Wei Xin,Cong Tang,Hu Xiong,Yonggang Wang,Huiping Sun,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.3233/978-1-60750-722-2-129

2011-01-01

Abstract:Radio Frequency Identification (RFID) systems suffer from different security and privacy problems, among which relay attacks are a hot topic recently. A relay attack is a form of man-in-the-middle (MITM) attack where the adversary manipulates the communication by only relaying the verbatim messages between two parties. The main countermeasure against relay attacks is the use of distance bounding protocols measuring the round-trip time between the reader and the tag, more precisely, it uses bit exchanges for a series of rapid challenge-response rounds in RFID systems. In 2005, Hancke and Kuhn first introduced distance bounding protocol into RFID systems, after that, many schemes have been proposed based on this protocol. However, most schemes tend to a more complex design to decrease adversary's success probability. In this paper, we propose a novel distance bounding protocol named MEED, using only 2n bits of memory, which, to our best knowledge, is equal to Hancke and Kuhn's protocol and less than any existing protocols. In addition, by using our protocol, the tag is able to detect adversary's malicious queries. We also make a comparison with typical previous distance bounding protocols in both memory and mafia fraud success probability.

Pedro Peris-Lopez,Julio C. Hernandez-Castro,Christos Dimitrakakis,Aikaterini Mitrokotsa,Juan M. E. Tapiador

DOI: https://doi.org/10.48550/arXiv.0906.4618

2009-06-25

Cryptography and Security

Abstract:The vast majority of RFID authentication protocols assume the proximity between readers and tags due to the limited range of the radio channel. However, in real scenarios an intruder can be located between the prover (tag) and the verifier (reader) and trick this last one into thinking that the prover is in close proximity. This attack is generally known as a relay attack in which scope distance fraud, mafia fraud and terrorist attacks are included. Distance bounding protocols represent a promising countermeasure to hinder relay attacks. Several protocols have been proposed during the last years but vulnerabilities of major or minor relevance have been identified in most of them. In 2008, Kim et al. [1] proposed a new distance bounding protocol with the objective of being the best in terms of security, privacy, tag computational overhead and fault tolerance. In this paper, we analyze this protocol and we present a passive full disclosure attack, which allows an adversary to discover the long-term secret key of the tag. The presented attack is very relevant, since no security objectives are met in Kim et al.'s protocol. Then, design guidelines are introduced with the aim of facilitating protocol designers the stimulating task of designing secure and efficient schemes against relay attacks. Finally a new protocol, named Hitomi and inspired by [1], is designed conforming the guidelines proposed previously.

Li Lu,Muhammad Jawad Hussain,Zhigang Han

DOI: https://doi.org/10.1109/twc.2016.2532858

IF: 10.4

2016-01-01

IEEE Transactions on Wireless Communications

Abstract:We present a physical layer solution to RF distance bounding, which reduces the prover's processing delay virtually to zero by employing the concepts of frequency modulated continuous wave (FMCW) and secondary radars, and equipping it with the capability of cryptographic communication over unintelligent radar signals. To realize, we encode the verifier's challenges in waveform slope of signals while the prover communicates its cryptographic replies in shape of backscatter modulation. For resilience to multipath, the prover introduces analog frequency modulation using the principle of secondary radar. Our protocol is based on pre-commitment distance bounding scheme. Our paper primarily focuses on design intricacies of a realizable system while we briefly present the simulation results. We critically analyze the security of our protocol against attacksmost concerned in distance bounding and thoroughly investigate its robustness under noise and multipath environments. A shortcoming of our design is low range resolution at lower spectral bandwidths, which can be foretoken as system tolerance. We foresee our endeavor to present a viable zero-delay RF distance bounding scheme while minimizing the hardware, energy, and computational overhead for passive and semipassive tokens.

Jianqing Fu,Chunming Wu,XiaoPing Chen,Rong Fan

DOI: https://doi.org/10.1109/iccet.2010.5485559

2010-01-01

Abstract:Nowadays, the use of Radio Frequency Identification (RFID) systems in industry and stores has increased. Nevertheless, some of these systems present problems that may discourage potential users. Hence, high confidence and efficient privacy protocols are urgently needed. Previous studies to achieve privacy authentication can be grouped into tree-based and synchronization approaches. But all of the tree-based designs are not suitable to large scale RFID systems, and most of the synchronization designs have security flaws. So in this paper, we propose a scalable pseudo random RFID private mutual authentication protocol (SPRA) to archive both scalable and security. The analysis results show that SPRA effectively enhances the security protection for RFID private authentication, and has the authentication efficiency of O(1).

