Improving security and usability of low cost RFID tags

Low cost RFID tags pose unique security challenges. Data tampering is one of such challenges that need to be addressed. In this paper, we propose a tamper detection solution for the EPC-Class1 Generation2 tag (a low cost passive RFID tag) based on a cryptographic PRNG (a pseudo random number generator for low cost RFID tags) function called LAMED and the Skew Tent chaotic map. Most of the existing solutions can only detect tampering in some portions (e.g. the OC or the EM field of EPC tag) of an RFID tag; in contrast, our solution can detect and discriminate tampering anywhere in the RFID tag. Moreover, unlike the existing tamper detection solutions, our proposal also includes a solution for cloning detection. Furthermore, this solution offers better security than the existing tamper detection solutions. Managing passwords for each individual tag is one of the main challenges for adopting security solutions in RFID applications, such as supply chain management; we address this issue in our solution by dramatically minimizing the load of password management and thus our solution becomes quite feasible for existing low cost RFID applications. Last, but not least, our proposed solution is compatible with the EPC Tag Data Standards for EPC Class1 Gen2 tags proposed by the EPCglobal and GS1 (Global Standardization Body).

[1]  Sarah Spiekermann,et al.  Critical RFID Privacy-Enhancing Technologies , 2009, IEEE Security & Privacy.

[2]  Hong-Xia Wang,et al.  Tamper Discrimination in RFID Tags Using Chaotic Fragile Watermark , 2009, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing.

[3]  Michel Barbeau,et al.  Security Threats on EPC Based RFID Systems , 2008, Fifth International Conference on Information Technology: New Generations (itng 2008).

[4]  P. Bernardi,et al.  An anti-counterfeit mechanism for the application layer in low-cost RFID devices , 2008, 2008 4th European Conference on Circuits and Systems for Communications.

[5]  Elizabeth Chang,et al.  Tamper Detection for Ubiquitous RFID-Enabled Supply Chain , 2005, CIS.

[6]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[7]  Sasa Radomirovic,et al.  Security of an RFID Protocol for Supply Chains , 2008, 2008 IEEE International Conference on e-Business Engineering.

[8]  J. Mitsugi,et al.  A Tamper Detection Method for RFID Tag Data , 2008, 2008 IEEE International Conference on RFID.

[9]  Damith C. Ranasinghe,et al.  Low-Cost RFID Systems: Confronting Security and Privacy , 2005 .

[10]  Joaquín García,et al.  Analysis and Improvement of a Pseudorandom Number Generator for EPC Gen2 Tags , 2010, Financial Cryptography Workshops.

[11]  V. Potdar,et al.  Tamper Detection in RFID Tags using Fragile Watermarking , 2006, 2006 IEEE International Conference on Industrial Technology.

[12]  V. Potdar,et al.  Recovering and Restoring Tampered RFID Data using Steganographic Principles , 2006, 2006 IEEE International Conference on Industrial Technology.

[13]  Mikko Lehtonen,et al.  From Identification to Authentication – A Review of RFID Product Authentication Techniques , 2008 .

[14]  Juan E. Tapiador,et al.  LAMED - A PRNG for EPC Class-1 Generation-2 RFID specification , 2009, Comput. Stand. Interfaces.

[15]  Mark Harrison,et al.  Data Synchronization Specification , 2006 .

[16]  Kevin Curran,et al.  Tamper Detection for low cost RFID Tags: Using Watermarking with Chaotic Mapping , 2011 .

[17]  Martin Hell,et al.  Grain: a stream cipher for constrained environments , 2007, Int. J. Wirel. Mob. Comput..