A Study on the Security of RFID with Enhancing Privacy Protection

Similar documents
Back-end Server Reader Tag

Tackling Security and Privacy Issues in Radio Frequency Identification Devices

On the Security of RFID

A Research on Issues Related to RFID Security and Privacy

A Secure RFID Ticket System For Public Transport

The Study on RFID Security Method for Entrance Guard System

RFID Security. April 10, Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark

RFID Security and Privacy: Threats and Countermeasures

A Survey of RFID Authentication Protocols Based on Hash-Chain Method

PAP: A Privacy and Authentication Protocol for Passive RFID Tags

Security Analysis and Complexity Comparison of Some Recent Lightweight RFID Protocols

RFID Security and Privacy: A Research Survey. Vincent Naessens Studiedag Rabbit project

Strengthen RFID Tags Security Using New Data Structure

Privacy and Security in library RFID Issues, Practices and Architecture

Proxy Framework for Enhanced RFID Security and Privacy

Various Attacks and their Countermeasure on all Layers of RFID System

An Overview of Approaches to Privacy Protection in RFID

Security and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags

Privacy and Security Aspects of RFID Tags

Security, Privacy, Authentication in RFID and Applications of Smart E-Travel

Protecting the privacy of passive RFID tags

RFID Security: Threats, solutions and open challenges

RFID Systems: A Survey on Security Threats and Proposed Solutions

Security Issues in RFID. Kai Wang Research Institute of Information Technology, Tsinghua University, Beijing, China

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, Developed by: Smart Card Alliance Identity Council

A Vulnerability in the Song Authentication Protocol for Low-Cost RFID Tags

Implementation of a PC Security System using RF Transmitter-Receivers

A Secure and Efficient Authentication Protocol for Mobile RFID Systems

An Overview of RFID Security and Privacy threats

Privacy Enhanced Active RFID Tag

Security and privacy in RFID

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

THE SECURITY AND PRIVACY ISSUES OF RFID SYSTEM

SECURITY FLOWS AND IMPROVEMENT OF A RECENT ULTRA LIGHT-WEIGHT RFID PROTOCOL

RFID SECURITY. February The Government of the Hong Kong Special Administrative Region

MANAGING OF AUTHENTICATING PASSWORD BY MEANS OF NUMEROUS SERVERS

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Secure Active RFID Tag System

RF ID Security and Privacy

Low-Cost RFID Authentication Protocol for Anti-Counterfeiting and Privacy Protection

How To Hack An Rdi Credit Card

RFID based Bill Generation and Payment through Mobile

4. Open issues in RFID security

Single Sign-On Secure Authentication Password Mechanism

Feature. Security and Privacy Trade-offs in RFID Use. Operational Zone RFID Tag. RFID Reader

Secure and Serverless RFID Authentication and Search Protocols

A Brief Survey on RFID Privacy and Security

Scalable RFID Security Protocols supporting Tag Ownership Transfer

Enabling the secure use of RFID

Security Requirements for RFID Computing Systems

Security in Near Field Communication (NFC)

50 ways to break RFID privacy

Best Practices for the Use of RF-Enabled Technology in Identity Management. January Developed by: Smart Card Alliance Identity Council

RFID Authentication Protocol for Low-cost Tags

Wireless Network Security

How To Design An Fid Authentication Protocol

Privacy Implications of RFID Tags by Paul Stamatiou. CS4001, Georgia Institute of Technology November 8 th, 2007

Lightweight Cryptography. Lappeenranta University of Technology

WHITE PAPER SERIES / EDITION 1 BUSINESS PROCESSES & APPLICATIONS. Low-Cost RFID Systems: Confronting Security and Privacy SOFTWARE & NETWORK HARDWARE

A RESEARCH SURVEY: RFID SECURITY & PRIVACY ISSUE

Efficient Nonce-based Authentication Scheme for. session initiation protocol

LOW-COST Radio Frequency IDentification (RFID) tags

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

Security and Privacy in Intermodal Baggage Management With RFID

Location-Aware and Safer Cards: Enhancing RFID Security and Privacy

Security/Privacy Models for "Internet of things": What should be studied from RFID schemes? Daisuke Moriyama and Shin ichiro Matsuo NICT, Japan

Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems

Secure Anonymous RFID Authentication Protocols

SECURITY ANALYSIS OF PASSWORD BASED MUTUAL AUTHENTICATION METHOD FOR REMOTE USER

Efficient nonce-based authentication scheme for Session Initiation Protocol

ATTACHMENT E: RFID SECURITY AND PRIVACY WHITE PAPER

Device-based Secure Data Management Scheme in a Smart Home

Security Analysis and Implementation leveraging Globally Networked RFIDs

RF Attendance System Framework for Faculties of Higher Education

Security Challenges of the EPCglobal Network

The Feasibility and Application of using a Zero-knowledge Protocol Authentication Systems

Problems of Security in Ad Hoc Sensor Network

Information Security in Big Data using Encryption and Decryption

Security in RFID Networks and Protocols

CPSC 467b: Cryptography and Computer Security

SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTING SECURITY ENVIRONMENT

Web Payment Security. A discussion of methods providing secure communication on the Internet. Zhao Huang Shahid Kahn

Chap. 1: Introduction

A Comparative Study of Applying Real- Time Encryption in Cloud Computing Environments

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006


BIG DATA: CRYPTOGRAPHICALLY ENFORCED ACCESS CONTROL AND SECURE COMMUNICATION

Foundation University, Islamabad, Pakistan

Secure File Transfer Using USB

A Knowledge-Based Intrusion Detection Engine to detect attacks on security protocols

Authentication. Authorization. Access Control. Cloud Security Concerns. Trust. Data Integrity. Unsecure Communication

NFC Based Equipment Management Inventory System

Aalborg Universitet. Publication date: Document Version Early version, also known as pre-print. Link to publication from Aalborg University

Security and Privacy for Internet of Things Application

DUE to the low cost and easy deployment, Radio Frequency

E-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption

On the Security Vulnerabilities of a Hash Based Strong Password Authentication Scheme

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Transcription:

A Study on the Security of RFID with Enhancing Privacy Protection *Henry Ker-Chang Chang, *Li-Chih Yen and *Wen-Chi Huang *Professor and *Graduate Students Graduate Institute of Information Management Chang Gung University Taiwan *Correspondence: Professor Henry Ker-Chang Chang Graduate Institute of Information Management Chang Gung University Tao-Yuan, Taiwan, ROC e-mail: changher@mail.cgu.edu.tw Tel.: +886-3-2118800 Ext. 5866 0935-645158

A Study on the Security of RFID with Enhancing Privacy Protection Abstract: A ubiquitous network environment will make society be able to conveniently access better services anywhere and at any time. The Radio Frequency Identification (RFID) technology will most likely be part of such a manageable society. However, more and more deployment of RFIDs may create some threats to user privacy; therefore privacy protection has become an important issue nowadays. In this thesis, we propose a mutual authentication protocol to enhance the privacy protection, which uses the dynamic identification scheme. In this way, we want to reform some weaknesses which have in the past, or will in the future allow breaches by adversaries. We present a security protocol to prevent some attacks using cryptographic one-way hash functions on the passive tags. Therefore, our proposed method could be deployed in many applications without strong symmetric or asymmetric encryption. We believe that the proposed approach will be available to enhance the protection of a user's privacy. Key words: Radio Frequency Identification (RFID), Dynamic Identification, Hash Function, Security, Privacy 1. INTRODUCTION Recently, Radio Frequency Identification (RFID) has been called the next generation bar code, which is a revolution in automatic identification and contactless accessing data method. The RFID system is commonly applied to manufacturing, such as supply chain management and inventory control. For instance, Wal-Mart has recently attempted to use RFID systems popularly; all incoming inventory items from their manufacturers contain RFID tags (Cavoukian, 2003). Therefore, the pervasive RFID systems will establish a ubiquitous network environment. There are two main types of RFID tags: active and passive. An active tag contains a small on-board battery and generates power itself, whereas a passive tag does not contain any power source and uses the power generated by the reader (Allied Bus, 2002). Although passive tags have blocked computation power and shorter transmission scope, their life cycle is not limited, while the cost is low. Since the RFID systems are applied in generally all trades and professions, security and privacy issues advocates should be concerned. The most applications use passive tags due to 1

