Abstract
EPC Class1 Gen2 (EPCGen2) is an international industrial standards for low cost RFID system used in many applications such as supply chain and consumer service. While RFID technology offers convenience and being employed in various applications in our society, security and privacy issues are still the number one concern of most RFID applications today. In this paper, we study the problems occurring where a reader wants to authenticate and identify legitimate RFID EPCGen2 tags in a batch to guarantee the integrity of the products. Most of the EPCGen2 tags are passive and have limited computational ability to compute cryptographic functions. For this reason, to design a mechanism to protect low-cost EPCGen2 tags from security and privacy risks is a challenging task. We propose a provable secure batch authentication scheme for EPCGen2 tags using the pseudo-random number generator (PRNG) and cyclic redundancy check (CRC) code. Our ultra-lightweight scheme which integrates the operations of EPCGen2 and only relies on build-in CRC-16 and PRNG function with secret keys inside the tags. We formally analyze security and privacy of the proposed scheme by using mathematical modeling and proof. Our analysis shows that our scheme provides strong ability to prevent existing possible attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Andreeva, E., Bogdanov, A., Luykx, A., Mennink, B., Tischhauser, E., Yasuda, K.: Parallelizable and Authenticated Online Ciphers. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part I. LNCS, vol. 8269, pp. 424–443. Springer, Heidelberg (2013)
Burmester, M., de Medeiros, B., Munilla, J., Peinado, A.: Secure EPC Gen2 compliant radio frequency identification. In: Ruiz, P.M., Garcia-Luna-Aceves, J.J. (eds.) ADHOC-NOW 2009. LNCS, vol. 5793, pp. 227–240. Springer, Heidelberg (2009)
Black, J., Rogaway, P.: A Block-Cipher Mode of Operation for Parallelizable Message Authentication. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 384–397. Springer, Heidelberg (2002)
EPCglobal Inc., Class 1 Generation 2 UHF RFID protocol for communication at 860Mhz-960Mhz version 1.2.0 (2008)
Fleischmann, E., Forler, C., Lucks, S.: McOE: A Family of Almost Foolproof On-Line Authenticated Encryption Schemes. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 196–215. Springer, Heidelberg (2012)
Gong, W., Liu, K., Miao, X., Ma, Q., Yang, Z., Liu, Y.: Informative counting: Fine-grained batch authentication for large-scale rfid systems. In: ACM MobiHoc (2013)
Gao, L., Ma, M., Shu, Y., Wei, Y.: An ultralightweight RFID authentication protocol with CRC and permutation. Journal of Network and Computer Applications (2013)
Gilbert, H., Robshaw, M.J.B., Seurin, Y.: HB#: Increasing the security and efficiency of HB + . In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 361–378. Springer, Heidelberg (2008)
Juels, A., Weis, S.A.: Authenticating pervasive devices with human protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)
Melia-Segui, J., Garcia-Alfaro, J., Herrera-Joancomarti, J.: Analysis and improvement of a pseudorandom number generator for EPC Gen2 tags. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) FC 2010 Workshops. LNCS, vol. 6054, pp. 34–46. Springer, Heidelberg (2010)
Mandal, K., Fan, X., Gong, G.: Warbler. A Lightweight Pseudorandom Number Generator for EPC C1 Gen2 Passive RFID Tags. International Journal of RFID Security and Cryptography (IJRFIDSC) 2(1-4), 82–91 (2013)
Munilla, J., Peinado, A.: HB-MP: a further step in the HB-family of lightweight authentication protocols. Computer Networks 51(9), 2262–2267 (2007)
Rogaway, P.: Efficient Instantiations of Tweakable Blockciphers and Refinements to Modes OCB and PMAC. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 16–31. Springer, Heidelberg (2004)
Ranasinghe, D., Engels, D., Cole, P.: Low-cost RFID systems: confronting security and privacy. In: Proceedings of the Auto-ID Labs Research Workshop, pp. 54–77 (2004)
Rogaway, P., Zhang, H.: Online Ciphers from Tweakable Blockciphers. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 237–249. Springer, Heidelberg (2011)
Song, B., Mitchell, C.J.: RFID authentication protocol for low-cost tags. In: Proceedings of the 1st ACM Conference on Wireless Network Security, pp. 140–147 (April 2008)
Sun, H.M., Ting, W.C.: Gen2-based RFID authentication protocol for security and privacy. IEEE Transactions on Mobile Computing 8(8), 1052–1062 (2009)
Yang, L., Han, J., Qi, Y., Liu, Y.: Identification-free batch authentication for RFID tags. In: Proceedings of the 18th IEEE International Conference on Network Protocols, pp. 154–163 (October 2010)
Qi, S., Zheng, Y., Li, M., Lu, L., Liu, Y.: COLLECTOR: A Secure RFID-Enabled Batch Recall Protocol. In: IEEE INFOCOM, Canada (April 2014)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Chen, J., Miyaji, A., Su, C. (2014). A Provable Secure Batch Authentication Scheme for EPCGen2 Tags. In: Chow, S.S.M., Liu, J.K., Hui, L.C.K., Yiu, S.M. (eds) Provable Security. ProvSec 2014. Lecture Notes in Computer Science, vol 8782. Springer, Cham. https://doi.org/10.1007/978-3-319-12475-9_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-12475-9_8
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-12474-2
Online ISBN: 978-3-319-12475-9
eBook Packages: Computer ScienceComputer Science (R0)