Efficient RFID authentication protocols based on pseudorandom sequence generators

In this paper, we introduce a new class of PRSGs, called partitioned pseudorandom sequence generators(PPRSGs), and propose an RFID authentication protocol using a PPRSG, called S-protocol. Since most existing stream ciphers can be regarded as secure PPRSGs, and stream ciphers outperform other types of symmetric key primitives such as block ciphers and hash functions in terms of power, performance and gate size, S-protocol is expected to be suitable for use in highly constrained environments such as RFID systems. We present a formal proof that guarantees resistance of S-protocol to desynchronization and tag-impersonation attacks. Specifically, we reduce the availability of S-protocol to pseudorandomness of the underlying PPRSG, and the security of the protocol to the availability. Finally, we give a modification of S-protocol, called S*-protocol, that provides mutual authentication of tag and reader.

[1]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[2]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[3]  Paul Müller,et al.  Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[4]  Sandra Dominikus,et al.  Strong Authentication for RFID Systems Using the AES Algorithm , 2004, CHES.

[5]  Tassos Dimitriou,et al.  A Lightweight RFID Protocol to protect against Traceability and Cloning attacks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[6]  Philippe Oechslin,et al.  A scalable and provably secure hash-based RFID protocol , 2005, Third IEEE International Conference on Pervasive Computing and Communications Workshops.

[7]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[8]  Dongho Won,et al.  Challenge-Response Based RFID Authentication Protocol for Distributed Database Environment , 2005, SPC.

[9]  Vincent Rijmen,et al.  AES implementation on a grain of sand , 2005 .

[10]  Jonathan Katz,et al.  Parallel and Concurrent Security of the HB and HB+ Protocols , 2006, EUROCRYPT.

[11]  Christophe De Cannière,et al.  Trivium: A Stream Cipher Construction Inspired by Block Cipher Design Principles , 2006, ISC.

[12]  Gene Tsudik,et al.  YA-TRAP: yet another trivial RFID authentication protocol , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06).

[13]  Jongsung Kim,et al.  HIGHT: A New Block Cipher Suitable for Low-Resource Device , 2006, CHES.

[14]  François Arnault,et al.  Update on F-FCSR Stream Cipher , 2006 .

[15]  T. Good,et al.  Hardware results for selected stream cipher candidates , 2007 .

[16]  Martin Hell,et al.  Grain: a stream cipher for constrained environments , 2007, Int. J. Wirel. Mob. Comput..

[17]  Christof Paar,et al.  New Light-Weight Crypto Algorithms for RFID , 2007, 2007 IEEE International Symposium on Circuits and Systems.

[18]  Mike Burmester,et al.  Universally composable and forward-secure RFID authentication and authenticated key exchange , 2007, ASIACCS '07.

[19]  Yannick Seurin,et al.  HB#: Increasing the Security and Efficiency of HB+ , 2008, EUROCRYPT.

[20]  Jonathan Katz,et al.  Parallel and Concurrent Security of the HB and HB+ Protocols , 2006, Journal of Cryptology.