Chien-Ming Chen,Shuai-Min Chen,Xinying Zheng,Pei-Yu Chen,Hung-Min Sun

DOI: https://doi.org/10.1155/2014/704623

2014-01-01

The Scientific World JOURNAL

Abstract:RFID technology has become popular in many applications; however, most of the RFID products lack security related functionality due to the hardware limitation of the low-cost RFID tags. In this paper, we propose a lightweight mutual authentication protocol adopting error correction code for RFID. Besides, we also propose an advanced version of our protocol to provide key updating. Based on the secrecy of shared keys, the reader and the tag can establish a mutual authenticity relationship. Further analysis of the protocol showed that it also satisfies integrity, forward secrecy, anonymity, and untraceability. Compared with other lightweight protocols, the proposed protocol provides stronger resistance to tracing attacks, compromising attacks and replay attacks. We also compare our protocol with previous works in terms of performance.

Kai Bu,Junze Bao,Minyu Weng,Jia Liu,Bin Xiao,Xuan Liu,Shigeng Zhang

DOI: https://doi.org/10.1016/j.adhoc.2015.06.006

IF: 4.816

2016-01-01

Ad Hoc Networks

Abstract:Radio-Frequency Identification (RFID) technology has fostered many object monitoring applications. Along with this trend, a corresponding important problem is to verify the intactness of a set of objects using that of their attached tags. Existing solutions necessitate the knowledge of tag identifiers (IDs), sharing the intuition that verifying whether any tag is absent comes after knowing which tags are supposed to be present. Such solutions, however, can hardly live up to the recent vision of anonymous RFID systems that isolate tag IDs from protocols design for privacy concern. In this paper, we take the first leap toward verifying intactness of anonymous RFID systems. We first identify three critical solution requirements—deterministic verification, anonymity preservation, and scalability—for applications tolerating no absence. Without tag IDs as a priori, we propose a series of crypto-free, lightweight protocols that satisfy the requirements. The proposed protocols explore tag-cardinality difference or leverage Direct-Sequence Spread Spectrum enabled RFID. We validate their performance in terms of accuracy, privacy, and scalability through both analytical and simulation results. To cater for applications that tolerate losing some tagged objects, we further explore probabilistic intactness verification to trade tiny accuracy for boosted efficiency.

Jingyi Zhang,Anjia Yang,Qiao Hu,Gerhard Petrus Hancke,Zhe Liu,Gerhard P. Hancke

DOI: https://doi.org/10.1109/tii.2021.3134956

IF: 12.3

2021-01-01

IEEE Transactions on Industrial Informatics

Abstract:Distance-bounding (DB) protocols are used to verify the physical proximity of two devices. DB can be used to establish trusted ad-hoc connections in the industrial Internet-of-Things, e.g., nodes can verify they are deployed in the same location and monitoring the same piece of equipment. Thresholds and error correction codes (ECCs) are two methods to provide error-resilience for DB protocols working in noisy environments. However, the threshold method adds overheads and the ECC method increases the adversary success probability, compared to threshold, when implemented in precommitment DB protocols. In this article, we investigate the ECC method and demonstrate that designers can mitigate increased adversary success probability by using nonsystematic codes. To demonstrate this idea, we compare a prominent precommitment protocol by Brands and Chaum (BC) integrated with different types of ECCs with two existing error-resilience methods, showing how nonsystematic codes provide improved protocol security. Moreover, We further evaluate the BC protocol with nonsystematic ECCs and discuss how to configure protocols to minimize the protocol failure rate, while maintaining adequate attack success probability.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Tao Yang,Lingbo Kong,Wei Xin,Jian-bin Hu,Zhong Chen

DOI: https://doi.org/10.1109/FSKD.2012.6234155

2012-01-01

Abstract:Passive Keyless Entry and Start (PKES) systems are popularly embed in modern cars, which allow users to open and start their cars while having their car keys' in their pockets. They bring convenience to users but are vulnerable to relay attacks. A relay attack to PKES is a widely known attack against the challenge-response technique used in the passive keyless vehicle system, which allows to open and start the car while the true distance between the key and car remained large. The main countermeasure against relay attacks is the use of distance bounding protocols measuring the round-trip time between the car and the key. However, most schemes tend to a more complex design to decrease adversary's success probability. In this paper, we propose a novel distance bounding protocol to resist relay attacks in PKES systems, using only 2n bits of memory, which, to our best knowledge, is equal to Hancke and Kuhn's protocol and less than any existing protocols. In addition, by using our protocol, the key is able to detect adversary's malicious queries. We also make a comparison with typical previous distance bounding protocols in both memory and mafia fraud success probability. © 2012 IEEE.

