Dynamic Authentication Protocol Using Self-Powered Timers for Passive Internet of Things

Passive Internet of Things (IoT) like radio frequency identification (RFID) tags can be used to offer a wide range of services, such as object tracking or classification, marking ownership, noting boundaries, and indicating identities. While the communication link between a reader of the tag and the authentication server is generally assumed to be secure, the communication link between the reader and participating tags is mostly vulnerable to malicious acts. Many authentication protocols have been proposed in literature, however, they either are vulnerable to certain types of attacks or require prohibitively a large amount of computational resources to be implemented on a passive tag. In this paper, we present variants of a novel authentication protocol that can overcome the security flaws of previous protocols while being well suited to the computational capability of the tags. At the core of the proposed approach is our recently demonstrated self-powered timing devices that can be used for robust time-keeping and synchronization without the need for any external powering. The outputs of the timers are processed using a single hash function on the tag to produce tokens that continuously change with time, while being synchronized to tokens generated by the authentication server. The proposed protocol also incorporates margins of tolerance that make the authentication process robust to any deviations in the timer responses due to fabrication artifacts.

[1]  Fei-Yue Wang,et al.  Smart Cars on Smart Roads: An IEEE Intelligent Transportation Systems Society Update , 2006, IEEE Pervasive Computing.

[2]  M. Ilyas,et al.  RFID Handbook: Applications, Technology, Security, and Privacy , 2008 .

[3]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[4]  R. L. T. Hampton A Hybrid Analog-Digital Pseudo-Random Noise Generator , 1899 .

[5]  Aikaterini Mitrokotsa,et al.  Classifying RFID attacks and defenses , 2010, Inf. Syst. Frontiers.

[6]  Gaetano Marrocco,et al.  RFID Technology for IoT-Based Personal Healthcare in Smart Spaces , 2014, IEEE Internet of Things Journal.

[7]  L. Ruiz-Garcia,et al.  The role of RFID in agriculture: Applications, limitations and challenges , 2011 .

[8]  Daniel W. Engels,et al.  RFID Systems and Security and Privacy Implications , 2002, CHES.

[9]  Shantanu Chakrabartty,et al.  Secure dynamic authentication of passive assets and passive IoTs using self-powered timers , 2017, 2017 IEEE International Symposium on Circuits and Systems (ISCAS).

[10]  Ivan Damgård,et al.  Collision Free Hash Functions and Public Key Signature Schemes , 1987, EUROCRYPT.

[11]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[12]  Zhen Zhang,et al.  A lightweight anti-desynchronization RFID authentication protocol , 2010, Inf. Syst. Frontiers.

[13]  Ted Taekyoung Kwon,et al.  Strong and Robust RFID Authentication Enabling Perfect Ownership Transfer , 2006, ICICS.

[14]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[15]  Shantanu Chakrabartty,et al.  Self-Powered Timekeeping and Synchronization Using Fowler–Nordheim Tunneling-Based Floating-Gate Integrators , 2017, IEEE Transactions on Electron Devices.

[16]  M. Darianian,et al.  Smart Home Mobile RFID-Based Internet-of-Things Systems and Services , 2008, 2008 International Conference on Advanced Computer Theory and Engineering.

[17]  Chunming Wu,et al.  Scalable pseudo random RFID private mutual authentication , 2010, 2010 2nd International Conference on Computer Engineering and Technology.

[18]  E. Abad,et al.  RFID smart tag for traceability and cold chain monitoring of foods: Demonstration in an intercontinental fresh fish logistic chain , 2009 .

[19]  Mihir Bellare,et al.  Collision-Resistant Hashing: Towards Making UOWHFs Practical , 1997, CRYPTO.

[20]  Nghi Nguyen,et al.  Comparative Analysis of the Hardware Implementations of Hash Functions SHA-1 and SHA-512 , 2002, ISC.

[21]  Chris J. Mitchell,et al.  RFID authentication protocol for low-cost tags , 2008, WiSec '08.