Are RNGs Achilles’ Heel of RFID Security and Privacy Protocols?

  • Atakan Arslan
  • Süleyman Kardaş
  • Sultan Aldırmaz Çolak
  • Sarp Ertürk
Article
  • 14 Downloads

Abstract

Security and privacy concerns have been growing with the increased utilisation of RFID technology in our daily lives. To mitigate these issues, numerous privacy-friendly authentication protocols have been published in the last decade. Random number generators (RNGs) are necessarily used in RFID tags to provide security and privacy. However, low-end RNGs can be the weakest point in a protocol scheme and using them might undesirably cause severe security and privacy problems. On the other hand, having a secure RNG with large entropy might be a trade-off between security and cost for low-cost RFID tags. Furthermore, RNGs used in low-cost RFID tags might not work properly in time. Therefore, we claim that the vulnerability of using an RNG deeply influences the security and privacy level of the RFID system. To the best of our knowledge, this concern has not been considered in the RFID literature. Motivated by this need, in this study, we first revisit Vaudenay’s privacy model which combines the early models and presents a new mature privacy model with different adversary classes. Then, we extend the model by introducing RANDOMEYE privacy, which allows analyzing the security of RNGs in RFID protocols. We further apply our extended model to two existing RFID schemes.

Keywords

RFID Protocol Privacy Security RNG 

Notes

References

  1. 1.
    Want, R., Schilit, B. N., & Jenson, S. (2015). Enabling the internet of things. IEEE Computer, 48(1), 28–35.CrossRefGoogle Scholar
  2. 2.
    Bilal , Z. (2015). Addressing security and privacy issues in low-cost RFID systems. Ph.D. thesis, Royal Holloway, University of London, London, UK.Google Scholar
  3. 3.
    Armknecht, F., Hamann, M., & Mikhalev, V. (2014). Lightweight authentication protocols on ultra-constrained RFIDs—myths and facts. In N. Saxena & A. R. Sadeghi (Eds.), Radio frequency identification: Security and privacy issues (pp. 1–18). Cham: SpringerGoogle Scholar
  4. 4.
    Ghaeini, H.R., & Tippenhauer, N.O. (2016). HAMIDS: Hierarchical monitoring intrusion detection system for industrial control systems. In Proceedings of the 2nd ACM workshop on cyber-physical systems security and privacy, CPS-SPC ’16 (pp. 103–111). New York, NY, USA.Google Scholar
  5. 5.
    Juels, A. (2004). Minimalist cryptography for low-cost RFID tags. In C. Blundo & S. Cimato (Eds.), International conference on security in communication networks—SCN 2004, volume 3352 of of lecture notes in computer science (pp. 149–164). Amalfi, Italy, Springer.Google Scholar
  6. 6.
    Avoine, G., Bingöl, M. A., Carpent, X., & Kardaş, S. (2013). Deploying OSK on low-resource mobile devices (pp. 3–18). Berlin: Springer.Google Scholar
  7. 7.
    Kardas, S., Celik, S., Bingöl, M.A., & Albert, L. (2013). A new security and privacy framework for RFID in cloud computing. In IEEE 5th international conference on cloud computing technology and science, CloudCom 2013, Bristol, United Kingdom (Vol. 1, pp. 171–176)Google Scholar
  8. 8.
    Avoine, G. (2017). RFID lounge. http://www.avoine.net/rfid/. Accessed March 2.
  9. 9.
    Bilal, Z., Martin, K., & Saeed, Q. (2014). Multiple attacks on authentication protocols for low-cost RFID tags. Applied Mathematics and Information Sciences, 9(2), 561–569.Google Scholar
  10. 10.
    Radványi, T., Biró, C., Király, S., Szigetváry, P., & Takács, P. (2015). Survey of attacking and defending in the RFID system. Annales Mathematicae et Informaticae, 44, 151–164.MathSciNetMATHGoogle Scholar
  11. 11.
