Abstract
While the first RFID car immobilizer systems were based on read-only transponders, in 1995 followed the Digital Signature Transponder – the first RFID device containing a real encryption module and using the state-of-the-art challenge-response protocol.
After an introduction about the immobilizer operation and system properties the development of the Digital Signature Transponder is described, also discussing different trade-offs. Section 3 covers attack scenarios and the re-engineering work that led to a machine for exhaustive key search. Section 4 concludes with important lessons learnt and future development directions.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bono et al. 2005, Security Analysis of a Cryptographically-Enabled RFID Device, Johns Hopkins University and RSA Laboratories, Baltimore, MD,28 January 2005, http://www.rsa.com/rsalabs/staff/bios/ajuels/publications/pdfs/DSTbreak.pdf
Courtois 2004, General Principles of Algebraic Attacks and New Design Criteria for Components of Symmetric Ciphers. Invited talk, AES 4 Conference, Bonn, May 10–12 2004, LNCS 3373, pp. 67–83, Springer, Berlin
Courtois 2006, How Fast can be Algebraic Attacks on Block Ciphers? http://eprint.iacr. org/2006/168
Daemen and Rijmen 1999, AES Proposal: Rijndael, Version 2, 03/09/99, 45 pages and related reference code in C http://www.esat.kuleuven.ac.be/∼rijmen/rijndael/rijndaelref.zip
Feldhofer et al. 2004, Strong Authentication for RFID Systems Using the AES Algorithm, CHES 2004, LNCS 3156, Springer, Berlin
Gordon 1994, Designing Codes for Vehicle Remote Security Systems, Concept Laboratories Ltd. and Police Scientific Development Branch, Hertfordshire, GB, pp. 1–22
Gordon and Retkin 1981, Are Big S-Boxes Best?, IEEE Workshop on Communication Security, Santa Barbara, pp. 1–6
Gordon et al. 1996, A Low Cost Transponder for High Security Vehicle Immobilizers, Proceedings of ISATA, Florence, Italy, 3–6 June 1996, Automotive Electronics, 96AE001
Heys 2001, A Tutorial on Linear and Differential Cryptanalysis, Technical Report CORR 2001–17, March 2001, http://www.engr.mun.ca/∼howard/PAPERS/ldc tutorial.ps
Heys and Tavares 1994, On the Design of Secure Block Ciphers, Queen's 17th Biennial Symposium on Communications, Kingston, Ontario, Canada, May 1994, 6 pages
Heys and Tavares 1996, Substitution-Permutation Network Resistant to Differential and Linear Cryptanalysis, Journal of Cryptology, 9(1): 1–19
Kaiser 1999, A Low-Power Digital Signature Transponder IC for High Performance RFID Authentication, Proceedings of European Conference on Circuit Theory and Design, ECCTD’99, Stresa, Italy, Aug. 29-Sep. 02 1999, pp. 45–48
Kaiser 2003, Theft Protection by means of Embedded Encryption in RFID-Transponders (Immobilizer), ESCAR - Embedded IT-Security in Cars, Bochum, Germany, 18–19 Nov. 2003
Kaiser2004, UICE Universal Immobilizer Crypto Engine- The Little Brother of AES, AES4, May 2004, Bonn, http://www.aes4.org/english/events/aes4/downloads/AES4 UICE slides.pdf
Kaiser 2007, UICE: A High-Performance Cryptographic Module for SoC and RFID Applications, http://eprint.iacr.org/2007/258
Kaiser and Steinhagen 1994, A Low Power Transponder IC for High Performance Identification Systems, Proceedings of CICC’94, San Diego, CA, USA, May 1–4 1994, pp. 14.4.1–14.4.4
Kaiser and Steinhagen 1995, A low power transponder IC for high performance identification systems, IEEE Journal of Solid-State Circuits, 30: 306–310
