New clone-detection approach for RFID-based supply chains

Radio-Frequency Identification (RFID) tags have been widely used as a low-cost wireless method for detection of counterfeit product injection in supply chains. In order to adequately perform authentication, current RFID monitoring schemes need to either have a persistent online connection between supply chain partners and the back-end database or have a local database on each partner site. A persistent online connection is not guaranteed and local databases on each partner site impose extra cost and security issues. We solve this problem by introducing a new scheme in which a small Non-Volatile Memory (NVM) embedded in RFID tag is used to function as a tiny “encoded local database”. In addition our scheme resists “tag tracing” so that each partner's operation remains private. Our scheme can be implemented in less than 1200 gates satisfying current RFID technology requirements.

[1]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[2]  S. Devadas,et al.  Design and Implementation of PUF-Based "Unclonable" RFID ICs for Anti-Counterfeiting and Security Applications , 2008, 2008 IEEE International Conference on RFID.

[3]  Wenjing Lou,et al.  A Privacy-preserving Lightweight Authentication Protocol for Low-Cost RFID Tags , 2007, MILCOM 2007 - IEEE Military Communications Conference.

[4]  Yong Guan,et al.  Lightweight Mutual Authentication and Ownership Transfer for RFID Systems , 2010, 2010 Proceedings IEEE INFOCOM.

[5]  Srinivas Devadas,et al.  Modeling attacks on physical unclonable functions , 2010, CCS '10.

[6]  Vincent Rijmen,et al.  AES implementation on a grain of sand , 2005 .

[7]  Alexander Fish,et al.  A low-cost low-power non-volatile memory for RFID applications , 2012, 2012 IEEE International Symposium on Circuits and Systems.

[8]  Tassos Dimitriou,et al.  A Lightweight RFID Protocol to protect against Traceability and Cloning attacks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[9]  Christof Paar,et al.  Pushing the Limits: A Very Compact and a Threshold Implementation of AES , 2011, EUROCRYPT.

[10]  Sang-Soo Yeo,et al.  Scalable and Flexible Privacy Protection Scheme for RFID Systems , 2005, ESAS.

[11]  Sang-Soo Yeo,et al.  Securing against brute-force attack: A hash-based RFID mutual authentication protocol using a secret value , 2011, Comput. Commun..

[12]  Xiang Li,et al.  DTD: A Novel Double-Track Approach to Clone Detection for RFID-Enabled Supply Chains , 2017, IEEE Transactions on Emerging Topics in Computing.

[13]  Peng Wang,et al.  Security of Truncated MACs , 2008, Inscrypt.

[14]  Yun Tian,et al.  A New Ultralightweight RFID Authentication Protocol with Permutation , 2012, IEEE Communications Letters.

[15]  Srdjan Capkun,et al.  Tailing RFID Tags for Clone Detection , 2013, NDSS.

[16]  Pedro Peris-López,et al.  LMAP : A Real Lightweight Mutual Authentication Protocol for Low-cost RFID tags , 2006 .

[17]  Davide Zanetti,et al.  Privacy-preserving clone detection for RFID-enabled supply chains , 2010, 2010 IEEE International Conference on RFID (IEEE RFID 2010).

[18]  Mike Burmester,et al.  RFID Security : Attacks , Countermeasures and Challenges , 2007 .

[19]  Kwangjo Kim,et al.  Mutual Authentication Protocol for Low-cost RFID , 2005, CRYPTO 2005.

[20]  Elgar Fleisch,et al.  How to detect cloned tags in a reliable way from incomplete RFID traces , 2009, 2009 IEEE International Conference on RFID.

[21]  Lejla Batina,et al.  RFID-Tags for Anti-counterfeiting , 2006, CT-RSA.

[22]  D. Engels,et al.  Security and Privacy : Modest Proposals for Low-Cost RFID Systems # , 2004 .

[23]  Hung-Yu Chien,et al.  SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity , 2007, IEEE Transactions on Dependable and Secure Computing.

[24]  Thomas Peyrin,et al.  The PHOTON Family of Lightweight Hash Functions , 2011, IACR Cryptol. ePrint Arch..

[25]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[26]  Florian Michahelles,et al.  Securing RFID Systems by Detecting Tag Cloning , 2009, Pervasive.

[27]  Juan E. Tapiador,et al.  M2AP: A Minimalist Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, UIC.

[28]  Eman Shaaban,et al.  Lightweight Mutual Authentication Protocol for Low Cost RFID Tags , 2010, ArXiv.

[29]  KyungOh Lee,et al.  An Advanced Mutual-Authentication Algorithm Using AES for RFID Systems , 2006 .