Ge Wang,Haofan Cai,Chen Qian,Jinsong Han,Shouqian Shi,Xin Li,Han Ding,Wei Xi,Jizhong Zhao

DOI: https://doi.org/10.1145/3241539.3241541

2020-01-01

IEEE/ACM Transactions on Networking

Abstract:We provide the first solution to an important question, "how a physical-layer authentication method can defend against signal replay attacks''. It was believed that if an attacker can replay the exact same reply signal of a legitimate authentication object (such as an RFID tag), any physical-layer authentication method will fail. This paper presents Hu-Fu, the first physical layer RFID authentication protocol that is resilient to the major attacks including tag counterfeiting, signal replay, signal compensation, and brute-force feature reply. Hu-Fu is built on two fundamental ideas, namely inductive coupling of two tags and signal randomization. Hu-Fu does not require any hardware or protocol modification on COTS passive tags and can be implemented with COTS devices. We implement a prototype of Hu-Fu and demonstrate that it is accurate and robust to device diversity and environmental changes, including locations, distance, and temperature. Hu-Fu provides a new direction of battery-free/low-power device authentication that enables numerous IoT applications.

Ge Wang,Chen Qian,Haofan Cai,Jinsong Han,Han Ding,Jizhong Zhao

DOI: https://doi.org/10.1145/3127882.3127887

2017-01-01

Abstract:On battery-free IoT devices such as passive RFID tags, it is extremely difficult, if not impossible, to run cryptographic algorithms. Hence physical-layer identification methods are proposed to validate the authenticity of passive tags. However no existing physical-layer authentication method of RFID tags that can defend against the signal replay attack. This paper presents Hu-Fu, a new direction and the first solution of physical layer authentication that is resilient to the signal replay attack, based on the fact of inductive coupling of two adjacent tags. We present the theoretical model and system workflow. Experiments based on our implementation using commodity devices show that Hu-Fu is effective for physical-layer authentication.

Xiaoyu Ji,Chaohao Li,Xinyan Zhou,Juchuan Zhang,Yanmiao Zhang,Wenyuan Xu

DOI: https://doi.org/10.1145/3399432

2020-01-01

ACM Transactions on Internet of Things

Abstract:Nowadays, most Internet of Things devices in smart homes rely on radio frequency channels for communication, making them exposed to various attacks such as spoofing and eavesdropping attacks. Existing methods using encryption keys may be inapplicable on these resource-constrained devices that cannot afford the computationally expensive encryption operations. Thus, in this article, we design a key-free communication method for such devices in a smart home. In particular, we introduce the Home-limited Channel (HLC) that can be accessed only within a house yet inaccessible for outside-house attackers. Utilizing HLCs, we propose HlcAuth, a challenge-response mechanism to authenticate the communications between smart devices without keys. The advantages of HlcAuth are low cost, lightweight as well as key-free, and requiring no human intervention. According to the security analysis, HlcAuth can defeat replay attacks, message-forgery attacks, and man-in-the-middle (MiTM) attacks, among others. We further evaluate HlcAuth in four different physical scenarios, and results show that HlcAuth achieves 100% true positive rate (TPR) within 4.2m for in-house devices while 0% false positive rate (FPR) for outside attackers, i.e., guaranteeing a high-level usability and security for in-house communications. Finally, we implement HlcAuth in both single-room and multi-room scenarios.

Hanguang Luo,Tao Zou,Chunming Wu,Dan Li,Shunbin Li,Chu

DOI: https://doi.org/10.32604/cmc.2022.027118

2022-01-01

Abstract:In the emerging Industrial Internet of Things (IIoT), authentication problems have become an urgent issue for massive resource-constrained devices because traditional costly security mechanisms are not suitable for them. The security protocol designed for resource-constrained systems should not only be secure but also efficient in terms of usage of energy, storage, and processing. Although recently many lightweight schemes have been proposed, to the best of our knowledge, they are unable to address the problem of privacy preservation with the resistance of Denial of Service (DoS) attacks in a practical way. In this paper, we propose a lightweight authentication protocol based on the Physically Unclonable Function (PUF) to overcome the limitations of existing schemes. The protocol provides an ingenious authentication and synchronization mechanism to solve the contradictions amount forward secrecy, DoS attacks, and resource-constrained. The performance analysis and comparison show that the proposed scheme can better improve the authentication security and efficiency for resource-constrained systems in IIoT.