cost problems, and the acceptable cost of passive tags should be about 5 cents. However, at such a cost, a passive tag that is limited for security only contains roughly 2,500 to 5,000 gates (Ohkubo et al, 2003). For instance, DES needs 10,000 gates and AES implementation needs 5,000 gates (Phillips, T., 2005), thus most cryptographic approaches can not be implemented. In this proposed scheme, we present a security protocol to prevent some attacks using cryptographic a one-way hash function on the passive tags. Therefore, our proposed method could be deployed in many applications without strong symmetric or asymmetric encryption. This paper is organized as follows. We discuss the RFID personal privacy issues in section 2. The related works of security and privacy protection protocol for RFID system are introduced in section 3. Our proposed approach is given in section 4. In section 4, we define the hash-based function to design the protocol. The basic idea and working mechanisms are presented based on randomly ID-Refreshed Identification. 2. RFID PERSONAL PRIVACY ISSUES RFID provides us with many benefits but also irks us with many issues regarding privacy. Since RFID signals are transmitted over the air, attackers can always sniff the messages between the readers and the tags to get private information on tags. Privacy issues are mainly classified into data privacy and location privacy. Data privacy Attackers can use a reader to scan individuals for RFID tagged items without their knowledge remotely. If attackers can associate the output of the tags with the item which the tag is affixed to, then attackers can get a shopping list and even a preference list of individuals without their consent. Even worse, if attackers associate the output of a tag with the individual who carries it, personal identification becomes another issue. Moreover, attackers might scan individuals to know the private item that they carry. Thieves may also use a reader to choose a rich victim by scanning for individuals who carry high value items. Location privacy Persons who carry RFID tags and vehicles with RFID are under the threat of tracking. If attackers can predict the output of a tag (some tags always output the same message), they can associate the tag and its owner. By scanning items with tags, attackers can track an 2

individual with readers. Therefore, no one can sense the radio frequency signal and a RFID provides contactless identification; individuals can hardly know that he or she is being tracked remotely by someone. 3. Related Works In RFID systems pervasive deployment of tags may create new security and customer privacy issues. For instance, an attacker could discover an individual s informational preferences without their permission if they carry items with RFID tags, revealing privacy information by linking an ID of a tag to a person in a database system. Therefore, there are many research projects proposed with different schemes to protect user privacy for RFID. In this section, we introduce the previous schemes for RFID privacy issues, and also discuss the advantages and drawbacks of those methods. Hash lock scheme This scheme proposes an access control protocol for RFID (Weis 2003). In this proposed scheme, we want to lock the tag so that the tag stores the hash of a random key K as the tag metaid, i.e., metaid = h (K). Then the back-end database stores random keys which correspond with a metaid of each tag in this system. When the reader queries the tag, the tag sends the metaid value to the back-end database. If we want to unlock the tag, query the metaid from the tag, and look up the appropriate key in the database and transmit it. The tag hashes the key and compares it to the stored metaid. If both values match, the tag unlocks itself. This procedure is shown in Fig. 1: 3. 2. 1. 4. 5. 6. Fig.1 Hash lock scheme This scheme is very practical method for low-cost RFID tag, because only on hash function needed. However, the tag could be easily tracked by an adversary via its fixed metaid. Furthermore, there is no mechanism to protect the RFID system against spoofing in this scheme. Randomized hash Lock scheme When the reader queries a tag, the tag responds with a random number and the hash value of its identity makes contact with the random number (Weis et al, 2003). Then the reader forwards these messages to a database; the database computes the hash value of the identity 3