    Alavi, S. M., Baghery, K., & Abdolmaleki, B. (2014). Security and privacy flaws in a recent authentication protocol for EPC C1 G2 RFID tags. Advances in Computer Science: An International Journal, 3(5), 44–52.Google Scholar
  12. 12.
    Avoine, G. (2005). Cryptography in radio frequency identification and fair exchange protocols. Ph.D. thesis, EPFL, Lausanne, Switzerland.Google Scholar
  13. 13.
    Juels, A., & Weis, S. (2007). Defining strong privacy for RFID. In International conference on pervasive computing and communications—PerCom (pp. 342–347). New York City, New York, USA, IEEE, IEEE Computer Society.Google Scholar
  14. 14.
    Vaudenay, S. (2007). On privacy models for RFID. In K. Kurosawa (Ed.), Advances in cryptology ASIACRYPT 2007, volume 4833 of of lecture notes in computer science (pp. 68–87). Berlin: Springer.Google Scholar
  15. 15.
    Avoine, G. (2005). Adversary model for radio frequency identification. Technical report, Swiss Federal Institute of Technology (EPFL), Security and Cryptography Laboratory (LASEC).Google Scholar
  16. 16.
    Avoine, G., Coisel, I., & Martin, T. (2010). Time measurement threatens privacy-friendly RFID authentication protocols. In S.B. Ors Yalcin (Ed.), Workshop on RFID security—RFIDSec’10, volume 6370 of lecture notes in computer science (pp. 138–157) Istanbul, Turkey, Springer.Google Scholar
  17. 17.
    Ha, J., Moon, S., Zhou, J., & Ha, J. (2008). A new formal proof model for RFID location privacy. Proceding of the 13th European symposium on research in computer security–ESORICS 2008, volume 6123 of lecture notes in computer science (pp. 267–281). Malaga, Spain, Springer.Google Scholar
  18. 18.
    Lai, J., Deng, R.H., & Li, Y. (2010). Revisiting unpredictability-based RFID privacy models. In Proceedings of the 8th international conference on applied cryptography and network security—ACNS 2010, volume 6123 of lecture notes in computer science (pp. 475–492). Beijing, China, Springer.Google Scholar
  19. 19.
    Akgün, M., & Çaǧlayan, M. (2011). Extending An RFID security and privacy model by considering forward untraceability. In J. Cuellar, J. Lopez, G. Barthe & A. Pretschner (Eds.), Security and trust management (pp. 239–254). Berlin: Springer.CrossRefGoogle Scholar
  20. 20.
    Kardaş, S., Çelik, S., Bingöl, M. A., Kiraz, M. S., Demirci, H., & Levi, A. (2014). \(k\)-strong privacy for radio frequency identification authentication protocols based on physically unclonable functions. Wireless Communications and Mobile Computing, 15, 1–17.  https://doi.org/10.1002/wcm.2482.Google Scholar
  21. 21.
    Hermans, J., Peeters, R., & Preneel, B. (2014). Proper RFID privacy: Model and protocols. IEEE Transactions on Mobile Computing, 13(12), 2888–2902.CrossRefGoogle Scholar
  22. 22.
    Peinado, A., Munilla, J., & Fúster-Sabater, A. (2013). EPCGen2 pseudorandom number generators: analysis of J3Gen. IACR Cryptology ePrint Archive, 2013, 825.Google Scholar
  23. 23.
    Melia-Segu, J., Garcia-Alfaro, J., & Herrera-Joancomart, J. (2011). A practical implementation attack on weak pseudorandom number generator designs for EPC Gen2 tags. Wireless Personal Communications, 59(1), 27–42.CrossRefGoogle Scholar
  24. 24.
    Garcia, F. D., de Koning Gans, G., Muijrers, R., van Rossum, P., Verdult, R., Schreur, R. W., et al. (2008). Dismantling MIFARE classic. In S. Jajodia & J. Lopez (Eds.), Computer security—ESORICS 2008, volume 5283 of lecture notes in computer science (pp. 97–114). Berlin: Springer.Google Scholar
  25. 25.
    Bayon, P., Bossuet, L., Aubert, A., Fischer, V., Poucheret, F., Robisson, B., et al. (2012). Contactless electromagnetic active attack on ring oscillator based true random number generator. In W. Schindler & S. Huss (Eds.), Constructive side-channel analysis and secure design, volume 7275 of lecture notes in computer science (pp. 151–166). Berlin: Springer.Google Scholar
  26. 26.
    Avoine, G., Dysli, E., & Oechslin, P. (2005). Reducing time complexity in RFID systems. In B. Preneel & S. Tavares (Eds.), Selected areas in cryptography–SAC 2005, volume 3897 of lecture notes in computer science (pp. 291–306). Kingston, Canada, Springer.Google Scholar
  27. 27.
    Lim, C. H., & Kwon, T. (2006). Strong and robust RFID authentication enabling perfect ownership transfer. In P. Ning, S. Qing, & N. Li (Eds.), International conference on information and communications security—ICICS’06, volume 4307 of lecture notes in computer science (pp. 1–20). Raleigh, North Carolina, USA, Springer.Google Scholar
  28. 28.
    Van Le, T., Burmester, M., & de Medeiros, B. (2007). Universally composable and forward-secure RFID authentication and authenticated key exchange. In F. Bao & S. Miller (Eds.), ACM symposium on information, computer and communications security—ASIACCS 2007 (pp. 242–252). Singapore, Republic of Singapore, ACM, ACM Press.Google Scholar
  29. 29.
    van Deursen, T., & Radomirović, S. (2012). Insider attacks and privacy of RFID protocols. In Proceedings of the 8th European conference on public key infrastructures, services, and applications (pp. 91–105). Springer.Google Scholar
  30. 30.
    Song, B., & Mitchell, J.C. (2008). RFID authentication protocol for low-cost tags. In V.D. Gligor, J.-P. Hubaux, & R. Poovendran (Eds.), Proceedings of the 1st ACM conference on wireless network security—WiSec’08 (pp. 140–147). Alexandria, Virginia, USA, ACM, ACM Press.Google Scholar
  31. 31.
    Akgün, M., & Çaǧlayan, M. (2015). Providing destructive privacy and scalability in RFID systems using PUFs. Ad Hoc Networks, 32, 32–42.CrossRefGoogle Scholar
  32. 32.
    Lauter, K. (2004). The advantages of elliptic curve cryptography for wireless security. IEEE Wireless Communications, 11(1), 62–67.CrossRefGoogle Scholar
  33. 33.
    Yih-Chun, H., & Perrig, A. (2004). A survey of secure wireless ad hoc routing. IEEE Security Privacy, 2(3), 28–39.CrossRefGoogle Scholar
  34. 34.
    Altop, D. K., Bingöl, M. A., Levi, A., & Savaş, E. (2017). DKEM: Secure and efficient distributed key establishment protocol for wireless mesh networks. Ad Hoc Networks, 54(C), 53–68.CrossRefGoogle Scholar
  35. 35.
    Chien, H.-Y. (2007). SASI: A new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Transactions on Dependable and Secure Computing, 4(4), 337–340.CrossRefGoogle Scholar
  36. 36.
    Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A. (2006). LMAP: A real lightweight mutual authentication protocol for low-cost RFID tags. In Workshop on RFID security—RFIDSec’06 (pp. 12–14). Graz, Austria, Ecrypt.Google Scholar
  37. 37.
    Peris-Lopez, P., Hernandez-Castro, J. C., Estevez-Tapiador, J. M., & Ribagorda, A. (2006). M2AP: A minimalist mutual-authentication protocol for low-cost RFID tags. In J. Ma, H. Jin, L. T. Yang, & J. J. P. Tsai (Eds.), International conference on ubiquitous intelligence and computing—UIC’06, volume 4159 of lecture notes in computer science (pp. 912–923). China, Wuhan and Three Gorges, Springer.Google Scholar
  38. 38.
    Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M. & Ribagorda, A. (2006). Emap: An efficient mutual-authentication protocol for low-cost rfid tags. In OTM confederated international conferences” On the move to meaningful internet systems” (Vol. 4277, pp. 352–361). Springer.Google Scholar
  39. 39.