He Xu,Xianzhen Yin,Feng Zhu,Peng Li

DOI: https://doi.org/10.1109/jsen.2021.3077575

IF: 4.3

2021-08-01

IEEE Sensors Journal

Abstract:Currently, Radio Frequency Identification (RFID) is one of the key technologies to realize the Internet of Things (IoT), which is widely used in our daily life. However, there are some security threats such as impersonation attack, replay attack in existed RFID systems. In addition, most physical-layer authentication methods for RFID systems are mainly to authenticate tags without authenticating the user. In this paper, we present the design and implementation of Au-Hota, a system that can authenticate the tag and the user simultaneously, and can resist replaying attack and impersonation attack that cannot be solved by most physical-layer methods. Our idea is to assign a unique identifier to the user based on the inductive coupling between two adjacent tags. When the user draws the identity identifier on the tag, different identity identifiers correspond to unique phase features so that simultaneous authentication of the tag and the user can be achieved under the premise of ensuring security. The system is fully compatible with Ultra High Frequency (UHF) RFID systems without any modification. We implement a prototype of the system and conduct extensive experiments to evaluate performance. Our results demonstrate that the system has good authentication performance.

engineering, electrical & electronic,instruments & instrumentation,physics, applied

Shiqi Wang,Linsen Li,Gaosheng Chen,Tao Chen,Zeming Wang

DOI: https://doi.org/10.1109/IACS.2017.7921977

2017-01-01

Abstract:As the RFID based Internet of Things (loT) gets worldwide attention, to prepare for the rapidly increasing applications in daily life, various security protocols are proposed. But, these protocols, most of which are limited by the tag processing capacity and dangerous exposure during transmission, could only be applied in certain fields. Previously, Chen and Deng's mutual authentication and privacy protection protocol which conforming EPC Class 1 Generation 2 Standards stands out for low cost as well as little requirements of the tag processing capacity. However, currently reported by others, this system faces up with severe dangers of tracking or cloning tags via impersonating attacks. After scrutiny, we found out that these vulnerabilities lie in the insufficient protections of random numbers, and we reconstruct the request and response based on the original protocol by making message unrepeatable, key elements secret and adding small storage for comparisons. The security of our protocol, proved by Ban logic analysis, is ensured by double protections — secret key pairs and dynamic random numbers. Our comparisons show that our protocol not only is safe under traditional attacks guaranteed by the original protocol but also overcomes impersonating attacks which represents the inherent weakness of information exposure in public.

Weiye Xu,Jianwei Liu,Shimin Zhang,Yuanqing Zheng,Feng Lin,Fu Xiao,Jinsong Han

DOI: https://doi.org/10.1109/infocom42981.2021.9488737

IF: 6.075

2024-01-01

IEEE Transactions on Mobile Computing

Abstract:Current facial authentication (FA) systems are mostly based on the images of human faces, thus suffering from privacy leakage and spoofing attacks. Mainstream systems utilize facial geometry features for spoofing mitigation. which are still easy to deceive with the feature manipulation, e.g., 3D-printed human faces. In this paper, we propose a novel privacy-preserving anti-spoofing FA system, named RFace, which extracts both the 3D geometry and inner biomaterial features of faces using a COTS RFID tag array. These features are difficult to obtain and forge, hence are resistant to spoofing attacks. RFace only requires users to pose their faces in front of a tag array for a few seconds, without leaking their visual facial information. We build a theoretical model to rigorously prove the feasibility of feature acquisition and the correlation between the facial features and RF signals. For practicality, we design an effective algorithm to mitigate the impact of unstable distance and angle deflection from the face to the array. Extensive experiments with 30 participants and three types of spoofing attacks show that RFace achieves an average authentication success rate of over 95.7% and an EER of 4.4%. More importantly, no spoofing attack succeeds in deceiving RFace in the experiments.