of each tag in contact with the random number to find the appropriate identity of the tag. This procedure is shown in Fig. 2: 1. 3. 2. 4. 5. Fig. 2 Randomized hash lock scheme even though this scheme improved the location tracking problem of hash lock schemes, it is neither private nor secure against passive eavesdroppers, and an adversary can query a tag to learn (R, h (ID k, R)), with which the adversary later can impersonate the tag to the reader (Molnar et al, 2004). Re-encryption scheme In this scheme (Juels et al, 2003), re-encrypted serial numbers of bank notes in tags are used with a public key. It is proposed in order to reduce the linkage of different appearances. Then, in another scheme (Golle et al, 2004) for re-encrypting tags, it is proposed using multiple public keys to re-encrypt a cipher-text without knowing the associated public key. Although both foregoing schemes protect data privacy and make strong protection of location privacy, they require an external computing environment and need many resources (Juels et al, 2003). Other approaches There are other different approaches to resolving data privacy issues. Here we show them. (1) Kill command feature: This scheme is proposed by EPC global and has been ratified (EPC global Inc., 2007). Even thought the privacy problems can be resolved completely in this way, users can not benefit from RFID system after killing the tag, therefore it is not recommended. (2)Blocker tags scheme (Juels et al, 2003): The main idea is to interfere with communication if protected tags are being read. However, this scheme is limited, since blocker tags can not protect the protected tag while out of the transmission scope. 4. THE PROPOSED SCHEME To protect the data confidentially for low-cost RFID tags, cryptography such as DES, AES, and RSA are not feasible due to the cost issue. The computation power needed is beyond low-cost tags. Instead of general cryptography, exclusive-or operation and hash function are much more practical for low-cost RFID tags. 4

Here we introduce a randomly ID-Refreshed Identification scheme. This approach protects data privacy and location privacy for low-cost RFID tags under the threats of replay attack, eavesdropping, spoofing, and man-in-the-middle attacks. First, we describe the initial stage of the proposed protocol, and then we introduce the details of the communications protocol. The initialization stage First of all, in our proposed protocol, two hash functions are given: Y 1 =h(x 1 ) and Y 2 =f(x 2 ). Then we introduce that our proposed protocol has some computation and initialization values in the database, reader, and tag which are based on the EPC standard as an initial step: (1) ID is the identity of a tag which is stored in both the database and every tag. (2) MID (Meta-ID) is generated by each tag dynamically. (3) Time stamp (T 1, T 2 ) is transmitted between the reader and tag which enhances the security. (4) CID (Checking-ID) is generated by the database and tags dynamically. (5) UID (Updating-ID) is initially generated by database which is then stored both in the database and the tag. The initial step is shown in Fig. 3: Database Reader Tag Select random A UID=A Store (ID, UID) (ID, UID) (ID, UID) Store (ID, UID) Fig. 3 The initialization stage of the proposed protocol The details of the proposed protocol In this section, we would like to introduce a dynamic identity scheme. This method protects data and location privacy for low-cost RFID tags. We feel that this proposed scheme can help to allay fears from the threat of eavesdropping, replay attacks, spoofing and man-in-the-middle attack. In our approach, the tag has a random number generator and the computation power to compute hash functions. This scheme is: (1) When the reader wants to access the tag, it sends the signal with the inquiry information first. (2) After the tag receives the query signal, it selects a random number B, hashes ID by Y 1 =h(x 1 ), sends back MID= h (ID B) and time stamp T 1 to the reader which is forwarded to the database. 5

(3) Then the database also hashes all the stored ID i by the hash function: Y i =h(x i ), searches and checks that Y matches MID that is from the tag. Therefore, the database can acquire the values (ID, MID, UID). (4) The database generates the random number C and computes CID=h(ID C); then sends the values (CID, UID, C) to the reader, then the reader adds a time stamp T 2 and sends ( CID, UID, C, T 2 ) to the tag. (5) When the tag receives the values, it computes Y=h (ID C). If Y matches the received CID and the UID value also matches, the tag unlocks itself. (6) The database and tag both update the UID value finally. The proposed scheme is composed by the following steps as presented in Fig. 4: Database Reader Tag 1. Compute: all ID i (where i = 1 n ) Y=h(ID B) 2. Searching & Checking Y=MID (3) MID, B (1) Query (2) MID, B, T 1 1. Pick random number B 2. Compute: MID=h(ID B) 3. Acquire the values (ID, MID, UID) 4. Pick random number C CID=h(ID C) 1. Updating: UID=f(ID C) Compute : (4) (5) 1. Y=h(ID C) CID, UID, C CID, UID, C, T 2 2. if Y=CID & UID is also matched then unlock itself 3. Updating: UID=f(ID C) Fig. 4 Diagram of the proposed privacy protection mechanism using dynamic identity scheme 5. SECURITY ANALYSIS In this section, we introduce the proposed protocol that can protect the location privacy and data privacy under the threats of replay attack, eavesdropping, spoofing, and man-in-the-middle attack; we also use a one-way hash function to protect all the messages. We can express the issues: Location privacy An adversary can track the tag, if the tag outputs the fixed information or has predictable messages over the protocol. In the proposed scheme, the same tag changes the information for each legitimate reading session. However, the dynamic messages from the tag ensure safety against tracking attacks. 6

