research-article

A low-resource public-key identification scheme for RFID tags and sensor nodes

Authors:

Martin FeldhoferAuthors Info & Claims

WiSec '09: Proceedings of the second ACM conference on Wireless network security

Pages 59 - 68

https://doi.org/10.1145/1514274.1514283

Published: 16 March 2009 Publication History

Abstract

We revisit a public key scheme presented by Shamir in [19] (and simultaneously by Naccache in [15]) and examine its applicability for general-purpose RFID tags in the supply chain. Using a combination of new and established space-saving methods, we present a full-fledged public key identification scheme, which is secure yet highly efficient. The 1024-bit scheme fits completely (including RAM) into 4682 gate equivalents and has a mean current consumption of 14.2μA. The main novelty in our implementation is the replacement of the long pseudo-random sequence, originally stored on 260 bytes of EEPROM in [19], by a reversible stream cipher using less than 300 bits of RAM. We show how our scheme offers tag-to-reader and reader-to-tag authentication and how it can be fit into the existing RFID supply chain infrastructure.

References

[1]

D. V. Bailey and A. Juels. Shoehorning security into the EPC tag standard. In R. D. Prisco and M. Yung, editors, Security and Cryptography for Networks, 5th International Conference, SCN 2006, LNCS, volume 4116, pages 303--320. Springer-Verlag GmbH, September 2006. http://snurl.com/wiprBJ.

Digital Library

[2]

A. Bogdanov, L. R. Knudsen, G. Leander, C. Paar, A. Poschmann, M. J. B. Robshaw, Y. Seurin, and C. Vikkelsoe. PRESENT: An ultra-lightweight block cipher. In P. Paillier and I. Verbauwhede, editors, Cryptographic Hardware and Embedded Systems -- CHES 2007: 9th International Workshop, LNCS, volume 4727, pages 450--466. Springer-Verlag GmbH, 2007. http://snurl.com/wiprBKLPPRSV.

Digital Library

[3]

M. Feldhofer, S. Dominikus, and J. Wolkerstorfer. Strong authentication for RFID systems using the AES algorithm. In J.-J. Q. Marc Joye, editor, Cryptographic Hardware and Embedded Systems -- CHES 2004: 6th International Workshop, LNCS, volume 3156, pages 357--370. Springer-Verlag GmbH, July 2004. http://snurl.com/wiprDFW.

[4]

M. Feldhofer and C. Rechberger. A Case Against Currently Used Hash Functions in RFID Protocols. In First International OTM Workshop on Information Security (IS'06), Montpellier, France, Oct 30 - Nov 1, 2006. Proceedings, Part I, LNCS, volume 4277, pages 372--381, Graz, Austria, October 2006. http://snurl.com/wiprFR.

Digital Library

[5]

M. Finiasz and S. Vaudenay. When stream cipher analysis meets public-key cryptography. In E. Biham and A. M.Youssef, editors, Selected Areas in Cryptography -- 13th International Workshop, SAC 2006, LNCS, volume 4356, pages 266--284. Springer-Verlag GmbH, September 2007. http://snurl.com/wiprFV.

Digital Library

[6]

J. Furbass, F.; Wolkerstorfer. ECC Processor with Low Die Size for RFID Applications. IEEE International Symposium on Circuits and Systems, 2007, pages 1835--1838, 27-30 May 2007. http://snurl.com/wiprFW.

[7]

G. Gaubatz, J.-P. Kaps, E. Ozturk, and B. Sunar. State of the art in ultra-low power public key cryptography for wireless sensor networks. In Third IEEE International Conference on Pervasive Computing and Communications Workshops, pages 146--150, March 2005. http://snurl.com/wiprGKOS.

Digital Library

[8]

S. Goldwasser and S. Micali. Probabilistic encryption & how to play mental poker keeping secret all partial information. In STOC '82: Proceedings of the fourteenth annual ACM symposium on Theory of Computing, pages 365--377, New York, NY, USA, 1982. ACM. http://snurl.com/wiprGM.

Digital Library

[9]

E. Inc. EPC radio-frequency identity protocols class-1 generation-2 UHF RFID protocol for communications at 860 MHz -- 960 MHz, version 1.0.9. Online, September 2005. http://snurl.com/wiprEPC.