Ang Li,Jiawei Li,Yan Zhang,Dianqi Han,Tao Li,Yanchao Zhang

DOI: https://doi.org/10.1109/twc.2022.3226753

IF: 10.4

2022-01-01

IEEE Transactions on Wireless Communications

Abstract:Commodity ultra-high-frequency (UHF) RFID authentication systems only provide weak user authentication, as RFID tags can be easily stolen, lost, or cloned by attackers. This paper presents the design and evaluation of SmartRFID, a novel UHF RFID authentication system to promote commodity crypto-less UHF RFID tags for security-sensitive applications. SmartRFID explores extremely popular smart devices and requires a legitimate user to enroll his smart device along with his RFID tag. Besides authenticating the RFID tag as usual, SmartRFID verifies whether the user simultaneously possesses the associated smart device with both feature-based machine learning and deep learning techniques. The user is considered authentic if and only if passing the dual verifications. Comprehensive user experiments on commodity smartwatches and RFID devices confirmed the high security and usability of SmartRFID. In particular, SmartRFID achieves a true acceptance rate of above 97.5% and a false acceptance rate of less than 0.7% based on deep learning. In addition, SmartRFID can achieve an average authentication latency of less than 2.21 s, which is comparable to inputting a PIN on a door keypad or smartphone.

telecommunications,engineering, electrical & electronic

Zhao Wang,Xuesong Zhang,Zhong Chen

DOI: https://doi.org/10.1109/iccis.2012.215

2012-01-01

Abstract:Radio frequency identification (RFID) technology is a non-contact automatic identification technology. The basic principle of RFID is coupled with radio frequency signal and the spatial transmission characteristics. From object recognition to achieve automatic recognition, RFID has the advantages of being effective, diversity, high capacity, low cost, anti-pollution, penetrating and so on. However, current RFID authentication protocols cannot defend against DoS attack. This paper proposes Rapdos, a novel mutual authentication protocol, which is based on the use of symmetric encryption and dynamic update key to prevent the DoS attack. The experiment has validated that Rapdos has provided good security for RFID system, and can defeat location privacy attack, relay attack, eavesdropping attack, denial-of-service attack, and solve problems of RFID security privacy.

Yongming Jin,Wei Xin,Huiping Sun,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-29253-8_27

2012-01-01

Abstract:RFID tags are now pervasive in our everyday life. They raise a lot of security and privacy issues. Many authentication protocols against these problems assume that the tags can contain a secret key that is unknown to the adversary. However, physical attacks can lead to key exposure and full security breaks. On the other hand, many protocols are only described and analyzed. However, we cannot explain why they are designed like that. Compare with the previous protocols, we first propose a universal RFID authentication protocol and show the principle why the protocol is designed. It can be instantiated for various types and achieve different security properties according to the implementation of the functions. Then we introduce a general prototype of delay-based PUF for low-cost RFID systems and propose a new lightweight RFID authentication protocol based on the general prototype of PUF. The new protocol not only resists the physical attacks and secret key leakage, but also prevents the asynchronization between the reader and the tag. It also can resist the replay attack, man-in-the-middle attack etc. Finally, we show that it is efficient and practical for low-cost RFID systems.

Han Ding,Jinsong Han,Yanyong Zhang,Fu Xiao,Wei Xi,Ge Wang,Zhiping Jiang

DOI: https://doi.org/10.1109/infocom.2018.8486424

2018-01-01

Abstract:As the Ultra High Frequency (UHF) passive Radio Frequency IDentification (RFID) technology becomes increasingly deployed, it faces an array of new security attacks. In this paper, we consider a type of attack in which a malicious RFID reader could arbitrarily modify the tags via standard commands, e.g., IDs or other data in the memory. To deal with this type of attack, we propose a physical-layer RF signal based reader authentication solution, namely Arbitrator, that involves passively listening on RF channels, analyzing the communication signals, identifying unauthorized readers and jamming the commands from such readers. Our solution does not need to modify RFID devices or the underlying communication standards, hence fully compatible with the existing RFID infrastructure. In this study, we have implemented a prototype Arbitrator over the Universal Software Radio Peripheral (USRP) platform, and conducted extensive experiments to evaluate its performance. Our results show that Arbitrator can detect unauthorized RFID readers with high accuracy, and thus effectively diminish the unauthorized access attacks.