Against replay attack Because adversaries can always eavesdrop in the air, record the messages, and replay those messages at any time, the database and tag must check the updating of messages. In the proposed protocol, the replay attack is prevented by establishing the valid time stamps T 1 and T 2. This is a key to against the replay attack. Against eavesdropping Since RFID signals are transmitted over the air, attackers can always eavesdrop on the messages between tags and readers. But in the locked status, the tags only send back the MID=h (ID B) for any enquiries, so that tags can not offer the functionalities to the eavesdroppers. Against spoofing In most situations, if there is no mechanism of checking that the tags are valid, the adversary could simulate the tags and spoof the database. In the proposed protocol, a tag randomizes a value B and contacts the tag s ID which is hashed by a one-way hash function, i.e., MID=h (ID B). Since the adversary cannot find the authentication of the tag, they cannot get the information. Against man-in-the-middle attack For an adversary, it is easy to intercept the replied signal from a tag, and tries to use this signal to get information from a reader; they could also unlock the tag. He or she may pretend to be a legitimate reader to deceive tags at any time, or other. In the proposed protocol, we dynamically update the UID each session and deny attackers who wish to unlock the tag, since the UID value can not match. Therefore, man-in-the-middle attack can not work to break the proposed scheme. 6. CONCLUSION RFID system can identify an object or a person using wireless transmission. Adopting RFID in a variety of daily applications is a benefit, such as toll collection, library management, warehouse management, and telemedicine (Yang et al, 2006), etc. Therefore, an RFID system is a universal, beneficial, and convenient technology; but it poses many threats to the security and privacy of organizations or individuals. In this paper, we proposed a scheme based on dynamic identification to ensure data privacy and location privacy. Thus, the output of tags changes each time. Finally, we also analyzed that the approach can prevent threats of reply attacks, eavesdropping, spoofing, and man-in-the-middle attack. References Allied Bus Intelligence, (2002) RFID White Paper. 7

Cavoukian, A. (2004) Tag, You re It: Privacy Implications of Radio Frequency Identification (RFID) Technology, Information and Privacy Commissioner, Ontario, Toronto, Feb. http://www.ipc.on.ca/scripts/index_.asp?action=31&p_id=15007 EPC global Inc. (2007), [online], http://www.epcglobalinc.org/home, Sep. 17 Golle, P., Jakobsson, M., Juels, A. and Syverson, P. (2004) Universal Re-encryption for Mixnets, RSA Conf. Cryptographers Track 04, LNCS 2964, pp. 163 78, Springer-Verlag Juels, A. and Pappu, R. (2003) Squealing Euros: Privacy Protection in RFID-Enabled Banknotes, Financial Cryptography 03, R. Wright, Ed., Springer-Verlag. Juels, A., Rivest, R. L. and Szydlo, M. (2003) The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy, Proc. ACM Computer and Communications Security 03, pp. 103-11. Molnar D. and Wagner, D. (2004) Privacy and Security in Library RFID Issues, Practices, and Architectures, Proc. ACM Computer and Communications Security 04, Washington DC, USA, October 25-29. Ohkubo, M., Suzuki, K. and Kinoshita, S. (2003) Cryptographic Approach to Privacy-Friendly tags, In RFID Privacy Workshop, MIT, USA. Phillips, T., Karygiannis, T. and Kuhn, R. (2005) Security Standards for the RFID Market, IEEE Security and Privacy, Vol. 3, no. 6, pp. 85-89, Nov.-Dec Weis, S. A. (2003) Radio-Frequency Identification Security and Privacy, Master's thesis, M.I.T. June Weis, S. A., Sarma, S. Rivest, R. and Engels, D. (2003) Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems, Proc. First International Conference on Security in Pervasive Computing, LNCS 2802, pp. 201-212, Springer-Verlag Yang Xiao, Xuemin Shen, Bo Sun, and Lin Cai, (2006) Security and Privacy in RFID and Applications in Telemedicine, IEEE, Communications Magazine, Vol. 44, pp. 64-72, April. 8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information