[10]

A. M. Johnston. Digitally watermarking RSA moduli. Cryptology ePrint Archive, Report 2001/013. http://snurl.com/wiprJ.

[11]

A. K. Lenstra, J. H. W. Lenstra, M. S. Manasse, and J. M. Pollard. The number field sieve. In STOC '90: Proceedings of the twenty-second annual ACM symposium on Theory of computing, pages 564--572, New York, NY, USA, 1990. ACM. http://snurl.com/wiprLLMP.

Digital Library

[12]

A. K. Lenstra and E. R. Verheul. Selecting cryptographic key sizes. Journal of Cryptology: the journal of the International Association for Cryptologic Research, 14(4):255--293, 2001. http://snurl.com/wiprLV.

Digital Library

[13]

M. Luby and C. Rackoff. How to construct pseudorandom permutations from pseudorandom functions. SIAM Journal on Computing, 17(2):373--386, 1988. http://snurl.com/wiprLR.

Digital Library

[14]

M. McLoone and M. Robshaw. Public key cryptography and RFID tags. In M. Abe, editor, Topics in Cryptology -- The Cryptographers' Track at the RSA Conference 2007, LNCS, volume 4337, pages 372--384. Springer-Verlag GmbH, February 2007. http://snurl.com/wiprMcLR.

Digital Library

[15]

D. Naccache. Method, sender apparatus and receiver apparatus for modulo operation. European patent application no. 91402958.2, Filed 10/27/1992. http://snurl.com/wiprN.

[16]

K. Nohl and H. Pl¨otz. MIFARE -- little security, despite obscurity. Technical report, 24th Chaos Communication Congress, December 2007. http://snurl.com/wiprNP.

[17]

M. Rabin. Digitalized signatures and public-key functions as intractable as factorization. Technical report, MIT, Cambridge, MA, USA, 1979. http://snurl.com/wiprR.

Digital Library

[18]

S. E. Sarma, S. A. Weis, and D. W. Engels. Security and privacy aspects of low-cost radio frequency identification systems. In First International Conference on Security in Pervasive Computing, 2003. http://snurl.com/wiprSWE.

[19]

A. Shamir. Memory efficient variants of public-key schemes for smart card applications. In A. D. Santis, editor, Advances in Cryptology -- EUROCRYPT '94, LNCS, volume 950, page 445. Springer-Verlag GmbH, January 1995. http://snurl.com/wiprS.

[20]

A. Shamir. SQUASH -- a new MAC with provable security properties for highly constrained devices such as RFID tags. In A. Biryukov, editor, Fast Software Encryption, 15th International Workshop, FSE 2008, Lecture Notes in Computer Science. Springer-Verlag GmbH, To Appear.

Digital Library

Cited By

Gazziro MCarmo J(2024)Power Consumption Efficiency of Encryption Schemes for RFIDChips10.3390/chips30300103:3(216-228)Online publication date: 2-Jul-2024
https://doi.org/10.3390/chips3030010
de Ree MMantas GRodriguez JAlthunibat SQaraqe MAlhasanat AAl-Kuwari SAlsafasfeh MOligeri GTusha SUsman MTaha FAlfalahat SAlshamaseen TQaisi M(2021)Data Confidentiality for IoT Networks: Cryptographic Gaps and Physical-Layer Opportunities2021 IEEE 26th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD)10.1109/CAMAD52502.2021.9617779(1-6)Online publication date: Oct-2021
https://doi.org/10.1109/CAMAD52502.2021.9617779
Kumar AKumar Sharma D(2020)Survey and Analysis of Lightweight Authentication MechanismsCryptography - Recent Advances and Future Developments [Working Title]10.5772/intechopen.94407Online publication date: 30-Dec-2020
https://doi.org/10.5772/intechopen.94407
Show More Cited By

Index Terms

A low-resource public-key identification scheme for RFID tags and sensor nodes
1. Hardware
  1. Very large scale integration design
    1. Application-specific VLSI designs
      1. Application specific processors
2. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption

Recommendations

Secure public-key encryption scheme without random oracles

Since the first practical and secure public-key encryption scheme without random oracles proposed by Cramer and Shoup in 1998, Cramer-Shoup's scheme and its variants remained the only practical and secure public-key encryption scheme without random ...
Building Key-Private Public-Key Encryption Schemes
ACISP '09: Proceedings of the 14th Australasian Conference on Information Security and Privacy