Kern 1999, RFID-Technology - Recent Development and Future Requirements, Proceedings of European Conference on Circuit Theory and Design, ECCTD’99, Stresa, Italy, Aug. 29-Sep. 02 1999, pp. 25–28
Kocher et al. 1999, Differential Power Analysis, Advances in Cryptology, CRYPTO’99, LNCS 1666,10 pages, Springer, Berlin
Kuo and Verbauwhede 2001, Architectural Optimization for a 1.82 Gbits/sec VLSI Implementation of the AES Rijndael Algorithm, CHES 2001, LNCS 2162, pp. 51–64, Springer, Berlin
Loney 2003, Moore's Law is the biggest thread to privacy, according to Phil Zimmermann, news.zdnet.co.uk and www.silicon.com, 29 April 2003
Menezes, Oorshot and Vanstone 1997, Handbook of Applied Cryptography, CRC, Boca Raton, FL
NIST 2001, FIPS 140–2, Security Requirements for Cryptographic Modules, May 25, 2001, http://csrc.nist.gov/cryptval and http://csrc.nist.gov/publications/fips/fips140–2/fips1402.pdf
NIST 2001, National Institute of Standards and Technology, FIPS PUB 197, 26 May 2002, http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
Rejeb et al. 2003, Hardware Implementation of the Rijndael Algorithm for High-Speed Networks, ISPC 2003, Dallas, TX, 6 pages
Ritter1997, S-Box design: A Literature Survey, Research Comments, http://www.ciphersbyritter.com/RES/SBOXDESN.HTM
Sarma et al. 2002, RFID and Security and Privacy Implications, CHES 2002, LNCS 2523, pp. 454–469, Springer, Berlin
28.Scheerhorn 1997, DSG Algorithm Evaluation, EVAL11.DOC, CCI, Meppen, 2 Dec. 1997
Schneier 1995, Applied Cryptography, Addison Wesley, Reading, MA
Schuermann and Meier 1993, TIRIS - Leader in Radio Frequency Identification Technology, Texas Instruments Technical Journal, 10(6): 2–14
Seberry et al. 1994, Pitfalls in Designing Substitution Boxes, S-Box, Crypto’94, p. 383ff
Steinhagen and Kaiser 1994, A Low Power Read/Write Transponder IC for High Performance Identification Systems, Proceedings of ESSCIRC’94, Ulm, Germany, September 20–22, 1994, pp. 256–259
Stinson 1995, Cryptography, Theory and Practice, CRC, Boca Raton, FL
Vahlis 2005, Security Analysis of a Cryptographically Enabled RFID, University of Toronto, http://www.eecg.toronto.edu/∼lie/Courses/ECE1776–2005/Presentations/RFID-Eugene.pdf
Webster and Tavares 1986, On the Design of S-Boxes, Proc. CRYPTO 1985, LNCS 218, pp.523–534, Springer, Berlin
Wollinger et al. 2000, How Well are High-End DSPs Suited for the AES Algorithms? - AES Algorithms on the TMS320C6x DSP, The Third Advance Encryption Standard (AES3) Candidate Conference, New York, April 2000, 11 pages
Xu and Heys 1997, A New Criterion for the Design of 8 × 8 S-Boxes in Private-Key Ciphers, IEEE Canadian Conference on Electrical and Computer Engineering (CCECE’97), May 1997
Yang et al. 1998, A new RSA cryptosystem hardware design based on Montgomery's algorithm, IEEE Transactions on Circuits and Systems II, 45(7): 908–913
Speedpass, http://en.wikipedia.org/wiki/Speedpass
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer Science+Business Media, LLC
About this chapter
Cite this chapter
Kaiser, U. (2008). Digital Signature Transponder. In: Kitsos, P., Zhang, Y. (eds) RFID Security. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-76481-8_8
Download citation
DOI: https://doi.org/10.1007/978-0-387-76481-8_8
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-76480-1
Online ISBN: 978-0-387-76481-8
eBook Packages: EngineeringEngineering (R0)