to the reader.
Provides forward security. Here the cost of the hash function is usually higher
than the XOR,AND,OR operations.
Light weight solutions: It uses XOR operation as a basic operation. This method cannot prevent the active attacks. Here the person can have a common same reader id. Attackers can easily access the tags.
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
9
Generation 2 protocol
Here the tags contains the pseudorandom number generator (PRGN).
CRC16 used to establish the protection message integrity.
Memory : Reserved memory. EPC memory. TID memory. User Memory.
Here the time complexity of the exhaustive search is given by O(2 32)
Note: These cannot perform complex computations .
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
10
Duc’s CRC Based protocol
R reader T tag S server/backend Ki key value.
1. RT: Query.2. T: Compute M1=CRC (TID Θ r) Θ Ki
and C = CRC(M1 Θ r)3. TRS: M1, C and r.4. S: Search all possible tuple (TID, Ki)
such that M1 Θ Ki =CRC (TID Θr)
5. RS, RT: Update Ki+1=f (Ki)
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
11
1 select 1-4 inventory. 5-7 access
stage. 7 read, write,
block write.
Note : here CRC is a mini Hash function that exists collisions.
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
12
Secured Gen2 protocol
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
13
Key pool: tag shares a L-word long random string. Ck l : 16 bit divided address
1. RT : Query.2. TR : Choose (a,b)=(0,4),hence, the segment is
K[ a: b]=1234567890 h.3. SR : Assume the back-end database calculates
the central key from the current DB and obtains ck I = 53 D8h .
4. RT: ck I .
Secured Gen2 protocol
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
14
Central key (CK)
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
15
Tags-to-Reader Authenticity
If the reader is valid it can check the validity of the tag by reading its key pool & compare it with the record in the DB.
If the attacker tries to recover the whole key pool from previous captured sessions, the reader can update the tags key pool by memory write.
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
16
Security analysis
The readers can be classified in to four types: Associate reader: reader is legal & works
with back end & stores the information of the tag i.e. going to be read.
Semi friendly reader: reader is legal and works with back end servers.
Malicious active Reader: powerful but it will not have any information about tag but can interact with the tag.
Malicious passive logger: small device that logs all the RF signals & tries to obtain the information of the tag.
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
17
Gen 2 + protocol against different Attacks
Against tracing attack=malicious active +malicious passive reader. Attacker actively scans the tag from a far
distance & logs all the RF signals by small device near the tag.
The attacker may choose the random value ckl
& interact with the tag every round.
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
18
Against skimming attack
It is malicious passive logger Its goal is to filter out information about the
tag from logger RF signals.
Gen2+ tag will reply a 16bit message if it is accidentally queried by a semi friendly reader. Semi friendly readers will ignore the 16 bit message as if the protocols fails.
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
19
Against the spoofing attack
Here attacker tries to reply previously logged sessions so that the legal reader will take it as an approval.
In order to prevent this spoofing attack, the legal reader reads out the whole keypool. If the attacker wants to spoof the backend DB,he has obtain the keypool first. Then there is a second defense line which is the 32 bit access password (PIN) which is not easy.
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
20
Conclusion
RFID technology is taking off in increasingly rapid RFID technology is taking off in increasingly rapid pace. Though there are few libraries employing pace. Though there are few libraries employing this technology today, but due to its this technology today, but due to its customizable feature and continuing customizable feature and continuing improvement the library communities are improvement the library communities are beginning to get involved in its development. It beginning to get involved in its development. It is easy to envision that,is easy to envision that, the RFID tags contents the RFID tags contents will increase in power, prices are expected to will increase in power, prices are expected to decline and tag will dramatically improve its decline and tag will dramatically improve its efficiency, security and accuracy.efficiency, security and accuracy. Also major Also major concerns need to be addressed for successfully concerns need to be addressed for successfully implementing this technology. So that it will implementing this technology. So that it will change our personal and work lives in library and change our personal and work lives in library and adorns the conventional management with a new adorns the conventional management with a new idea and usher for a bright future.idea and usher for a bright future.
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
21
Future Research
Low cost hardware implementation w/o computational loss.
Adaptation of symmetric encryption and public key algorithms from active tags into passive tags.
Power loss graceful recovery of tags Research on smart cards and other
embedded systems.
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
22
REFERENCES
http://www.epcglobalinc.org http://eprint.iacr.org/ http://www.rfidjournal.com/article/vi
ew/1536/1/82
April 9, 2023 Gen 2 based RFID Authenticaton Protocols
23
THANK YOU