Efficient Implementation of Pseudorandom Functions for Electronic Seal Protection Protocols

One of the most promising applications of active RFID tags is electronic seal, which is an electronic device to guarantee the authenticity and integrity of freight containers and also provides physical protection like a lock. There are already many commercial electronic seal products and ongoing standardization activities such as ISO-18185 drafts. While electronic seals can provide freight containers with a high level of tamper resistance, the security problem of electronic seal itself should be solved, and a feasible solution would be to use symmetric key cryptography based primitives such as block ciphers and message authentication codes (MACs). This kind of approach has already been used in many security-related standards and it requires the implementation of pseudorandom functions (PRFs) for key derivation and authentication. In this paper, we consider secure and efficient implementation of PRFs on electronic seals and interrogators. We implement block cipher based PRFs and hash based PRFs and compare them from the viewpoint of efficiency. Since practical PRFs can be directly implemented using MACs, we consider implementation of various message authentication schemes; HMAC-MD5, HMAC-SHA1, AES-CBC-MAC, AES-CMAC and AESXCBC-MAC. For interrogators, we design FPGA modules for these MAC algorithms since an interrogator has to guarantee high throughput to communicate with many electronic seals simultaneously. According to our analysis, AES based MACs consume smaller areas and their throughputs are significantly higher than hash based ones. For electronic seals, we implement MAC algorithms as a form of software module (C and assembly codes) over a small-scale microcontroller. Our experimental results show that AES based modules show much better performance, which coincide with the results in hardware implementation. Finally, we improve the above implementations further, where we concentrate on the optimization of AES based MACs. We use several well-known techniques such as use of block RAMs in FPGA, and loop unrolling and register reallocation in assembly code.

[1]  Sandra Dominikus,et al.  Strong Authentication for RFID Systems Using the AES Algorithm , 2004, CHES.

[2]  Clemens Heinrich,et al.  Transport Layer Security (TLS) , 2011, Encyclopedia of Cryptography and Security.

[3]  Marie A. Wright Feature: The Advanced Encryption Standard , 2001 .

[4]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2003 , 2003, Lecture Notes in Computer Science.

[5]  Xiaoyun Wang,et al.  How to Break MD5 and Other Hash Functions , 2005, EUROCRYPT.

[6]  Min Wang,et al.  How Well Are High-End DSPs Suited for the AES Algorithms? AES Algorithms on the TMS320C6x DSP , 2000, AES Candidate Conference.

[7]  Vijay Kumar,et al.  Efficient Rijndael Encryption Implementation with Composite Field Arithmetic , 2001, CHES.

[8]  Tatsuaki Okamoto Topics in Cryptology – CT-RSA 2004 , 2004, Lecture Notes in Computer Science.

[9]  Ari Juels,et al.  Minimalist Cryptography for Low-Cost RFID Tags , 2004, SCN.

[10]  Jeffrey I. Schiller,et al.  Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2) , 2005, RFC.

[11]  Kris Gaj,et al.  Very Compact FPGA Implementation of the AES Algorithm , 2003, CHES.

[12]  David Naccache,et al.  Cryptographic Hardware and Embedded Systems — CHES 2001 , 2001 .

[13]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[14]  Paul E. Hoffman,et al.  Algorithms for Internet Key Exchange version 1 (IKEv1) , 2005, RFC.

[15]  Ieee Microwave Theory,et al.  Part 16: Air Interface for Fixed and Mobile Broadband Wireless Access Systems — Amendment for Physical and Medium Access Control Layers for Combined Fixed and Mobile Operation in Licensed Bands , 2003 .

[16]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[17]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[18]  Klaus Finkenzeller,et al.  Book Reviews: RFID Handbook: Fundamentals and Applications in Contactless Smart Cards and Identification, 2nd ed. , 2004, ACM Queue.

[19]  Marc Joye,et al.  Cryptographic Hardware and Embedded Systems - CHES 2004 , 2004, Lecture Notes in Computer Science.

[20]  Sheila Frankel,et al.  The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec , 2003, RFC.

[21]  Stephen A. Weis Security and Privacy in Radio-Frequency Identification Devices , 2003 .

[22]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[23]  A. Juels,et al.  Universal Re-encryption for Mixnets , 2004, CT-RSA.

[24]  Sandra Dominikus,et al.  A Highly Regular and Scalable AES Hardware Architecture , 2003, IEEE Trans. Computers.

[25]  Paul E. Hoffman,et al.  The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE) , 2004, RFC.

[26]  Ronald L. Rivest,et al.  The blocker tag: selective blocking of RFID tags for consumer privacy , 2003, CCS '03.

[27]  Morris J. Dworkin,et al.  SP 800-38B. Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication , 2005 .