Abstract
One of the most promising applications of active RFID tags is electronic seal, which is an electronic device to guarantee the authenticity and integrity of freight containers and also provides physical protection like a lock. There are already many commercial electronic seal products and ongoing standardization activities such as ISO-18185 drafts. While electronic seals can provide freight containers with a high level of tamper resistance, the security problem of electronic seal itself should be solved, and a feasible solution would be to use symmetric key cryptography based primitives such as block ciphers and message authentication codes (MACs). This kind of approach has already been used in many security-related standards and it requires the implementation of pseudorandom functions (PRFs) for key derivation and authentication.
In this paper, we consider secure and efficient implementation of PRFs on electronic seals and interrogators. We implement block cipher based PRFs and hash based PRFs and compare them from the viewpoint of efficiency. Since practical PRFs can be directly implemented using MACs, we consider implementation of various message authentication schemes; HMAC-MD5, HMAC-SHA1, AES-CBC-MAC, AES-CMAC and AES-XCBC-MAC. For interrogators, we design FPGA modules for these MAC algorithms since an interrogator has to guarantee high throughput to communicate with many electronic seals simultaneously. According to our analysis, AES based MACs consume smaller areas and their throughputs are significantly higher than hash based ones. For electronic seals, we implement MAC algorithms as a form of software module (C and assembly codes) over a small-scale microcontroller. Our experimental results show that AES based modules show much better performance, which coincide with the results in hardware implementation. Finally, we improve the above implementations further, where we concentrate on the optimization of AES based MACs. We use several well-known techniques such as use of block RAMs in FPGA, and loop unrolling and register reallocation in assembly code.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Finkenzeller, K.: RFID Handbook: Fundamentals and Applications in Contactless Smart Cards and Identification, 2nd edn. ohn Wiley & Sons, Chichester (2003)
Juels, A., Rivest, R., Szydlo, M.: The blocker tag: selective blocking of RFID tags for consumer privacy. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 103–111. ACM Press, New York (2003)
Weis, S.A.: Security and privacy in radio-frequency identification devices. Master’s thesis, Massachusetts Institute of Technology (2003)
Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic approach to “privacy-friendly” tags. In: RFID Privacy Workshop (2003)
Juels, A.: Minimalist cryptography for low-cost RFID tags. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 149–164. Springer, Heidelberg (2005)
Golle, P., Jakobsson, M., Juels, A., Syverson, P.: Universal re-encryption for mixnets. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 163–178. Springer, Heidelberg (2004)
Feldhofer, M., Dominikus, S., Wolkerstorfer, J.: Strong authentication for RFID systems using AES algorithm. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 357–370. Springer, Heidelberg (2004)
ISO 18185-1: Freight Containers - Electronic Seals - Part 1: Communication Protocol (2005)
ISO 17712: Freight Containers - Mechanical Seals (2003)
ISO 18185-2: Freight Containers - Electronic Seals - Part 2: Application Requirements (2005)
ISO 18185-3: Freight Containers - Electronic Seals - Part 3: Environmental characteristic (2005)
ISO 18185-4: Freight Containers - Electronic Seals - Part 4: Data Protection (2005)
ISO 18185-7: Freight Containers - Electronic Seals - Part 7: Physical Layer (2005)
IETF RFC 2409: The Internet Key Exchange (IKE) (1998)
IETF RFC 4306: Internet Key Exchange (IKEv2) Protocol (2005)
IETF RFC 4346: The Transport Layer Security (TLS) Protocol Version 1.1 (2006)
IEEE Std 802.11i: IEEE Standard for Information technology - Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications, Amendment 6: Medium Access Control (MAC) Security Enhancement (2004)
IEEE Std 802.16e: IEEE Standard for Local and metropolitan area networks - Part 16: Air Interface for Fixed and Mobile Broadband Wireless Access Systems - Amendment 2: Physical and Medium Access Control Layers for Combined Fixed and Mobile Operation in Licensed Bands and Corrigendum 1 (2006)
IETF RFC 4109: Algorithms for Internet Key Exchange version 1 (IKEv1) (2005)
IETF RFC 4307: Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2) (2005)
Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005)
Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005)
IETF RFC 2104: HMAC: Keyed-Hashing for Message Authentication (1997)
FIPS Publication 113: Computer Data Authentication (1985)
NIST Special Publication 800-38B: Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication (2005)
IETF RFC 3566: The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec (2003)
IETF RFC 4434: The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE) (2006)
FIPS Publication 197: Advanced Encryption Standard (2001)
Rudra, A., Dubey, P., Jutla, C., Kumar, V., Rao, J., Rohatgi, P.: Efficient Rijndael encryption implementation with composite field arithmetic. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 171–184. Springer, Heidelberg (2001)
Chodowiec, P., Gaj, K.: Very compact FPGA implementation of the AES algorithm. In: D.Walter, C., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 319–333. Springer, Heidelberg (2003)
Mangard, S., Aigner, M., Dominikus, S.: A highly regular and scalable AES hardware architecture. IEEE Transactions on Computers 52(4), 483–491 (2003)
Aoki, K., Lipmaa, H.: Fast implementation of AES candidates. In: Third AES Candidate Conference - AES3 (2000), http://csrc.nist.gov/CryptoToolkit/aes/round2/conf3/aes3papers.html
Wollinger, T., Wang, M., Guajardo, J., Paar, C.: How well are high-end DSPs suited for AES algorithms? In: Third AES Candidate Conference - AES3 (2000), http://csrc.nist.gov/CryptoToolkit/aes/round2/conf3/aes3papers.html
Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer Berlin Heidelberg
About this paper
Cite this paper
Lee, MK., Min, J.K., Kang, S.H., Chung, SH., Kim, H., Kim, D.K. (2007). Efficient Implementation of Pseudorandom Functions for Electronic Seal Protection Protocols. In: Lee, J.K., Yi, O., Yung, M. (eds) Information Security Applications. WISA 2006. Lecture Notes in Computer Science, vol 4298. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71093-6_14
Download citation
DOI: https://doi.org/10.1007/978-3-540-71093-6_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-71092-9
Online ISBN: 978-3-540-71093-6
eBook Packages: Computer ScienceComputer Science (R0)