Rolando Trujillo-Rasua,Benjamin Martin,Gildas Avoine

DOI: https://doi.org/10.48550/arXiv.1405.5704

2014-05-22

Cryptography and Security

Abstract:Contactless technologies such as RFID, NFC, and sensor networks are vulnerable to mafia and distance frauds. Both frauds aim at passing an authentication protocol by cheating on the actual distance between the prover and the verifier. To cope these security issues, distance-bounding protocols have been designed. However, none of the current proposals simultaneously resists to these two frauds without requiring additional memory and computation. The situation is even worse considering that just a few distance-bounding protocols are able to deal with the inherent background noise on the communication channels. This article introduces a noise-resilient distance-bounding protocol that resists to both mafia and distance frauds. The security of the protocol is analyzed with respect to these two frauds in both scenarios, namely noisy and noiseless channels. Analytical expressions for the adversary's success probabilities are provided, and are illustrated by experimental results. The analysis, performed in an already existing framework for fairness reasons, demonstrates the undeniable advantage of the introduced lightweight design over the previous proposals.

Kai Bu,Jia Liu,Bin Xiao,Xuan Liu,Shigeng Zhang

DOI: https://doi.org/10.1109/PADSW.2014.7097801

2014-01-01

Abstract:Radio-Frequency Identification (RFID) technology has fostered many object monitoring systems. Along with this trend, tagged objects' value and privacy become a primary concern. A corresponding important problem is to verify the intactness of a set of tagged objects without leaking tag identifiers (IDs). However, existing solutions necessitate the knowledge of tag IDs. Without tag IDs as a priori, this paper studies intactness verification in anonymous RFID systems. We identify three critical solution requirements, that is, deterministic verification, anonymity preservation, and scalability. We propose Cardiff and Divar, two crypto-free, lightweight protocols that isolate tag IDs from intactness verification and satisfy solution requirements. Cardiff explores tag cardinality as intactness proof while Divar leverages Direct-Sequence Spread Spectrum (DSSS) enabled RFID. Both analytical and simulation results demonstrate that Cardiff and Divar can satisfy the requirements of accuracy, privacy, and scalability.

Longfei Shangguan,Lei Yang,Jinsong Han,Zimu Zhou,Wei Gong,Yiyang Zhao

2014-01-01

Abstract:Counting or estimating the number of tags is crucial for RFID system. Researchers have proposed several fast cardinality estimation schemes to estimate the quantity of a batch of tags within a short time frame. However, existing estimation schemes scarcely consider the privacy issue. Without effective protection, the adversary can utilize the responding signals to estimate the number of tags as accurately as the valid reader. To, address this issue, we propose a novel privacy-preserving estimation scheme, termed as MEAS, which provides an active RF countermeasure against the estimation from invalid readers. MEAS comprises of two components, an Estimation Interference Device (EID) and two well-designed Interference Blanking Estimators (IBE). EID is deployed with the tags to actively generate interfering signals, which introduce sufficiently large estimation errors to invalid or malicious readers. Using a secret interference factor shared with EID, a valid reader can perform accurate estimation via two IBEs. Our theoretical analysis and simulation results show the effectiveness of MEAS. Meanwhile, MEAS can also maintain a high estimation accuracy using IBEs.

J Yang,Kui Ren,Kwangjo Kim

2005-01-01

Abstract:In the near future, radio frequency identiflcation (RFID) technology is expected to play an important role for object identiflcation as a ubiquitous infrastructure. However, low-cost RFID tags are highly resource-constrained and cannot support its long-term security, so they have potential risks and may violate privacy for their bearers. To remove security vulnerabilities, we propose a robust mutual authentication protocol between a tag and a back-end server for low-cost RFID system that guarantees data privacy and location privacy of tag bearers. Difierent from the previous works (4, 14), our protocol flrstly provides reader authentication and prevent active attacks based on the assumption that a reader is no more a trusted third party and the communication channel between the reader and the back-end server is insecure like wireless channel. Also, the proposed protocol exhibits forgery resistant against simple copy, or counterfeiting prevailing RFID tags. As tags only have hash function and exclusive-or operation, our proposed protocol is very feasible for low-cost RFID system compared to the previous works. The formal proof of correctness of the proposed authentication protocol is given based on GNY logic.

Qunying Sun,Hongjian Zhang,Lingfei Mo

DOI: https://doi.org/10.1109/imtc.2010.5488278

2010-01-01

Abstract:Active RFID is a popular technology in online measurement, remote monitoring, wireless tracking, fleet management etc. The communication algorithms widely used are based on a random access algorithm ALOHA, with which the data packets are transmitted in a random delay when collisions happen. However, collisions in ALOHA based algorithms are severe in dense active systems. In this paper, we propose a Master-Salve Dual Readers (MSDR) anti-collision mechanism. Multiple experiments were performed to identify multiple active tags within a reader's interrogation range. Compared with the parallel dual readers (PPDR) mechanism and the single reader mechanism, the proposed MSDR reduces the rate of packets loss significantly.

Zhao Wang,Xuesong Zhang,Zhong Chen

DOI: https://doi.org/10.1109/iccis.2012.215

2012-01-01

Abstract:Radio frequency identification (RFID) technology is a non-contact automatic identification technology. The basic principle of RFID is coupled with radio frequency signal and the spatial transmission characteristics. From object recognition to achieve automatic recognition, RFID has the advantages of being effective, diversity, high capacity, low cost, anti-pollution, penetrating and so on. However, current RFID authentication protocols cannot defend against DoS attack. This paper proposes Rapdos, a novel mutual authentication protocol, which is based on the use of symmetric encryption and dynamic update key to prevent the DoS attack. The experiment has validated that Rapdos has provided good security for RFID system, and can defeat location privacy attack, relay attack, eavesdropping attack, denial-of-service attack, and solve problems of RFID security privacy.

Han Ding,Jinsong Han,Yanyong Zhang,Fu Xiao,Wei Xi,Ge Wang,Zhiping Jiang

DOI: https://doi.org/10.1109/infocom.2018.8486424

2018-01-01

Abstract:As the Ultra High Frequency (UHF) passive Radio Frequency IDentification (RFID) technology becomes increasingly deployed, it faces an array of new security attacks. In this paper, we consider a type of attack in which a malicious RFID reader could arbitrarily modify the tags via standard commands, e.g., IDs or other data in the memory. To deal with this type of attack, we propose a physical-layer RF signal based reader authentication solution, namely Arbitrator, that involves passively listening on RF channels, analyzing the communication signals, identifying unauthorized readers and jamming the commands from such readers. Our solution does not need to modify RFID devices or the underlying communication standards, hence fully compatible with the existing RFID infrastructure. In this study, we have implemented a prototype Arbitrator over the Universal Software Radio Peripheral (USRP) platform, and conducted extensive experiments to evaluate its performance. Our results show that Arbitrator can detect unauthorized RFID readers with high accuracy, and thus effectively diminish the unauthorized access attacks.

Kai Bu,Xuan Liu,Bin Xiao

DOI: https://doi.org/10.1016/j.adhoc.2013.08.011

IF: 4.816

2014-01-01

Ad Hoc Networks

Abstract:Tag cloning attacks threaten a variety of Radio Frequency Identification (RFID) applications but are hard to prevent. To secure RFID applications that confine tagged objects in the same RFID system, this paper studies the cloned-tag identification problem. Although limited existing work has shed some light on the problem, designing fast cloned-tag identification protocols for applications in large-scale RFID systems is yet not thoroughly investigated. To this end, we propose leveraging broadcast and collisions to identify cloned tags. This approach relieves us from resorting to complex cryptography techniques and time-consuming transmission of tag IDs. Based on this approach, we derive a time lower bound on cloned-tag identification and propose a suite of time-efficient protocols toward approaching the time lower bound. The execution time of our protocol is only 1.4 times the value of the time lower bound, being over 91% less than that of the existing protocol. Even better, we further dig up an adaptive protocol that can yield higher time efficiency under some scenarios. The proposed protocols may benefit also RFID applications that distribute tagged objects across multiple places.

