Studying the pseudo random number generator of a low-cost RFID tag (original) (raw)
Related papers
Improved Lightweight Pseudo-Random Number Generators for the Low-Cost RFID Tags
2015 IEEE Trustcom/BigDataSE/ISPA, 2015
EPC Gen2 tags are working as international RFID standards for the use in the supply chain worldwide, such tags are computationally weak devices and unable to perform even basic symmetric-key cryptographic operations. For this reason, to implement robust and secure pseudo-random number generators (PRNG) is a challenging issue for low-cost Radio-frequency identification (RFID) tags. In this paper, we study the security of LFSR-based PRNG implemented on EPC Gen2 tags and exploit LFSR-based PRNG to provide a better constructions. We provide a cryptanalysis against the J3Gen which is LFSR-based PRNG and proposed by Sugei et al. [1], [2] for EPC Gen2 tags using distinguish attack and make observations on its input using NIST randomness test. We also test the PRNG in EPC Gen2 RFID Tags by using the NIST SP800-22. As a countermeasure , we propose two modified models based on the security analysis results. We show that our results perform better than J3Gen in terms of computational and statistical property.
A Random Number Generator for Application in RFID Tags
With the extensive use of RFID systems, the problem of information security becomes more and more critical. Cryptography can offer private communications between the RFID reader and tag by using elaborately generated cryptographic keys. These unpredictable and irreproducible secret keys determine the communication security, and they are normally created by a nondeterministic random number generator (RNG) [1]. In current RFID technologies, pseudo random number generators (PRNG) serve as random number sources. Owing to the mechanism of PRNGs, their output numbers show poor randomicity. These less random secret keys, with no doubt, reduce the security of data transmission. An oscillator-based Truly Random Number Generator application scheme in [2] provides a better solution. The TRNG exploits thermal noise of two resistors to modulate the edge of a sampling clock. The white noise based cryptographic keys prevent potential attackers to perform any effective prediction about the generato...
AKARI-X: A pseudorandom number generator for secure lightweight systems
2011 IEEE 17th International On-Line Testing Symposium, 2011
In order to obtain more secure and reliable systems, the vast majority of RFID protocols include a Pseudorandom Number Generator (PRNG) in its design. However, the authors often do not specify the PRNG to use and standard solutions exceed the capabilities of low-cost RFID tags. In this paper, we propose two lightweight PRNGs (AKARI-1 and AKARI-2) that meet the requirements of these systems while improving their reliability and security. They may be supported on commercial tags of low price.
A Secure Authentication Scheme for RFID Systems
Procedia Computer Science, 2016
Day by day the importance of Radio Frequency Identification (RFID) systems is increasing for its powerful capabilities in automatic identification, localization and access control of the objects. However, the RFID techniques are plagued to security and privacy issues due to underlying wireless communication channel. In order to come up with a solution, we propose an efficient authentication scheme which uses pseudorandom number generators (PRNG) and some simple cryptographic operations. Moreover, as the current generation tags come with in-built pseudo random generators, the implementations of these operations are possible with low complexity. The secret information stored inside the tags is communicated in a more secure way ensuring confidentiality, integrity, and authentication. The security of our proposed scheme is analyzed against different attacks on RFID and with the performance of some existing protocols. Experimental results show a significant improvement in security with average cost, when compared with the existing techniques.
Cryptanalysis of two lightweight RFID authentication schemes
2007
Vajda and Buttyán proposed several lightweight authentication protocols for authenticating RFID tags to readers, and left open the quantifiable cryptographic strength. Our cryptanalysis answers this open question by implementing and measuring attacks against their XOR and SUBSET protocols. A passive eavesdropper can impersonate a tag in the XOR protocol after observing only 70 challengeresponse transactions between the tag and reader. In contrast, the theoretical maximum strength of the XOR protocol could have required 16! * 2 observed transactions to break the key. Our experiments also show that a passive eavesdropper can recover the shared secret used in the XOR protocol by observing an expected 1,092 transactions. Additionally, a nearly optimal active attack against the SUBSET protocol extracts almost one bit of information for each bit emitted by the tag.