In the setting of identity-based encryption with multiple trusted authorities, TA anonymity formally models the inability of an adversary to distinguish two ciphertexts corresponding to the same message and identity, but generated using different TA ...
Post-challenge leakage in public-key encryption

When an adversary can measure the physical memory storing the decryption key, decryption functionality often comes in handy. Halevi and Lin (TCC'11) studied after-the-fact (or post-challenge) leakage in public-key encryption (PKE), in which an adversary ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WiSec '09: Proceedings of the second ACM conference on Wireless network security

March 2009

280 pages

ISBN:9781605584607

DOI:10.1145/1514274

General Chair:
David Basin
ETH Zurich, Switzerland
,
Program Chairs:
Srdjan Capkun
ETH Zurich, Switzerland
,
Wenke Lee
Georgia Tech, USA

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 March 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

WISEC '09

Sponsor:

WISEC '09: Second ACM Conference on Wireless Network Security

March 16 - 19, 2009

Zurich, Switzerland

Acceptance Rates

Overall Acceptance Rate 98 of 338 submissions, 29%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

43
Total Citations
View Citations
701
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 28 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Gazziro MCarmo J(2024)Power Consumption Efficiency of Encryption Schemes for RFIDChips10.3390/chips30300103:3(216-228)Online publication date: 2-Jul-2024
https://doi.org/10.3390/chips3030010
de Ree MMantas GRodriguez JAlthunibat SQaraqe MAlhasanat AAl-Kuwari SAlsafasfeh MOligeri GTusha SUsman MTaha FAlfalahat SAlshamaseen TQaisi M(2021)Data Confidentiality for IoT Networks: Cryptographic Gaps and Physical-Layer Opportunities2021 IEEE 26th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD)10.1109/CAMAD52502.2021.9617779(1-6)Online publication date: Oct-2021
https://doi.org/10.1109/CAMAD52502.2021.9617779
Kumar AKumar Sharma D(2020)Survey and Analysis of Lightweight Authentication MechanismsCryptography - Recent Advances and Future Developments [Working Title]10.5772/intechopen.94407Online publication date: 30-Dec-2020
https://doi.org/10.5772/intechopen.94407
Kaminaga MSuzuki TFukase M(2019)Determining the Optimal Random-Padding Size for Rabin CryptosystemsIEEE Transactions on Information Forensics and Security10.1109/TIFS.2019.289554514:8(2232-2242)Online publication date: 1-Aug-2019
https://dl.acm.org/doi/10.1109/TIFS.2019.2895545
Kaminaga MYoshikawa HShikoda ASuzuki T(2018)Crashing Modulus Attack on Modular Squaring for Rabin CryptosystemIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2016.260235215:4(723-728)Online publication date: 1-Jul-2018
https://doi.org/10.1109/TDSC.2016.2602352
Järvinen KSinha Roy SVerbauwhede I(2018)Arithmetic of $$\tau $$τ-adic expansions for lightweight Koblitz curve cryptographyJournal of Cryptographic Engineering10.1007/s13389-018-0182-08:4(285-300)Online publication date: 16-Feb-2018
https://doi.org/10.1007/s13389-018-0182-0
Poojari ANagesh H(2018)A Comparative Analysis of Symmetric Lightweight Block CiphersEmerging Technologies in Data Mining and Information Security10.1007/978-981-13-1951-8_63(705-711)Online publication date: 12-Dec-2018
https://doi.org/10.1007/978-981-13-1951-8_63
Hellaoui HKoudil MBouabdallah A(2017)Energy-efficient mechanisms in security of the internet of thingsComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2017.08.006127:C(173-189)Online publication date: 9-Nov-2017
https://dl.acm.org/doi/10.1016/j.comnet.2017.08.006
Guo FMu YSusilo WVaradharajan V(2017)Privacy-Preserving Mutual Authentication in RFID with Designated ReadersWireless Personal Communications: An International Journal10.1007/s11277-017-4430-x96:3(4819-4845)Online publication date: 1-Oct-2017
https://dl.acm.org/doi/10.1007/s11277-017-4430-x
Trček D(2016)Wireless Sensors Grouping Proofs for Medical Care and Ambient Assisted-Living DeploymentSensors10.3390/s1601003316:1(33)Online publication date: 2-Jan-2016
https://doi.org/10.3390/s16010033
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten