Skip to main content
Springer Nature Link
Log in

A PUF-Based Authentication Protocol to Address Ticket-Switching of RFID-Tagged Items

  • Conference paper
Security and Trust Management (STM 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7783))

Included in the following conference series:

Abstract

Ticket-switching incidents where customers switch the price tag or bar code in order to pay a lower amount for their ‘purchased item’ is not uncommon in retail stores. Since the item has to pass through a check-out counter before leaving the store, it has a (even if miniscule) positive probability of being identified. However, when item-level RFID tags are used in an automated check-out environment, the probability of such incidents coming to light is estimated to be almost zero. We propose an authentication protocol for this scenario using a pair of item-level RFID tags, one of which is PUF-enabled to resist cloning attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Armknecht, F., Maes, R., Sadeghi, A., Standaert, F., Wachsmann, C.: A Formal Foundation for the Security Features of Physical Functions. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 397–412 (2011)

    Google Scholar 

  2. Bassil, R., El-Beaino, W., Itani, W., Kayssi, A., Chehab, A.: PUMAP: A PUF-Based Ultra-Lightweight Mutual-Authentication RFID Protocol. International Journal of RFID Security and Cryptography 1(1/2), 58–66 (2012)

    Google Scholar 

  3. Bolotnyy, L., Robins, G.: Physically Unclonable Function-based Security and Privacy in RFID Systems. In: Proceedings of the Fifth IEEE International Conference on Pervasive Computing and Communications (PERCOM), pp. 211–220 (2007)

    Google Scholar 

  4. Curran, K., Lunney, T., Noman, A.N.M.: Tamper Detection for Low Cost RFID Tags; Using Watermarking with Chaotic Mapping. International Journal of Engineering and Technology 1(1), 27–32 (2011)

    Google Scholar 

  5. Devadas, S., Suh, E., Paral, S., Sowell, R., Ziola, T., Khandelwal, V.: Design and Implementation of PUF-Based “Unclonable” RFID ICs for Anti-Counterfeiting and Security Applications. In: Proceedings of the IEEE Int’l Conf. on RFID, pp. 58–64 (2008)

    Google Scholar 

  6. Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data. SIAM Journal of Computing 38(1), 97–139 (2008)

    Article  MathSciNet  MATH  Google Scholar 

  7. Dolev, D., Yao, A.C.-C.: On the Security of Public Key Protocols. IEEE Transactions on Information Theory 29(2), 198–207 (1983)

    Article  MathSciNet  MATH  Google Scholar 

  8. Gandino, F., Montrucchio, B., Rebaudengo, M.: Tampering in RFID: A Survey on Risks and Defenses. Mobile Networks and Applications 15(4), 502–516 (2010)

    Article  Google Scholar 

  9. Halderman, J.A., Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J., Felten, E.W.: Lest We Remember: Cold-boot Attacks on Encryption Keys. Communications of the ACM 52, 91–98 (2009)

    Article  Google Scholar 

  10. Hancke, G.P., Kuhn, M.G.: An RFID Distance-bounding Protocol. In: Proceedings of IEEE/CreateNet SecureComm, pp. 67–73 (2005)

    Google Scholar 

  11. Juels, A.: “Yoking-Proofs” for RFID Tags. In: Proceedings of the International Workshop on Pervasive Computing and Communication Security, pp. 138–143 (2004)

    Google Scholar 

  12. Kardaş, S., Kiraz, M.S., Bingöl, M.A., Demirci, H.: A Novel RFID Distance Bounding Protocol Based on Physically Unclonable Functions. In: Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS, vol. 7055, pp. 78–93. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  13. Maes, R., Verbauwhede, I.: Physically Unclonable Functions: a Study on the State of the Art and Future Research Directions. In: Naccache, D., Sadeghi, A. (eds.) Towards Hardware-Intrinsic Security and Cryptology, pp. 3–38. Springer (2010)

