Enhancing Security of EPCglobal Gen-2 RFID Tag against Traceability and Cloning

In this paper, we present a synchronization-based communication protocol for RFID devices. We focus on the EPCGlobal Class-1 Gen-2 RFID tag which supports only simple cryptographic primitives like Pseudo-random Number Generator (PRNG) and Cyclic Redundancy Code (CRC). Our protocol is secure in a sense that it prevents the cloned tags and malicious readers from impersonating and abusing legitimate tags, respectively. In addition, our protocol provides that each RFID tag emits a different bit string (pseudonym) when receiving each and every reader’s query. Therefore, it makes tracking activities and personal preferences of tag’s owner impractical to provide the user’s privacy.

[1]  Tanja Lange,et al.  Random Numbers Generation and Testing , 2005, Handbook of Elliptic and Hyperelliptic Curve Cryptography.

[2]  J. Sobolewski Cyclic redundancy check , 2003 .

[3]  Philippe Oechslin,et al.  Reducing Time Complexity in RFID Systems , 2005, Selected Areas in Cryptography.

[4]  Tassos Dimitriou,et al.  A Lightweight RFID Protocol to protect against Traceability and Cloning attacks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[5]  David A. Wagner,et al.  A Scalable, Delegatable Pseudonym Protocol Enabling Ownership Transfer of RFID Tags , 2005, IACR Cryptol. ePrint Arch..

[6]  Philippe Oechslin,et al.  A scalable and provably secure hash-based RFID protocol , 2005, Third IEEE International Conference on Pervasive Computing and Communications Workshops.

[7]  Jeongkyu Yang Security and Privacy on Authentication Protocol for Low-cost Radio Frequency Identiflcation , 2005 .

[8]  Stephen A. Weis Security and Privacy in Radio-Frequency Identification Devices , 2003 .

[9]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.