LAMED - A PRNG for EPC Class1 Generation2 RFID specification (original) (raw)
Related papers
J3Gen: A PRNG for Low-Cost Passive RFID
Sensors, 2013
Pseudorandom number generation (PRNG) is the main security tool in low-cost passive radio-frequency identification (RFID) technologies, such as EPC Gen2. We present a lightweight PRNG design for low-cost passive RFID tags, named J3Gen. J3Gen is based on a linear feedback shift register (LFSR) configured with multiple feedback polynomials. The polynomials are alternated during the generation of sequences via a physical source of randomness. J3Gen successfully handles the inherent linearity of LFSR based PRNGs and satisfies the statistical requirements imposed by the EPC Gen2 standard. A hardware implementation of J3Gen is presented and evaluated with regard to different design parameters, defining the key-equivalence security and nonlinearity of the design. The results of a SPICE simulation confirm the power-consumption suitability of the proposal.
Improved Lightweight Pseudo-Random Number Generators for the Low-Cost RFID Tags
2015 IEEE Trustcom/BigDataSE/ISPA, 2015
EPC Gen2 tags are working as international RFID standards for the use in the supply chain worldwide, such tags are computationally weak devices and unable to perform even basic symmetric-key cryptographic operations. For this reason, to implement robust and secure pseudo-random number generators (PRNG) is a challenging issue for low-cost Radio-frequency identification (RFID) tags. In this paper, we study the security of LFSR-based PRNG implemented on EPC Gen2 tags and exploit LFSR-based PRNG to provide a better constructions. We provide a cryptanalysis against the J3Gen which is LFSR-based PRNG and proposed by Sugei et al. [1], [2] for EPC Gen2 tags using distinguish attack and make observations on its input using NIST randomness test. We also test the PRNG in EPC Gen2 RFID Tags by using the NIST SP800-22. As a countermeasure , we propose two modified models based on the security analysis results. We show that our results perform better than J3Gen in terms of computational and statistical property.
Analysis and Improvement of a Pseudorandom Number Generator for EPC Gen2 Tags
2010
The EPC Gen2 is an international standard that proposes the use of Radio Frequency Identification (RFID) in the supply chain. It is designed to balance cost and functionality. The development of Gen2 tags faces, in fact, several challenging constraints such as cost, compatibility regulations, power consumption, and performance requirements. As a consequence, security on board of Gen2 tags is often minimal. It is, indeed, mainly based on the use of on board pseudorandomness. This pseudorandomness is used to blind the communication between readers and tags; and to acknowledge the proper execution of password-protected operations. Gen2 manufacturers are often reluctant to show the design of their pseudorandom generators. Security through obscurity has always been ineffective. Some open designs have also been proposed. Most of them fail, however, to prove their correctness. We analyze a recent proposal presented in the literature and demonstrate that it is, in fact, insecure. We propose an alternative mechanism that fits the Gen2 constraints and satisfies the security requirements.
Studying the pseudo random number generator of a low-cost RFID tag
2011 IEEE International Conference on RFID-Technologies and Applications, 2011
Due to severe limitations in their computational and storage capabilities, many low-cost RFID tags have been shown to implement quite weak authentication protocols, largely due to weakness in their pseudorandom number generators (PRNG). This aim of this is to examine the PRNG in use within the authentication protocol of the new NXP MIFARE Ultralight C RFID low-cost card. The article investigates the nonces generated by the card during the authentication protocol to assess their randomness, and to test any possible attacks down this path. We confirm the validity of the methodology by applying similar techniques to the Mifare 1K Classic, confirming previously discovered weaknesses. We conclude that in the light of our analysis, the PRNG of the Ultralight C is a major improvement over that of the Mifare 1K, and that the nonces generated by the former can't be easily distinguished from truly random ones.