Qirui Ren,Xiangqu Fu,Hao Wu,Kaiqi Yang,Dengyun Lei,Guozhong Xing,Feng Zhang

DOI: https://doi.org/10.3390/mi12121560

IF: 3.4

2021-12-15

Micromachines

Abstract:Radio frequency identification technology (RFID) has empowered a wide variety of automation industries. Aiming at the current light-weight RFID encryption scheme with limited information protection methods, combined with the physical unclonable function (PUF) composed of resistive random access memory (RRAM), a new type of high-efficiency reconfigurable strong PUF circuit structure is proposed in this paper. Experimental results show that the proposed PUF shows an almost ideal value (50%) of inter-chip hamming distance (HD) (μ/σ = 0.5001/0.0340) among 1000 PUF keys, and intra-chip HD results are very close to the ideal value (0). The bit error rate (BER) is as low as 3.8×10−6 across one million challenges. Based on the RRAM PUF, we propose and implement a light weight RFID authentication protocol. By virtue of RRAM’s model ability, the protocol replaces the One-way Hash Function with a response chain mutual encryption algorithm. The results of test and analysis show that the protocol can effectively resist multiple threats such as physical attacks, replay attacks, tracking attacks and asynchronous attacks, and has good stability. At the same time, based on RRAM’s unique resistance variability, PUF also has the advantage of being reconfigurable, providing good security for RFID tags.

chemistry, analytical,nanoscience & nanotechnology,instruments & instrumentation,physics, applied

Wei Liang,Songyou Xie,Dafang Zhang,Xiong Li,Kuan-ching Li

DOI: https://doi.org/10.1145/3426968

IF: 5.3

2021-01-01

ACM Transactions on Internet Technology

Abstract:The Industrial Internet of Things ( IIoT ) is designed to refine and optimize the process controls, thereby leveraging improvements in economic benefits, such as efficiency and productivity. However, the Radio Frequency Identification ( RFID ) technology in an IIoT environment has problems such as low security and high cost. To overcome such issues, a mutual authentication scheme that is suitable for RFID systems, wherein techniques in Deep Learning ( DL ) are incorporated onto the Arbiter Physical Unclonable Function ( APUF ) for the secured access authentication of the IC circuits on the IoT, is proposed. The design applies the APUF-MPUF mutual authentication structure obtained by DL to generate essential real-time authentication information, thereby taking advantage of the feature that the tag in the PUF circuit structure does not need to store any essential information and resolving the problem of key storage. The proposed scheme also uses a bitwise comparison method, which hides the PUF response information and effectively reduces the resource overhead of the system during the verification process, to verify the correctness of the two strings. Security analysis demonstrates that the proposed scheme has high robustness and security against different conventional attack methods, and the storage and communication costs are 95.7% and 42.0% lower than the existing schemes, respectively.

W Liang,S Xie,X Li,J Long,Y Xie,KC Li

DOI: https://doi.org/10.1007/978-981-10-7398-4_36

2017-01-01

Abstract:The widespread use of radio frequency identification (RFID) in IoTs makes authentication of RFID systems be widely concerned. In existing encryption schemes (e.g., Hash function) in electronic products, secure chip is hard to be used in high performance RFID system due to high computation complexity and cost. In this work, we consider problems in these performances and propose a PUF-GIMAP protocol by combining GIMAP protocol and physically unclonable functions (PUFs). The response of PUF is added into protocol. The mutual authentication between label and reader is realized by transmitting information such as secret key and dynamical pseudonym, which greatly ensures data security in transmission. After authentication, the reserved data is updated in time. The protocol analysis shows that the proposed scheme has the advantages of high security and high reliability.

Yongming Jin,Huiping Sun,Wei Xin,Song Luo,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-25243-3_6

2011-01-01

Abstract:The wide deployment of RFID systems has raised many concerns about the security and privacy. Many RFID authentication protocols are proposed for these low-cost RFID tags. However, most of existing RFID authentication protocols suffer from some feasible problems. In this paper, we first discuss the feasible problems that exist in some RFID authentication protocols. Then we propose a lightweight RFID mutual authentication protocol against these feasible problems. To the best of our knowledge, it is the first scalable RFID authentication protocol that based on the SQUASH scheme. The new protocol is lightweight and can provide the forward security. In every authentication session, the tag produces the random number and the response is fresh. It also prevents the asynchronization between the reader and the tag. Additionally, the new protocol is secure against such attacks as replay attack, denial of service attack, man-in-the-middle attack and so on. We also show that it requires less cost of computation and storage than other similar protocols.

Chaohao Li,Xiaoyu Ji,Xinyan Zhou,Juchuan Zhang,Jing Tian,Yanmiao Zhang,Wenyuan Xu

DOI: https://doi.org/10.1145/3196494.3196499

2018-01-01

Abstract:Nowadays most IoT devices in smart homes rely on radio frequency channels for communication, making them exposed to various attacks. Existing methods using encryption keys may be inapplicable on these resource-constrained devices that cannot afford the computationally expensive encryption operations. Thus, in this paper we design a key-free communication method for such devices. In particular, we introduce the Home-limited Channel (HLC) that can be accessed only within a house yet inaccessible for an outside-house attacker. Utilizing HLCs, we propose a challenge-response mechanism to authenticate the communications inside a house. The advantages of the HlcAuth protocol are low cost, lightweight as well as key-free, and requiring no human intervention. We show that HlcAuth can defeat replay attacks, message-forgery attacks, and man-in-the-middle (MiTM) attacks, among others. HlcAuth achieves 100% true positive rate (TPR) within 4.2m for in-house devices while 0% false positive rate (FPR) for outside attackers.

Weiye Xu,Jianwei Liu,Shimin Zhang,Yuanqing Zheng,Feng Lin,Fu Xiao,Jinsong Han

DOI: https://doi.org/10.1109/tmc.2023.3289708

IF: 6.075

2023-01-01

IEEE Transactions on Mobile Computing

Abstract:Current facial authentication (FA) systems are mostly based on the images of human faces, thus suffering from privacy leakage and spoofing attacks. Mainstream systems utilize facial geometry features for spoofing mitigation, but they are still vulnerable to feature manipulation, e.g., 3D-printed human faces. In this paper, we propose a novel privacy-preserving anti-spoofing FA system, named RFace, which extracts both the 3D geometry and inner biomaterial features of faces using a COTS RFID tag array. These features are difficult to obtain and forge, hence are resistant to spoofing attacks. Unlike images, RF signals are not perceptible to human eyes, so RFace protects user's privacy. We build a theoretical model to rigorously prove the feasibility of feature acquisition and the correlation between facial features and RF signals. To enhance the security of RFace, we specify the tag reading order for each authentication to defend against the signal replay attack. For practicality, we design an effective algorithm to mitigate the impact of unstable distance and angle deflection from the face to the array. Extensive experiments with 30 participants and three types of spoofing attacks show that RFace achieves an average authentication success rate of over 95.7$\%$ and an EER of 4.4$\%$. More importantly, no replay attack or spoofing attack succeeds in deceiving RFace in the experiments.

computer science, information systems,telecommunications

Chengchen Zhu,Kunling Li,Jianan Hong,Cunqing Hua,Futai Zou

DOI: https://doi.org/10.1109/icc51166.2024.10622361

2024-01-01

Abstract:The technology development of wireless communication has brought about the rapid growth of various wireless devices, but also brings in many security threats. This paper focuses on the security and privacy problems in wireless authentication and proposes a novel authentication scheme based on the design of reusable fuzzy extractor (RFE) for device's radio frequency (RF) fingerprinting. Firstly, unlike the traditional authentication protocol, our scheme can accomplish the mutual authentication without the storage of long-term secret key, thus tackles with the key-compromise threats. Furthermore, although the scheme authenticates devices based on their RF fingerprint, it does not store RF fingerprinting information explicitly to safeguard it from eavesdroppers who may use it to impersonate the identity of valid users. Finally, our designed protocol relies on the correspondent peer to measure the fingerprint, rather than the device itself, thus is more secure against various adversaries. The security analysis shows the resiliency against theft of secret keys, wireless channel attacks and privacy disclosure. And the performance evaluation demonstrates that the design of RFE for device's RF fingernrinting is efficient in terms of recognition accuracy.

Zhiqing Luo,Wei Wang,Qianyi Huang,Tao Jiang,Qian Zhang

DOI: https://doi.org/10.1109/tmc.2021.3084754

IF: 6.075

2021-01-01

IEEE Transactions on Mobile Computing

Abstract:The low-power radio technologies open up many opportunities to facilitate Internet-of-Things (IoT) into our daily life, while their minimalist design also makes IoT devices vulnerable to many active attacks. Recent advances use an antenna array to extract fine-grained physical-layer signatures to identify the attackers, which adds burdens in terms of energy and hardware cost to IoT devices. In this paper, we present ShieldScatter, a lightweight system that attaches low-cost tags to single-antenna devices to shield the system from active attacks. The key insight of ShieldScatter is to intentionally create multi-path propagation signatures with the careful deployment of tags. These signatures can be used to construct a sensitive profile to identify the location of the signals' arrival, and thus detect the threat. In addition, we also design a tag-random scheme and a multiple receivers combination approach to detect a powerful attacker who has the strong priori knowledge of the legitimate user. We prototype ShieldScatter with USRPs and tags to evaluate our system in various environments. The results show that even when the powerful attacker is close to the legitimate device, ShieldScatter can mitigate 95 percent of attack attempts while triggering false alarms on just 7 percent of legitimate traffic.

computer science, information systems,telecommunications

Baibhab Chatterjee,Debayan Das,Shovan Maity,Shreyas Sen

DOI: https://doi.org/10.1109/jiot.2018.2849324

IF: 10.6

2019-02-01

IEEE Internet of Things Journal

Abstract:Traditional authentication in radio-frequency (RF) systems enable secure data communication within a network through techniques such as digital signatures and hash-based message authentication codes (HMAC), which suffer from key-recovery attacks. State-of-the-art Internet of Things networks such as Nest also use open authentication (OAuth 2.0) protocols that are vulnerable to cross-site-recovery forgery (CSRF), which shows that these techniques may not prevent an adversary from copying or modeling the secret IDs or encryption keys using invasive, side channel, learning or software attacks. Physical unclonable functions (PUFs), on the other hand, can exploit manufacturing process variations to uniquely identify silicon chips which makes a PUF-based system extremely robust and secure at low cost, as it is practically impossible to replicate the same silicon characteristics across dies. Taking inspiration from human communication, which utilizes inherent variations in the voice signatures to identify a certain speaker, we present RF-PUF: a deep neural network-based framework that allows real-time authentication of wireless nodes, using the effects of inherent process variation on RF properties of the wireless transmitters (Tx), detected through in-situ machine learning at the receiver (Rx) end. The proposed method utilizes the already-existing asymmetric RF communication framework and does not require any additional circuitry for PUF generation or feature extraction. The burden of device identification is completely shifted to the gateway Rx, similar to the operation of a human listener’s brain. Simulation results involving the process variations in a standard 65-nm technology node, and features such as local oscillator offset and ${I}$ – ${Q}$ imbalance detected with a neural network having 50 neurons in the hidden layer indicate that the framework can distinguish up to 4800 Tx(s) with an accuracy of 99.9% [≈99% for 10000 Tx(s)] under varying channel conditions, and without the need for traditional preambles. The proposed scheme can be used as a stand-alone security feature, or as a part of traditional multifactor authentication.

computer science, information systems,telecommunications,engineering, electrical & electronic