Ebook: Radio Frequency Identification System Security

This volume contains the papers presented at the 2010 Workshop on RFID Security (RFIDsec'10 Asia) held in Singapore on February 22–23, 2010. The workshop was hosted by the School of Information Systems at Singapore Management University (SMU), and co-hosted by the Institute for Infocomm Research and Singapore Institute of Manufacturing Technology. The Honorary Chair was Steven Miller, and the General Chairs were Robert H. Deng and Lee Eng Wah.

RFIDSec'10 Asia is aligned with the earliest RFID security workshop (RFIDsec) that has been devoted to address the security and privacy issues in Radio Frequency Identification (RFID). Starting in 2005, RFIDsec has been organized as a series of workshops held in Graz (2005/06), Malaga (2007), Budapest (2008), and Leuven (2009). RFIDSec'10 Asia is the second edition of the series of workshops held in Asia followed by RFIDsec'09 Asia in Taipei (2009).

RFIDsec'10 Asia provided an international forum for sharing original research results and application experiences among researchers in the field of RFID system security. This year we had an excellent program that consists of 12 high-quality papers, including four invited papers, which were selected after a rigorous reviewing process by the Program Committee members and external reviewers. Covered are many interesting topics, including unconditionally secure RFID systems, dynamic RFID tag authentication, RFID ownership transfer, fingerprinting RFID tags, and secure RFID-supported supply chains. This is the first year for RFIDsec Asia to have the formal proceedings published by IOS Press in the Cryptology and Information Security (CIS) Series. Selected papers in the RFIDsec'10 Asia proceedings will be invited for submission to a special issue of the Journal of Computer Security.

RFIDsec'10 Asia was made possible only through the contributions from many individuals and organizations. We thank all the authors who submitted papers. We gratefully acknowledge the Program Committee members and external reviewers for the time and effort they put into reviewing the submissions. We further thank the workshop organization committee, especially, Ying Qiu for managing the web site for paper submission, review, and notification, Tieyan Li and Kevin Chiew for designing and managing the workshop web site, Chew Hong Ong for workshop registration, and Wei He for local arrangement. Last but not least, we are grateful to the SMU School of Information Systems for sponsoring the workshop.

Yingjiu Li and Jianying Zhou, February 2010

We explore a new direction towards solving the identity authentication problem in RFID systems. We break the RFID authentication process into two main problems: message authentication and random number generation. For parties equipped with a good source of randomness and a secure cryptographic primitive to authenticate messages, the literature of cryptography is rich with well-studied solutions for secure identity authentication. However, the two operations, random number generation and message authentication, can be expensive for low-cost RFID tags. In this paper, we lay down the foundations of a new direction towards solving these problems in RFID systems. We propose an unconditionally secure direction for authenticating RFID systems. We use the fact that RFID readers are computationally powerful devices to design a protocol that allows RFID readers to deliver random numbers to RFID tags in an unconditionally secure manner. Then, by taking advantage of the information-theoretic security of the transmitted messages, we develop a novel unconditionally secure message authentication code that is computed with a single multiplication operation. The goal of this work is to bring more research to the design of such unconditionally secure protocols, as opposed to the computationally secure protocols that have been proposed extensively, for the purpose of suiting the stringent computational capabilities of low-cost devices.

RFID tag authentication is widely viewed as a valuable tool in the fight against product counterfeiting. In this paper we describe some of the different approaches that have been proposed and we focus on what is arguably the most secure; that of dynamic tag authentication. We highlight different ways of supporting dynamic tag authentication and provide the latest implementation results. The net result is that dynamic authentication using on-tag cryptography is a reality and should be considered for deployment before other less secure options. As a sideresult we note that the on-tag overhead when supporting an asymmetric rather than a symmetric cryptographic solution can be surprisingly light.

When an RFID tag changes hand, it is not as simply as handing over the tag secret to the new owner. Privacy is a concern if there is no secure ownership transfer scheme to aid the transfer. After sales service and temporary tag delegation are also features commonly seen in such applications. In this paper, we proposed a new RFID ownership transfer scheme that achieves the most security protections and properties in comparison to most of the previous schemes. We also introduced four new security properties that have not been considered before. This opens up new research directions for further development of RFID ownership transfer.

Since Peris-Lopez et al. proposed the design of ultralightweight authentication schemes [35–37] for low-cost RFID tags in 2006, research community has demonstrated a significant advancement on this interesting research area in recent years. However, previously published studies are subject to either various security vulnerabilities or inefficient management on tag memory. Motivated by the nature of resource limitation in a tag, we develop a process-oriented ultralightweight RFID authentication protocol which delivers strong security intensity, robust privacy protection as well as less tag memory space required. In addition, a randomness evaluation on the output values of our scheme is performed to ensure the proposed authentication protocol produces qualified output randomness. Our security analysis and performance comparison show that our process-oriented authentication scheme outperforms relevant works by supporting essential system security criteria with less computation effort and better tag memory utilization.