A Random Number Generator for Application in RFID Tags
With the extensive use of RFID systems, the problem of information security becomes more and more critical. Cryptography can offer private communications between the RFID reader and tag by using elaborately generated cryptographic keys. These unpredictable and irreproducible secret keys determine the communication security, and they are normally created by a nondeterministic random number generator (RNG) [1]. In current RFID technologies, pseudo random number generators (PRNG) serve as random number sources. Owing to the mechanism of PRNGs, their output numbers show poor randomicity. These less random secret keys, with no doubt, reduce the security of data transmission. An oscillator-based Truly Random Number Generator application scheme in [2] provides a better solution. The TRNG exploits thermal noise of two resistors to modulate the edge of a sampling clock. The white noise based cryptographic keys prevent potential attackers to perform any effective prediction about the generato...
Secure EPC Gen2 Compliant Radio Frequency Identification
Lecture Notes in Computer Science, 2009
The increased functionality of EPC Class1 Gen2 (EPCGen2) is making this standard a de facto specification for inexpensive tags in the RFID industry. Recently three EPCGen2 compliant protocols that address security issues were proposed in the literature. In this paper we analyze these protocols and show that they are not secure and subject to replay/impersonation and statistical analysis attacks. We then propose an EPCGen2 compliant RFID protocol that uses the numbers drawn from synchronized pseudorandom number generators (RNG) to provide secure tag identification and session unlinkability. This protocol is optimistic and its security reduces to the (cryptographic) pseudorandomness of the RNGs supported by EPCGen2.
A Practical Implementation Attack on Weak Pseudorandom Number Generator Designs for EPC Gen2 Tags
Wireless Personal Communications, 2011
The Electronic Product Code Generation 2 (EPC Gen2) is an international standard that proposes the use of Radio Frequency Identification (RFID) in the supply chain. It is designed to balance cost and functionality. As a consequence, security on board of EPC Gen2 tags is often minimal. It is, indeed, mainly based on the use of on board pseudorandomness, used to obscure the communication between readers and tags; and to acknowledge the proper execution of password-protected operations. In this paper, we present a practical implementation attack on a weak pseudorandom number generator (PRNG) designed specifically for EPC Gen2 tags. We show that it is feasible to eavesdrop a small amount of pseudorandom values by using standard EPC commands and using them to determine the PRNG configuration that allows to predict the complete output sequence.
Procedia Technology, 2013
"A Radio Frequency Identification (RFID) system is a contactless automatic identification system that uses small and low-cost tags. RFID systems communicate with the tags attached to the objects using radio frequency waves. The major problem with RFID systems is security problem because the communication between RFID components is wireless. In this paper we comprehensively discuses about computational cost to Yoon and Mohammadali protocol two newest protocol that shows some attack on Yeh protocol and improve these two protocols. We presented an improvement mutual authentication protocol which can prevent the security problems and easy to implement in low-cost passive tags. The proposed protocol is compatible with the international standard EPC Class-1 Generation-2 standard (ISO 18000-6)."
AKARI-X: A pseudorandom number generator for secure lightweight systems
2011 IEEE 17th International On-Line Testing Symposium, 2011
In order to obtain more secure and reliable systems, the vast majority of RFID protocols include a Pseudorandom Number Generator (PRNG) in its design. However, the authors often do not specify the PRNG to use and standard solutions exceed the capabilities of low-cost RFID tags. In this paper, we propose two lightweight PRNGs (AKARI-1 and AKARI-2) that meet the requirements of these systems while improving their reliability and security. They may be supported on commercial tags of low price.
Security Analysis of an EPC Class-1 Generation-2 Compliant RFID Authentication Protocol
2018
Design of secure authentication solutions for low-cost RFID tags is still an open and quite challenging problem, though many protocols have been published in the last decade. In 2013, Wei and Zhang proposed a new lightweight RFID authentication protocol that conforms to the EPC-C1G2 standard and claimed that the protocol would be immune against all known attacks on RFID systems. In this paper, we consider the security of this protocol and show that it cannot provide secure authentication for RFID users. An attacker, by following our suggested approach, will be able to impersonate server/reader, and destroy synchronization between the back-end server and the tag. Finally, we enhance this protocol, and by using formal and informal security analysis we show that the enhanced protocol strongly inhibits the security flaws of its predecessor.