Design and Analysis of Security Schemes for Low-cost RFID Systems

Chai, Qi

01 1900

With the remarkable progress in microelectronics and low-power semiconductor technologies, Radio Frequency IDentification technology (RFID) has moved from obscurity into mainstream applications, which essentially provides an indispensable foundation to realize ubiquitous computing and machine perception. However, the catching and exclusive characteristics of RFID systems introduce growing security and privacy concerns. To address these issues are particularly challenging for low-cost RFID systems, where tags are extremely constrained in resources, power and cost. The primary reasons are: (1) the security requirements of low-cost RFID systems are even more rigorous due to large operation range and mass deployment; and (2) the passive tags' modest capabilities and the necessity to keep their prices low present a novel problem that goes beyond the well-studied problems of traditional cryptography. This thesis presents our research results on the design and the analysis of security schemes for low-cost RFID systems. Motivated by the recent attention on exploiting physical layer resources in the design of security schemes, we investigate how to solve the eavesdropping, modification and one particular type of relay attacks toward the tag-to-reader communication in passive RFID systems without requiring lightweight ciphers. To this end, we propose a novel physical layer scheme, called Backscatter modulation- and Uncoordinated frequency hopping-assisted Physical Layer Enhancement (BUPLE). The idea behind it is to use the amplitude of the carrier to transmit messages as normal, while to utilize its periodically varied frequency to hide the transmission from the eavesdropper/relayer and to exploit a random sequence modulated to the carrier's phase to defeat malicious modifications. We further improve its eavesdropping resistance through the coding in the physical layer, since BUPLE ensures that the tag-to-eavesdropper channel is strictly noisier than the tag-to-reader channel. Three practical Wiretap Channel Codes (WCCs) for passive tags are then proposed: two of them are constructed from linear error correcting codes, and the other one is constructed from a resilient vector Boolean function. The security and usability of BUPLE in conjunction with WCCs are further confirmed by our proof-of-concept implementation and testing. Eavesdropping the communication between a legitimate reader and a victim tag to obtain raw data is a basic tool for the adversary. However, given the fundamentality of eavesdropping attacks, there are limited prior work investigating its intension and extension for passive RFID systems. To this end, we firstly identified a brand-new attack, working at physical layer, against backscattered RFID communications, called unidirectional active eavesdropping, which defeats the customary impression that eavesdropping is a ``passive" attack. To launch this attack, the adversary transmits an un-modulated carrier (called blank carrier) at a certain frequency while a valid reader and a tag interacts at another frequency channel. Once the tag modulates the amplitude of reader's signal, it causes fluctuations on the blank carrier as well. By carefully examining the amplitude of the backscattered versions of the blank carrier and the reader's carrier, the adversary could intercept the ongoing reader-tag communication with either significantly lower bit error rate or from a significantly greater distance away. Our concept is demonstrated and empirically analyzed towards a popular low-cost RFID system, i.e., EPC Gen2. Although active eavesdropping in general is not trivial to be prohibited, for a particular type of active eavesdropper, namely a greedy proactive eavesdropper, we propose a simple countermeasure without introducing extra cost to current RFID systems. The needs of cryptographic primitives on constraint devices keep increasing with the growing pervasiveness of these devices. One recent design of the lightweight block cipher is Hummingbird-2. We study its cryptographic strength under a novel technique we developed, called Differential Sequence Attack (DSA), and present the first cryptanalytic result on this cipher. In particular, our full attack can be divided into two phases: preparation phase and key recovery phase. During the key recovery phase, we exploit the fact that the differential sequence for the last round of Hummingbird-2 can be retrieved by querying the full cipher, due to which, the search space of the secret key can be significantly reduced. Thus, by attacking the encryption (decryption resp.) of Hummingbird-2, our algorithm recovers 36-bit (another 28-bit resp.) out of 128-bit key with $2^{68}$ ($2^{60}$ resp.) time complexity if particular differential conditions of the internal states and of the keys at one round can be imposed. Additionally, the rest 64-bit of the key can be exhaustively searched and the overall time complexity is dominated by $2^{68}$. During the preparation phase, by investing $2^{81}$ effort in time, the adversary is able to create the differential conditions required in the key recovery phase with at least 0.5 probability. As an additional effort, we examine the cryptanalytic strength of another lightweight candidate known as A2U2, which is the most lightweight cryptographic primitive proposed so far for low-cost tags. Our chosen-plaintext-attack fully breaks this cipher by recovering its secret key with only querying the encryption twice on the victim tag and solving 32 sparse systems of linear equations (where each system has 56 unknowns and around 28 unknowns can be directly obtained without computation) in the worst case, which takes around 0.16 second on a Thinkpad T410 laptop.

