RFID-enabled Extensible Authentication Framework and Its ...

More documents

Recommendations

Info

[19], and hash-based ID variation (HIDV) scheme [20]. However, these schemes except HIDV are vulnerable to replay and tag spoofing attacks. RHL and HC are impractical for suppliers and distributors because of their scalability problem. HIDV scheme does not work with desynchro- nized DB caused by unreliable RF communication or attacks. To solve these problems, we will propose a hash-based authentication method for our proposed RFID authentication framework. (3) Block-Cipher-based Authentication Methods The first RFID authentication protocol using a block cipher was proposed by Feldhofer et al. [4, 6]. Their novel approach of an AES hardware implementation has achieved low power consumption and low die- size. Kaps et al. [8] also implemented AES encryption in CBC mode with the viable number of NAND gate equivalents. Feldhofer et al.’s recent work [5] suggested that AES-128 is more appropriate for RFID systems than any other hash functions. Usually, a low-cost RFID tag means a passive RFID tag less than 5 cents with roughly 500-5,000 gates [14]. Besides AES, light-weight block ciphers such as mCrypton [11], HIGHT [12], and PRESENT [13] are developed for resource-constraint devices. These implementations with less than 3,000 gates show that block ciphers are affordable for low-cost RFID tags. Based on AES hardware implementation, following RFID authentication protocols using AES are proposed. Feldhofer [3] and Dominukus et al. [2] proposed a challenge-response authentication protocol con- forming to ISO/IEC 18000-3 standard. Toiruul et al. [9] proposed a mutual authentication protocol with two shared random secrets. How- ever, these protocols have some drawbacks. Protocol 5 in [2] requires one AES decryption which is not implemented in practice. When using different secret keys for different product classes, [2] have scalability problems to find a correct key. [9] requires three consecutive AES 3
encryptions at the tag side which might be incapable in passive tags. Traceability and desynchronization are also defects in [9]. In this thesis, we will propose three block-cipher-based authentication methods for our proposed RFID authentication framework. Our authentication methods will be designed for different security requirements and improve drawbacks in previous work. 1.2 Our Contributions In this thesis, we proposed a universal authentication framework suitable for RFID systems. When applying our RFID-enabled Extensible Authentication Framework (REAF) to RFID systems, a specific authentication method that a tag supports can be chosen in the negotiation process. As a result, many types of tags and authentication methods can be integrated into a single authentication system, and an owner of a tag can use an authentication method they want to use. We also analyzed the existing RFID authentication protocols using hash functions and block ciphers and propose four new authentication methods with different security properties for REAF: REAF-HF, REAF-BC-TA, REAF-BC-OA1, and REAF-BC-OA2. REAF-HF and REAF-BC-TA authenticates tags with Identity Type and can be use- ful for supply chain management. REAF-BC-OA1 authenticates the owner of a tag, and REAF-BC-OA2 extends REAF-BC-OA1 into a mutual authentication. REAF-BC-OA1 and REAF-BC-OA2 can protect owner’s privacy, and they are suitable for consumer applications. Because all these REAF methods are performed over REAF, we can support RFID tags embedding various cryptographic primitives from each vendor. It is also possible to select an REAF method satisfying security requirements of a specific RFID application and provide flexi- ble security level with various key sizes. Therefore, REAF and REAF 4
Page 1 and 2: A Thesis for the Degree of Master R
Page 3 and 4: RFID-enabled Extensible Authenticat
Page 5 and 6: M.S. 20042055 Abstract Sungbae Ji R
Page 7 and 8: Contents Abstract i Contents iii Li
Page 9 and 10: List of Figures 3.1 REAF Message Pa
Page 11 and 12: DB Database List of Abbreviations E
Page 13 and 14: EK(str) Block cipher encryption of
Page 15: 1.1 Motivation and Objectives (1) A
Page 19 and 20: II. Preliminaries 2.1 Security and
Page 21 and 22: Table 2.1: RFID Applications Applic
Page 23 and 24: GEs, 8,400 GEs, and 7,300 GEs respe
Page 25 and 26: tags against cloning. The EnhancedT
Page 27 and 28: the inventory response is contradic
Page 29 and 30: An RFID reader relays messages betw
Page 31 and 32: Moreover, readers and APs are the i
Page 33 and 34: 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
Page 35 and 36: authentication is done successfully
Page 37 and 38: packets between the tag and the mid
Page 39 and 40: IV. REAF Methods and Applications I
Page 41 and 42: Table 4.1: Comparison with other Ha
Page 43 and 44: On receiving BC-OA1-Response, M dec
Page 45 and 46: Table 4.2: Security Properties of R
Page 47 and 48: 4.3 Applications In this section, w
Page 49 and 50: V. Conclusion In this thesis, we pr
Page 51 and 52: RFID 시스템을 위한 확장가
Page 53 and 54: References 1. EPCglobal Inc, EPC Ra
Page 55 and 56: quency Identification Systems, Secu
Page 57 and 58: Acknowledgement This thesis is the
Page 59 and 60: Name : Sungbae Ji Date of Birth : O
Page 61 and 62: Publications (1) 2007.02 지성배,

RFID-enabled Extensible Authentication Framework and Its ...

Create successful ePaper yourself

Delete template?

Save as template?