Message Authentication in Computationally Constrained Environments

RFID and wireless sensor networks exemplify computationally constrained environments, where the compact nature of the components cannot support complex computations or high communication overhead. On the other hand, such components should support security applications such as message integrity, authentication, and time stamping. The latter are efficiently implemented by hash message authentication codes (HMAC). As clearly stated in the literature, current approved implementations of HMAC require resources that cannot be supported in constrained components. An approach to implement a compact HMAC by the use of stream ciphering is presented in this paper.

[1]  Berk Sunar,et al.  Energy scalable universal hashing , 2005, IEEE Transactions on Computers.

[2]  István Vajda,et al.  Lightweight Authentication Protocols for Low-Cost RFID Tags , 2003 .

[3]  Koutarou Suzuki,et al.  Cryptographic Approach to “Privacy-Friendly” Tags , 2003 .

[4]  Matthew Green,et al.  Security Analysis of a Cryptographically-Enabled RFID Device , 2005, USENIX Security Symposium.

[5]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[6]  Philip Hawkes,et al.  The Mundja Streaming MAC , 2004, IACR Cryptol. ePrint Arch..

[7]  Andrey Bogdanov,et al.  Hash Functions and RFID Tags: Mind the Gap , 2008, CHES.

[8]  Adi Shamir,et al.  Weaknesses in the Key Scheduling Algorithm of RC4 , 2001, Selected Areas in Cryptography.

[9]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[10]  Matthew J. B. Robshaw,et al.  The eSTREAM Project , 2008, The eSTREAM Finalists.

[11]  Hugo Krawczyk,et al.  UMAC: Fast and Secure Message Authentication , 1999, CRYPTO.

[12]  Elaine B. Barker,et al.  The Keyed-Hash Message Authentication Code (HMAC) | NIST , 2002 .

[13]  Dongho Won,et al.  Challenge-Response Based RFID Authentication Protocol for Distributed Database Environment , 2005, SPC.

[14]  Martin Feldhofer,et al.  A Case Against Currently Used Hash Functions in RFID Protocols , 2006, OTM Workshops.

[15]  Kai-Thorsten Wirt ASC – A Stream Cipher with Built – In MAC Functionality , 2007 .

[16]  Jongsung Kim,et al.  On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-0 and SHA-1 (Extended Abstract) , 2006, SCN.

[17]  Hugo Krawczyk,et al.  LFSR-based Hashing and Authentication , 1994, CRYPTO.

[18]  Daniel W. Engels,et al.  RFID Systems and Security and Privacy Implications , 2002, CHES.

[19]  Eli Biham,et al.  A Framework for Iterative Hash Functions - HAIFA , 2007, IACR Cryptol. ePrint Arch..

[20]  James H. Burrows,et al.  Secure Hash Standard , 1995 .

[21]  Philippe Oechslin,et al.  A scalable and provably secure hash-based RFID protocol , 2005, Third IEEE International Conference on Pervasive Computing and Communications Workshops.

[22]  Bartosz Zoltak VMPC-MAC: A Stream Cipher Based Authenticated Encryption Scheme , 2004, IACR Cryptol. ePrint Arch..

[23]  Bruce Schneier,et al.  Helix: Fast Encryption and Authentication in a Single Cryptographic Primitive , 2003, FSE.