RFID

Physical layer security

Privacy

Lightweight cryptography

Electrical and Computer Engineering

Characterization and Performance Analysis of UHF RFID Tag for Environmental Sensing Applications

Li, Zhenzhong

January 2012

Passive radio frequency identification (RFID) tag has been shown efficient in item tracking and management in the supply chain. Attracted to low weight and small size of wireless nodes, some research work was conducted to extend the RFID advantage into environmental sensing applications. The concept is to using tag frequencies as sensing parameters. When variation occurs in the surrounding environment, such as temperature and humidity level, the operation frequencies of tags would be shifted, and such shift can be used to identify the degree of variation in the environment. One challenge of RFID tag is the distortion from other surrounding objects, the existence of obstacles and metals can have greatly impact on the sensing performance in both accuracy and sensing range. This thesis work conducts an investigation of the performance of a passive radio-frequency identification (RFID) based system. The investigation systematically probed the effects of passive RFID tag orientation and obstacles (blocking line-of-sight between a reader and a tag) as well as reading period (the time required for successful detection) on the range of detection. In the absence of obstacles, optimized tag orientation improved the system reliability and range of detection. At a reading distance where tag readability became unstable, increasing the reading period led to a higher reliability. A theoretical model was also established and was in good agreement with measurement results, providing a simple guideline to the further experiments. This work would also advance the knowledge understanding on wireless sensing on metal effect, humidity and temperature.

RFID

Environment Sensing

Modeling

UHF Tag

Electrical and Computer Engineering

Beiträge zur sicheren Kommunikation mobiler Systeme

Gorecki, Christian Alexander

January 2005

Zugl.: Bremen, Univ., Diss., 2005

The impact of auto-ID technology on process performance : RFID in the FMCG supply chain /

Tellkamp, Christian.

January 2006

Univ., Diss.--St. Gallen, 2006. / Auto-ID = Automatic identification. - RFID = Radio frequency identification. - FMCG = Fast-moving consumer goods.

User control in ubiquitous computing design alternatives and user acceptance

Spiekermann, Sarah

January 2007

Zugl.: Berlin, Humboldt-Univ., Habil.-Schr., 2007

Konzeption und Realisierung einer RFID-Middleware-Architektur für mobile Systeme

Schwieren, Joachim

January 2008

Zugl.: Münster (Westfalen), Univ., Diss., 2008

RFID im Supply Chain Management : Auswirkungen und Handlungsempfehlungen am Beispiel der Automobilindustrie /

Strassner, Martin.

January 2005

Diss. Univ. St. Gallen, 2005.

Analyse potentieller Einsatzbereiche und Umsetzungskonzepte RFID-gestützter Informationssysteme bei mittelständischen Pharmazieunternehmen am Fallbeispiel der Haupt Pharma Brackenheim /

Traub, Lukas.

January 2007

Bachelor-Arbeit Univ. St. Gallen, 2007.

Rückverfolgbarkeit von Lebensmitteln - Beitrag der Auto-ID Technologie

Kreienbuehl, Christian.

January 2004

Bachelor-Arbeit Univ. St. Gallen, 2004.

The impact of auto-ID technology on process performance : RFID in the FMCG supply chain /

Tellkamp, Christian.

January 2006

Thesis (doctoral)--Universität St. Gallen, 2006.