Ebook: Radio Frequency Identification System Security

This volume contains the papers presented at the 2012 Workshop on RFIDIoT Security (RFIDsec'12 Asia) held in Taipei, Taiwan on November 8–9, 2012. The workshop was hosted by the Department of Information Management and the Taiwan Information Security Center (TWISC@NTUST) at the National Taiwan University of Science and Technology (NTUST). The General Chairs were Tzong-Chen Wu and Robert H. Deng.

RFIDsec'12 Asia is aligned with the RFID security workshop (RFIDsec) which has been organized as a series of workshops held in Graz (2005/06), Malaga (2007), Budapest (2008), Leuven (2009), Istanbul (2010), Amherst (2011) and Nijmegen (2012). RFIDsec'12 Asia is the fourth edition of the series of workshops to be held in Asia, following RFIDsec'09 Asia in Taipei (2009), RFIDsec'10 Asia in Singapore (2010) and RFIDsec'11 Asia in Wuxi (2011).

RFIDsec'12 Asia aims to provide researchers, enterprises and governments with a platform to investigate, discuss and propose new solutions to security and privacy issues relating to RFID/IoT (Radio Frequency Identification/Internet of Things) technologies and applications. This year, the excellent program consisted of 9 high-quality papers, selected after a rigorous review process by both members of the Program Committee and external reviewers. Many interesting topics are covered, such as entity relationship extraction and the design of secure API on IoT; practical relay attack implementation; path-checking protocol; secure EPCglobal Network Services; and the analysis of mutual authentication on RFID. The formal proceedings for this year, to include these 9 excellent papers, are published by IOS Press as part of the Cryptology and Information Security Series.

RFIDsec'12 Asia was made possible by contributions from many individuals and organizations. First, we would like to thank all the authors who submitted papers. We also gratefully acknowledge the contribution of the Program Committee members and external reviewers for their time and effort on the submission review process. Finally, we thank the sponsors: the Department of Information Management at NTUST and TWISC@NTUST, of RFIDsec'12 Asia for hosting the workshop.

Nai-Wei Lo and Yingjiu Li

November 2012

Current relationship extraction models are human centered. It doesn't consider the impact of time attribute and only focuses on extracting whole relationship network of a group. In accordance with these problems, this paper proposes an entity relationship extraction model based on Chameleon Clustering Algorithm. By collecting and analyzing interactions between entities, the new model can find out sub-clusters of a group and extract relationship between these sub-clusters. It fully considers the impact of time attribute. With a real data set, the experiments demonstrate that sub-clusters and relationship between them can be found by the model we proposed efficiently. It lays a solid foundation for further study of entity relationship networks.

Defining standard application programming interfaces (APIs) plays an important role in Internet of Things (IoT) applications to achieve interpretability. Among different issues of designing APIs for IoT applications, this study focuses on the security issue of designing an API for people to access data about machines, sensors, and other objects collected in servers. To address the issue, this study shares the experiences of designing APIs for Taiwan uniform e-invoices. To prevent tax evasion, Taiwan government holds uniform invoice lottery every two months. Because invoice owners may win NT $10,000,000, the security of APIs to access e-invoices is critical. This study illustrates the security considerations in designing major APIs of Taiwan uniform e-invoices. In addition to common security issues, such as communication security, authentication, and non-repudiation, the APIs consider special security issues in different scenarios. The API for point of sales (POS) applications and ERP systems addresses the security consideration to transfer bulk data among machines; the e-invoice donation API proposes a scheme to restrict that each authorized person can only invoke the API through a specific device; the API for mobile applications considers the issue that misused mobile applications may transfer personal sensitive data and credentials to others secretly; the API for invoice exchanging allows people to obtain e-invoices immediately after transactions with their smart phones and to verify the integrity of the invoices. While this study gives examples of designing secure API for IoT applications from different perspectives, the paper can hopefully contribute to the security of IoT applications.

Contactless technology is widely used in security sensitive applications, including identification, payment and access-control systems. Near Field Communication (NFC) is a short-range contactless technology allowing mobile devices to act primarily as either a reader or a token. Relay attacks exploit the assumption that a contactless token within communication range is in close proximity, by placing a proxy-token in range of a contactless reader and relaying communication over a greater distance to a proxy-reader communicating with the authentic token. It has been theorised that NFC-enabled mobile phones could be used as a generic relay attack platform without any additional hardware, but this has not been successfully demonstrated in practice. We present the first generic practical implementation of a contactless relay attack by using only NFC-enabled mobile phones, requiring only suitable mobile software applications. This implementation reduces the complexity of relay attacks and therefore has potential security implications for current contactless systems.

Nowadays, RFID technology is increasingly become popular and begin to enter many spheres of everyday life and industrial sectors, supply chain management is one of the most significant applications using RFID solutions. Recently, the path-checking scheme in which readers can verify the validity of the product's path in supply chain is receiving more and more attentions. In this paper, we first review some existing RFID path-checking protocols and point out the defections of their constructions. Then we propose a path-checking solution based on Boldyreva's ordered multisignatures (OMS), a reader will provide its own signature when a tag passes by in order to record the path information, the scheme achieves that each reader in the supply chain can verify the validity of the path taken by the tag. However, OMS can also be verified by adversaries who have the public keys of the readers, so we improve Boldyreva's scheme to implement verification by designated readers, which also protect the path privacy of the tags. In order to resist impersonate attacks, we add mutual authentication into our path-checking scheme by extending Ma's protocol using only pseudorandom number generator. Finally, we do some security and privacy analysis and compare our solution with recently proposed CHECKER.

Enabled by RFID technology, the EPCglobal network provides a platform for information sharing among supply chain partners. It is mainly composed of EPC information service (EPCIS), EPC discovery service (EPCDS), EPC object naming service (EPCONS) and other sub-systems, where EPCIS, EPCDS and EPCONS are collectively called EPCglobal network services. As the information collected and shared by supply chain partners is usually sensitive and valuable, scurity mechanisms should be provided in the EPCglobal network. However, to the best of our knowledge, there is a lack of secure prototypes for EPCglobal network services so far. In this paper, we aim at filling this gap. We design and implement a secure prototype for EPCglobal network services with a focus on the authorization mechanism.

Efficient implementations of cryptosystems are important for resourcelimited devices, e.g. RFID tags, to compute necessary cryptographic operations. To reduce the number of cryptographic operations, a signed digit representation for a scalar is the most useful method. A signed digit representation can reduce the nonzero density of the representation. King introduced a left-to-right representation called NAF* (non-adjacent form*) which nonzero density is the same as NAF and MOF (mutual opposite form). In this paper, we will propose a modified NAF*, and demonstrate that it is more efficient than the original NAF*. The recoding time of modified NAF* achieves at least 64.5% time reduction supported by simulation results.

The researches of mobile RFID (Radio-Frequency IDentification) applications in recent years have increased noticeably. They combine the technology of RFID and mobile device to create a new convenient application area for people. But they also suffer from the security issues because the insecure communication channel among tags, readers and databases. In 2012, Zhou et al. proposed a mutual authentication protocol using ECC (Elliptic Curve Cryptography) for mobile RFID applications. However in their protocol, we found that once the reader successfully read the data of a certain tag from the server, then the reader can read it unlimited times without reading that tag again. Therefore, their protocol cannot support some mobile RFID applications such as the security patrolling application. In this paper, we propose a new mobile RFID mutual authentication protocol that is suitable for security patrolling application.

A pseudorandom number generator is an important component for implementing security functionalities on RFID tags. Most previous proposals focus on true random number generators that are usually inefficient for low-cost tags in terms of power consumption, area, and throughput. In this contribution, we propose a lightweight pseudorandom number generator (PRNG) for EPC Class-1 Generation-2 (EPC C1 Gen2) RFID tags. The proposed PRNG fully exploits nonlinear feedback shift registers and provides 16-bit random numbers that are required in the tag identification protocol of the EPC C1 Gen2 standard. The generated sequences are able to pass the EPC C1 Gen2 standard's statistical tests as well as the NIST randomness test suite. Moreover, a detailed cryptanalysis shows that the proposed PRNG is resistant to the most common attacks such as algebraic attacks, cube attacks, and time-memory-data tradeoff attacks. In particular, the proposed PRNG can be implemented on low-cost Xilinx Spartan-3 FPGA devices with 46 slices.

Owing to the individual privacy, system security and resource limitation of low-cost RF tag, ultralightweight RFID authentication has been massively investigated in these years. Recently, Kianersi et al. [3] and Lee et al. [4] proposed two well-studied RFID authentication schemes which attempt to achieve data confidentiality and tag computation efficiency. However, these two protocols are vulnerable as the shared secrets can be out of synchronization via a series of challenge-response operations. In this paper, we demonstrate the detailed malicious procedures on these two mechanisms and show their vulnerabilities.