Abstract
Many reader/tag authentication protocols are proposed to effectively authenticate tags and readers. However, we demonstrate with YA-TRAP as an example how false authentications that a legitimate tag could be wrongly rejected by a reader may arise from these protocols when they are applied to C1G2 (class 1 generation 2) passive RFID tags. In this chapter, we identify a protocol pattern of which the implementation on C1G2 passive tags leads to false authentications, and further identify three types of the existing protocols that can bring with false authentications due to containing this pattern. Moreover, we give a necessary and sufficient condition for false authentications prevention, and propose a naive semaphore-based solution which revises the pattern by adding semaphore operations so as to avoid false authentications. Our experiments demonstrate the arising of false authentications and verify the effectiveness of our solution.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
This false authentication may also arise under other situations such as (1) two or more readers interacting with one tag, (2) one reader interacting with two or more tags, or (3) two or more readers interacting with two or more tags, in which all tags involved are not C1G2 passive tags. However, it is one of the directions for our future study.
- 2.
We henceforth use terms tags, C1G2 tags or C1G2 passive tag interchangeably to refer to C1G2 passive RFID tags unless otherwise specified.
- 3.
Theorem 1 has covered the case that reader \(\mathrm {R}_1\) reads memory \(M_r\) before it has been updated with response \(R(c_1)\).
- 4.
The hashing result of SHA-256 is \(256\) bits (i.e., \(32\) bytes) though, we take part of the result as a response in our experiments. The time for the tag to write a response into a memory increases with the response length.
- 5.
The input size of SHA-256 is \(64n - 9\) bytes for \(n\) blocks. The execution time of SHA-256 grows with the input size though, it is a constant for any bytes of length within the same input size.
References
Alomair, B., L. Lazos, Poovendran, R.: Towards securing low-cost RFID systems: an unconditionally secure approach. In: Proceedings of the 2010 Workshop on RFID Security (RFIDsec’10 Asia), Singapore, pp. 1–17, 22–23 Feb 2010
Avoine, G., Dysli, E., Oechslin, P.: Reducing time complexity in RFID systems. In : Proceedings of the 12th Annual Workshop on Selected Areas in Cryptography (SAC’05), Kingston, pp. 291–306, 11–12 Aug 2005
DemoTag. http://www.iaik.tugraz.at/content/research/rfid/tag_emulators/
EPCGlobal, EPC Radio-Frequency Identity Protocols Class-1 Generation-2 UHF RFID Protocol for Communications at 860 MHz–960 MHz Version 1.2.0. Available at http://www.epcglobalinc.org/standards/uhfc1g2/uhfc1g2_1_2_0-standard-20080511.pdf
Feldhofer, M., Dominikus, S., Wolkerstorfer, J.: Strong authentication for RFID systems using the AES algorithm. In: Proceedings of the Sixth International Workshop on Cryptographic Hardware and Embedded Systems (CHES 2004), Cambridge, pp. 357–370, 11–13 Aug 2004
Fu, G., Li, Y.: A role-based authorization framework for RFID-enabled supply chain networks. In: Proceedings of the 16th International Conference on Transformative Science, Engineering, and Business Innovation, Jeju Island, 12–16 June 2011
He, W., Li, Y., Chiew, K., Li, T., Lee, E.W.: A solution with security concern for RFID-based track and trace services in epcglobal-enabled supply chains. In: Turcu, C. (ed.) Designing and Deploying RFID Applications, pp. 95–108. InTech, UK (2011). Chapter 7
International Organization for Standards (ISO): ISO/IEC 18000–6: radio frequency identification for item management—part 6: parameters for air interface communications at 860 MHz to 960 MHz. http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=34117
Juels, A., Weis, S. A.: Authenticating pervasive devices with human protocols. In: Proceedings of the 25th Annual International Cryptology Conference (Crypto 2005), Santa Barbara, pp. 293–308, 14–18 Aug 2005
Lai, Y.-C., Lin, C.-C.: Two blocking algorithms on adaptive binary splitting: single and pair resolutions for RFID tag identification. IEEE/ACM Trans. Networking 17(3), 962–975 (2009)
Melski, A., Müller, J., Zeier, A., Schumann, M.: Improving supply chain visibility through RFID data. In: Proceedings of the the IEEE 24th International Conference on Data Engineering Workshop (ICDEW’08), Cancun, pp. 102–103, 7–12 April 2008
Molner, D., Wagner, D.: Privacy and security in library RFID: issues, practices, and architectures. In: Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS’04), Washington, pp. 210–219, 25–29 Oct 2004
Myung, J., Lee, W., Srivastava, J., Shih, T.K.: Tag-splitting: adaptive collision arbitration protocols for RFID tag identification. IEEE Trans. Parallel Distrib. Syst. 18(6), 763–775 (2007)
Peris-Lopez, P., Hernández-Castro, J. C., Estévez-Tapiador, J. M., Ribagorda, A.: M\(^2\)AP: a minimalist mutual-authentication protocol for low-cost RFID tags. In: Proceedings of the 3rd International Conference on Ubiquitous Intelligence and Computing (UIC06), Wuhan, China, pp. 912–923, 3–6 September 2006
RFID, C.: CAENRFIDLib: ansi C functions library—technical information manual. http://www.caen.it/rfid/index.php
Shi, J., Li, Y., Deng, R.H.: A secure and efficient discovery service system in epcglobal network. Comput. Secur. 31(8), 870–885 (2012)
Shi, J., Li, Y., He, W., Sim, D.: Sectts: a secure track & trace system for RFID-enabled supply chains. Comput. Indus. 63(6), 574–585 (2012)
Tsudik, G.: YA-TRAP: yet another trivial RFID authentication protocol. In: Proceedings of the 4th IEEE Annual International Conference on Pervasive Computing and Communications Workshops (PerComW 2006), Pissa, Italy, pp. 643–646, 13–17 Mar 2006
Vajda, I., Buttyán, L.: Leightweight authentication protocols for low-cost RFID tags. In: Proceedings of the 5th International Conference on Ubiquitous Computing (UbiComp 2003), Seattle, WA, USA, 12–15 Oct 2003
Wang, C., Daneshmand, M., Sohraby, K., Li, B.: Performance analysis of RFID generation-2 protocol. IEEE Trans. Wireless Commun. 8(5), 2592–2601 (2009)
Weis, S. A., Sarma, S. E., Rivest, R. L., Engels, D. W.: Security and privacy aspects of low-cost radio frequency identification systems. In: Proceedings of the 1st International Conference on Security in Pervasive Computing (SPC 2003), Boppard, Germany, pp. 201–212, 12–14 Mar 2003
Yang, J., Park, J., Lee, H., Ren, K., Kim, K.: Mutual authentication protocol for low-cost RFID. In: Proceedings of the Workshop on RFID and Lightweight Crypto, Graz, Austria, pp. 17–24, 14–15 July 2005
Acknowledgments
This work was partly supported by National Natural Science Foundation of China (No. 61272303) and China National Program on Key Basic Research Projects (973 Program, No. 2010CB327903).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Chiew, K., Li, Y., Xu, C. (2014). On RFID False Authentications. In: Bessis, N., Dobre, C. (eds) Big Data and Internet of Things: A Roadmap for Smart Environments. Studies in Computational Intelligence, vol 546. Springer, Cham. https://doi.org/10.1007/978-3-319-05029-4_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-05029-4_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-05028-7
Online ISBN: 978-3-319-05029-4
eBook Packages: EngineeringEngineering (R0)