    Google Scholar 

  14. Noman, A.N.M., Curran, K., Lunney, T.: A Watermarking Based Tamper Detection Solution for RFID Tags. In: Proceedings of the International Conf. on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP), pp. 98–101 (2010)

    Google Scholar 

  15. Pappu, S.R.: Physical One-Way Functions. PhD Thesis. MIT (2001)

    Google Scholar 

  16. Potdar, V., Chang, E.: Tamper Detection in RFID Tags using Fragile Watermarking. In: Proceedings of the IEEE International Conference on Industrial Technology (ICIT), pp. 2846–2852 (2006)

    Google Scholar 

  17. Reid, J., Gonzalez Nieto, J.M., Tang, T., Senadji, B.: Detecting Relay Attacks with Timing-based Protocols. In: Proceedings of ASIACCS, pp. 204–213 (2007)

    Google Scholar 

  18. Rührmair, U., Sehnke, F., Sölter, J., Dror, G., Devadas, S., Schmidhuber, J.: Modeling Attacks on Physical Unclonable Functions. In: Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS), pp. 237–249 (2010)

    Google Scholar 

  19. Sadeghi, A.-R., Visconti, I., Wachsmann, C.: PUF-Enhanced RFID Security and Privacy. In: Secure Component and System Identification, SECSI (2010)

    Google Scholar 

  20. Schneier, B.: Schneier on Security - UPC Switching Scam (2008), http://www.schneier.com/blog/archives/2008/10/upc_switching_s.html

  21. Schneier, B.: Schneier on Security - Bar Code Switching (2012), http://www.schneier.com/blog/archives/2012/05/bar_code_switch.html

  22. Škorić, B., Tuyls, P., Ophey, W.: Robust Key Extraction from Physical Uncloneable Functions. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 407–422. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  23. Agence France Press (2011), http://www.intothewine.fr/tags/trelissac-vin

  24. Tuyls, P., Škorić, B., Stallinga, S., Akkermans, A.H.M., Ophey, W.: Information-Theoretic Security Analysis of Physical Uncloneable Functions. In: S. Patrick, A., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 141–155. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  25. Tuyls, P., Batina, L.: RFID-Tags for Anti-Counterfeiting. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 115–131. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  26. Van Herrewege, A., Katzenbeisser, S., Maes, R., Peeters, R., Sadeghi, A.-R., Verbauwhede, I., Wachsmann, C.: Reverse Fuzzy Extractors: Enabling Lightweight Mutual Authentication for PUF-Enabled RFIDs. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 374–389. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  27. Yamamoto, A., Suzuki, S., Hada, H., Mitsugi, J., Teraoka, J.F., Nakamura, O.: A Tamper Detection Method for RFID Tag Data. In: IEEE International Conference on RFID, pp. 51–57 (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science and Communications, University of Luxembourg, Luxembourg

    Sjouke Mauw

  2. Information Systems and Operations Management, University of Florida, USA

    Selwyn Piramuthu

  3. RFID European Lab, Paris, France

    Selwyn Piramuthu

Authors
  1. Sjouke Mauw
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Selwyn Piramuthu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Informatics, University of Oslo, P.O.Box 1080, 0316, Blindern, Oslo, Norway

    Audun Jøsang

  2. Dipartimento di Informatica, Università degli Studi di Milano, Via Bramante, 65, 26013, Crema, CR, Italy

    Pierangela Samarati

  3. National Research Center(CNR), Institute of Informatics and Telematics(IIT), Via G. Moruzzi, 1, 56124, Pisa, Italy

    Marinella Petrocchi

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Mauw, S., Piramuthu, S. (2013). A PUF-Based Authentication Protocol to Address Ticket-Switching of RFID-Tagged Items. In: Jøsang, A., Samarati, P., Petrocchi, M. (eds) Security and Trust Management. STM 2012. Lecture Notes in Computer Science, vol 7783. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38004-4_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-38004-4_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-38003-7

  • Online ISBN: 978-3-642-38004-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics