On RFID False Authentications

Many reader/tag authentication protocols are proposed to effectively authenticate tags and readers. However, we demonstrate with YA-TRAP as an example how false authentications that a legitimate tag could be wrongly rejected by a reader may arise from these protocols when they are applied to C1G2 (class 1 generation 2) passive RFID tags. In this chapter, we identify a protocol pattern of which the implementation on C1G2 passive tags leads to false authentications, and further identify three types of the existing protocols that can bring with false authentications due to containing this pattern. Moreover, we give a necessary and sufficient condition for false authentications prevention, and propose a naive semaphore-based solution which revises the pattern by adding semaphore operations so as to avoid false authentications. Our experiments demonstrate the arising of false authentications and verify the effectiveness of our solution.

[1]  Sandra Dominikus,et al.  Strong Authentication for RFID Systems Using the AES Algorithm , 2004, CHES.

[2]  Gene Tsudik,et al.  YA-TRAP: yet another trivial RFID authentication protocol , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06).

[3]  David A. Wagner,et al.  Privacy and security in library RFID: issues, practices, and architectures , 2004, CCS '04.

[4]  Yingjiu Li,et al.  SecTTS: A secure track & trace system for RFID-enabled supply chains , 2012, Comput. Ind..

[5]  István Vajda,et al.  Lightweight Authentication Protocols for Low-Cost RFID Tags , 2003 .

[6]  Juan E. Tapiador,et al.  M2AP: A Minimalist Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, UIC.

[7]  Basel Alomair,et al.  Securing low-cost RFID systems: An unconditionally secure approach , 2011, J. Comput. Secur..

[8]  Cristina Turcu Designing and Deploying RFID Applications , 2011 .

[9]  Jaideep Srivastava,et al.  Tag-Splitting: Adaptive Collision Arbitration Protocols for RFID Tag Identification , 2007, IEEE Transactions on Parallel and Distributed Systems.

[10]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[11]  Alexander Zeier,et al.  Improving supply chain visibility through RFID data , 2008, 2008 IEEE 24th International Conference on Data Engineering Workshop.

[12]  Philippe Oechslin,et al.  Reducing Time Complexity in RFID Systems , 2005, Selected Areas in Cryptography.

[13]  Kwangjo Kim,et al.  Mutual Authentication Protocol for Low-cost RFID , 2005, CRYPTO 2005.

[14]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[15]  Bo Li,et al.  Performance analysis of RFID Generation-2 protocol , 2009, IEEE Transactions on Wireless Communications.

[16]  Chih-Chung Lin,et al.  Two blocking algorithms on adaptive binary splitting: single and pair resolutions for RFID tag identification , 2009, TNET.

[17]  Eng Wah Lee,et al.  A Solution with Security Concern for RFID-Based Track & Trace Services in EPCglobal-Enabled Supply , 2011 .

[18]  Robert H. Deng,et al.  A secure and efficient discovery service system in EPCglobal network , 2012, Comput. Secur..