    Peris-Lopez, P., Hernandez-Castro, J. C., Estevez-Tapiador, J. M., & Ribagorda, A. (2008). Advances in ultralightweight cryptography for low-cost RFID tags: Gossamer protocol. In K.-I. Chung, K. Sohn, & M. Yung (Eds.), Workshop on information security applications—WISA’08, volume 5379 of lecture notes in computer science (pp. 56–68). Jeju Island, Korea, Springer.Google Scholar
  40. 40.
    EPC Global, (2014). UHF air interface protocol standard Generation2/Version2. http://www.gs1.org/gsmp/kc/epcglobal/uhfc1g2. Accessed March 2, 2017.
  41. 41.
    Peris-Lopez, P., Lim, T. L., & Li, T. (2008). Providing stronger authentication at a low-cost to RFID tags operating under the EPCglobal framework. In C.-Z. Xu & M. Guo (Eds.), Embedded and ubiquitous computing—Volume 02—EUC’08 (pp. 159–166). Shanghaim, China, IEEE, IEEE Computer Society.Google Scholar
  42. 42.
    Chien, H.-Y., & Chen, C.-H. (2007). Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards. Computer Standars & Interfaces, 29(2), 254–259.CrossRefGoogle Scholar
  43. 43.
    Avoine, G., Bingöl, M. A., Carpent, X., & Yalcin, S. B. O. (2012). Privacy-friendly authentication in RFID systems: On sub-linear protocols based on symmetric-key cryptography. IEEE Transactions on Mobile Computing, 12(10), 2037–2049.  https://doi.org/10.1109/TMC.2012.174.CrossRefGoogle Scholar
  44. 44.
    Menezes, A. J., Vanstone, S. A., & Van Oorschot, P. C. (1996). Handbook of applied cryptography (1st edn.). Boca Raton: CRC Press, Inc.CrossRefMATHGoogle Scholar
  45. 45.
    Schindler, W., & Killmann, W. (2003). Evaluation criteria for true (physical) random number generators used in cryptographic applications. In Revised papers from the 4th international workshop on cryptographic hardware and embedded systems, CHES ’02 (pp. 431–449). London, UK, Springer.Google Scholar
  46. 46.
    Peris-Lopez, P., Hernandez-Castro, J. C., Estevez-Tapiador, J. M., & Ribagorda, A. (2009). LAMED—A PRNG for EPC Class-1 Generation-2 RFID specification. Computer Standards and Interfaces, 31(1), 88–97.CrossRefGoogle Scholar
  47. 47.
    Melia-Segu, J., Garcia-Alfaro, J., & Herrera-Joancomart, J. (2013). J3Gen: A PRNG for low-cost passive RFID. Sensors, 13(3), 3816–3830.CrossRefGoogle Scholar
  48. 48.
    Garcia-Alfaro, J., Herrera-Joancomart, J., & Segu, J. M. (2015). Remarks on Peinado et al.’s analysis of J3Gen. Sensors, 15(3), 6217–6220.CrossRefGoogle Scholar
  49. 49.
    Che, W., Deng, H., Tan, W., & Wang, J. (2008). A random number generator for application in RFID tags. In P. H. Cole & D. C. Ranasinghe (Eds.), Networked RFID systems and lightweight cryptography (pp. 279–287). Berlin: Springer.CrossRefGoogle Scholar
  50. 50.
    ISO/IEC Standard 18000 RFID Air Interface Standard. (2014). http://www.hightechaid.com/standards/18000.htm. Accessed March 2, 2017.
  51. 51.
    Sarma, S., Weis, S., & Engels, D. (2002). RFID systems and security and privacy implications. In B. Kaliski, Ç. Kaya ço, & C. Paar (Eds.), Cryptographic hardware and embedded systems—CHES 2002, volume 2523 of lecture notes in computer science (pp. 454–469). Redwood Shores, California, USA, Springer.Google Scholar
  52. 52.
    Barak, B., Shaltiel, R., & Tromer, E. (2003). True random number generators secure in a changing environment (pp. 166–180). Berlin: Springer.MATHGoogle Scholar
  53. 53.
    hashcat. (2015). Performance. http://hashcat.net/oclhashcat/. Accessed August 30, 2015.

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  • Atakan Arslan
    • 1
    • 2
  • Süleyman Kardaş
    • 3
  • Sultan Aldırmaz Çolak
    • 1
  • Sarp Ertürk
    • 1
  1. 1.Department of Electronics and Communication EngineeringKocaeli UniversityİzmitTurkey
  2. 2.TÜBİTAK BİLGEMGebzeTurkey
  3. 3.Faculty of Engineering and ArchitectureBatman UniversityBatmanTurkey

Personalised recommendations