Security analysis of two ultra-lightweight RFID authentication protocols
New Approaches for Security, Privacy and Trust in …, 2007
In this paper, we analyze the security vulnerabilities of two ultra-lightweight RFID mutual authentication protocols: LMAP and M 2 AP, which are recently proposed by Peris-Lopez et al. We identify two effective attacks, namely De-synchronization attack and Full-disclosure attack, against their protocols. The former attack can break the synchronization between the RFID reader and the tag in a single protocol run so that they can not authenticate each other in any following protocol runs. The latter attack can disclose all the secret information stored on a tag by interrogating the tag multiple times. Thus it compromises the tag completely. Moreover, we point out the potential countermeasures to improve the security of above protocols.
Weaknesses in Two Recent Lightweight RFID Authentication Protocols
Lecture Notes in Computer Science, 2010
The design of secure authentication solutions for low-cost RFID tags is still an open and quite challenging problem, though many algorithms have been published lately. In this paper, we analyze two recent proposals in this research area. First, Mitra's scheme is scrutinized, revealing its vulnerability to cloning and traceability attacks, which are among the security objectives pursued in the protocol definition [1]. Later, we show how the protocol is vulnerable against a full disclosure attack after eavesdropping a small number of sessions. Then, we analyze a new EPC-friendly scheme conforming to EPC Class-1 Generation-2 specification (ISO/IEC 180006-C), introduced by Qingling and Yiju [2]. This proposal attempts to correct many of the well known security shortcomings of the standard, and even includes a BAN logic based formal security proof. However, notwithstanding this formal security analysis, we show that Qingling et al.'s protocol offers roughly the same security as the standard they try to improve, is vulnerable to tag and reader impersonation attacks, and allows tag traceability.
Attacks on an Efficient RFID Authentication Protocol
2010 10th IEEE International Conference on Computer and Information Technology, 2010
In this paper, we investigate the security of a recently proposed RFID authentication protocol that needs O(1) time complexity to find out the identifier of the RFID tag irrespective of the total number of the tags. We exhibit a flaw which has gone unnoticed in design of the protocol and show that it makes the scheme vulnerable to tracking attack, tag impersonation attack and denial of service attack, if the attacker has the possibility to tamper with only one RFID tag. Because low-cost devices are not tamper-resistant, such an attack could be feasible and we can apply the resulting attacks on authentication, untraceability and desynchronization resistance of the protocol.
Analysis and Improvement of a Pseudorandom Number Generator for EPC Gen2 Tags
2010
The EPC Gen2 is an international standard that proposes the use of Radio Frequency Identification (RFID) in the supply chain. It is designed to balance cost and functionality. The development of Gen2 tags faces, in fact, several challenging constraints such as cost, compatibility regulations, power consumption, and performance requirements. As a consequence, security on board of Gen2 tags is often minimal. It is, indeed, mainly based on the use of on board pseudorandomness. This pseudorandomness is used to blind the communication between readers and tags; and to acknowledge the proper execution of password-protected operations. Gen2 manufacturers are often reluctant to show the design of their pseudorandom generators. Security through obscurity has always been ineffective. Some open designs have also been proposed. Most of them fail, however, to prove their correctness. We analyze a recent proposal presented in the literature and demonstrate that it is, in fact, insecure. We propose an alternative mechanism that fits the Gen2 constraints and satisfies the security requirements.
An Improved Lightweight RFID Authentication Protocol
International Journal of Applied Logistics, 2011
This study extends the vulnerability analysis of a RFID authentication protocol and offers solutions to security weaknesses through enhanced measures. Vajda and Buttyan (VB) proposed a lightweight RFID authentication protocol, called XOR. Defend, Fu, and Juels (DFJ) analyzed it and proposed repeated keys and nibble attacks to the protocol. In this paper, we identify the source of vulnerability within VB’s original successive session key permutation algorithm. We propose three improvements, namely removing bad shuffles, hopping the runs, and authenticating mutually, to prevent DFJ’s attacks, thereby significantly strengthening the security of the protocol without introducing extra resource cost.