Fei Wang,Bin Xiao,Kai Bu,Jinshu Su

DOI: https://doi.org/10.1109/icc.2013.6654842

2013-01-01

Abstract:Blocker tags are initially introduced to protect regular tags in certain ID ranges, called blocking ranges, from unwanted scanning in RFID systems. But if misused, blocker tags can cause blocking attacks that corrupt the communication between interfered regular tags and readers. Previous approaches can only detect blocking behavior. However, they cannot distinguish malicious blocking from legitimate blocking that can be perfectly allowed to protect customer's privacy. To solve the problem, we carry out the first attempt in the paper to detect real blocking attacks by identifying malicious blocking ranges from authorized ones in a system. We present two pioneer probe-based protocols that can accurately identify malicious blocking ranges in popular tree-based RFID systems, and get rid of their impact before performing RFID applications. We validate the efficacy of the two protocols through theoretical analysis and simulation experiments. The results show that our protocols can identify blocking ranges very fast even when the blocker tag percentage is very low, for example, dozens of blocker tags among tens of thousands of regular tags. Our protocols deliver also a faster blocker tag detection than previous detection methods; our best protocol reduces detection time by over 90% compared with the state-of-the-art detection method.

Qingsong Yao,Yong Qi,Jinsong Han,Jizhong Zhao,Xiangyang Li,Yunhao Liu

DOI: https://doi.org/10.1109/percom.2009.4912773

2009-01-01

Abstract:Privacy protection is increasingly important during authentications in Radio Frequency Identification (RFID) systems. In order to achieve high-speed authentication in large-scale RFID systems, researchers propose tree-based approaches, in which any pair of tags share a number of key components. Such designs, being efficient, often fail to achieve forward secrecy and resistance to attacks, such as compromising and desynchronization. Indeed, these attacks may still take effect even after a tag successfully finishes the authentication and key-updating procedure. To address the issue, we propose a lightweight RFID private authentication protocol, RWP, based on the random walk concept. RWP also provides the forward security and temporal resistance to the tracking attack. The analysis results show that RWP effectively enhances the security protection for RFID private authentication, and increases the authentication efficiency from O(logN) to O(1).

Li Lu,Jinsong Han,Renyi Xiao,Yunhao Liu

DOI: https://doi.org/10.1109/infcom.2009.5062117

2015-01-01

Abstract:In order to protect privacy, radio frequency identification (RFID) systems employ privacy-preserving authentication (PPA) to allow valid readers to explicitly authenticate their dominated tags without leaking private information. Typically, an RF tag sends an encrypted message to the reader, then the reader searches for the key that can decrypt the cipher to identify the tag. Due to the large-scale deployment of today's RFID systems, the key search scheme for any PPA requires a short response time. Previous designs construct balance-tree based key management structures to accelerate the search speed to 0(logN), where N is the number of tags. Being efficient, such approaches are vulnerable to compromising attacks. By capturing a small number of tags, compromising attackers are able to identify other tags that have not been corrupted. To address this issue, we propose an Anti- Compromising authenticaTION protocol, ACTION, which employs a novel sparse tree architecture, such that the key of every tag is independent from one another. The advantages of this design include: 1) resilience to the compromising attack, 2) reduction of key storage for tags from 0(logN) to 0(1), which is significant for resource critical tag devices, and 3) high search efficiency, which is 0(logN), as good as the best in the previous designs.

Yongming Jin,Wei Xin,Huiping Sun,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-29253-8_27

2012-01-01

Abstract:RFID tags are now pervasive in our everyday life. They raise a lot of security and privacy issues. Many authentication protocols against these problems assume that the tags can contain a secret key that is unknown to the adversary. However, physical attacks can lead to key exposure and full security breaks. On the other hand, many protocols are only described and analyzed. However, we cannot explain why they are designed like that. Compare with the previous protocols, we first propose a universal RFID authentication protocol and show the principle why the protocol is designed. It can be instantiated for various types and achieve different security properties according to the implementation of the functions. Then we introduce a general prototype of delay-based PUF for low-cost RFID systems and propose a new lightweight RFID authentication protocol based on the general prototype of PUF. The new protocol not only resists the physical attacks and secret key leakage, but also prevents the asynchronization between the reader and the tag. It also can resist the replay attack, man-in-the-middle attack etc. Finally, we show that it is efficient and practical for low-cost RFID systems.