In this paper we present a strategy to design the RSA parameters in such a manner so that the CRT-RSA decryption becomes more efficient than the existing methods. We achieve around 21% improvement in speed over the currently best known implementation strategy for CRT-RSA decryption with our properly chosen parameters that also helps in terms of less memory requirement. Moreover, we argue in detail the cryptographic security regarding our choice of the secret parameters.

Radio Frequency Identification (RFID) has been very actively developed as an identification technology in the last ten years. The uniqueness of RFID tag's electronic product code has made it to be used as an anti-counterfeiting feature for objects attached to it. However, currently the anti-counterfeiting properties of the tag themselves and methods to prevent counterfeiting of the tags have not been established. Here we propose a physical layer fingerprinting methodology that will improve the security of RFID tags.

In 2006, Peris-Lopez et al. [1,2,3] initiated the design of ultralightweight RFID protocols – with the UMAP family – involving only simple bitwise logical or arithmetic operations such as bitwise XOR, OR, AND, and addition. This combination of operations was revealed later to be insufficient for the intended security level [12,13]. Then, Chien proposed the SASI protocol [4] with the aim of offering better security by adding the bitwise rotation to the set of supported operations. The SASI protocol represented a milestone in the design of ultralightweight protocols, although certain attacks have been published against this scheme [5,6,7]. In 2008, a new protocol named Gossamer [8] was proposed and the scheme can be considered a further development of both the UMAP family and SASI. Although no attacks have been disclosed against Gossamer, Lee et al. [9] have recently published an alternative scheme that is highly reminiscent of SASI. In this paper, we show that Lee's scheme fails short of many of its security objectives, being vulnerable to several important attacks like traceability, full disclosure, cloning and desynchronization.

Radio frequency identification (RFID) has been considered as a viable solution for automatic data capture, information sharing and collaboration between enterprise partners. Along with the advantages of sharing information, it comes with the challenges of securing data and trade secret. Access control is an important method for securing data storing and sharing within and across partners in supply chains. In this paper, we propose a concept-level authorization model, aiming at addressing the challenges for securing RFID-enabled supply chains. We analyze the data characteristics and summarize common authorization challenges for RFID data from application perspectives. We propose to use concepts to reduce the size of policy repository and eliminate the structural heterogeneity across the information sources. We then focus on the details of semantic propagation rules that reflect the logical, time and spatial relationships. Other ideas such as policy groups and ontology merging techniques are employed to manage the authorization repository in an efficient manner.

In this paper we illustrate security problems coming up with the new concept of the Internet of Things. Passive RFID tags will make up the majority of devices participating in this network. Since passive RFID tags are the devices with the least computing power in the IoT, we focus our investigations on this technology. If we can provide a proper protection for those devices, it will also be possible to use the same security mechanisms on other technologies. In the following section we explain the relevance of passive RFID and security for the upcoming IoT. Later we will provide information about security issues for this technology and explain the current state-of-the-art in research.

Modern RFID-supported supply chains envision a seamless sharing of item-level data across multiple supply chain participants in the “Internet of Things”. However, many companies are reluctant to propagate large amounts of their track and trace information to others, as they fear the uncontrolled disclosure of vital business intelligence. Without built-in safeguards, such systems thus run the risk of hindering the adoption of efficient supply chain management infrastructures.

In this paper we will define the cornerstones of a cryptographically sound security architecture for RFID-supported supply chains that will enable efficient logistical management with minimal data disclosure. We propose to replace the common centralized track and trace approach with an architecture that makes use of strong cryptographic primitives and secure storage on the tag and builds on top of those enhanced authentication and key-agreement protocols. The architecture will thus span the entire technology range from the RFID tag and its network infrastructure to the back-end system that is storing the supply chain information.

In a competitive business environment, RFID technology can help a business to optimize its supply chain. However, it may also enable an adversary using covert channels to surreptitiously learn sensitive information about the supply chain of a target business. We argue that the tracking of tags and the compromising of readers can create covert channels in the supply chain and cause detrimental market effects. To mitigate such attacks, we propose a framework that enables a business to monitor its supply chain in a fine-grained manner. We model the supply chain as a network flow graph, select key nodes to verify the tag flow, and actively search for covert channels. We note that optimal checkpoint node selection is NP-Complete, propose node selection and flow verification heuristics with various tradeoffs, and discuss appropriate countermeasures against covert channels detected in the supply chain. These practical methods can be implemented economically using current RFID technology.

A Radio Frequency Identification (RFID) yoking proof protocol allows a verifier to collect the evidence that two tags are simultaneously present. Yoking proof protocol has been applied in several potential applications like shipping record checking and medicine dispensation checking, etc. This paper, based on error correction codes (ECC), designs a novel yoking proof protocol, which not only protects tag's anonymity but also requires only simple operations that can be easily supported on low-cost tags. Compared to its counterparts, our scheme provides several practical merits: (1) It protects tag's anonymity using much easier approach, (2) it requires only simple operations on tags, and (3) the computational overhead on the server is much lower.