Enhancing RFID tag resistance against cloning attack

In its current form, RFID system are susceptible to a range of malevolent attacks. With the rich business intelligence that RFID infrastructure could possibly carry, security is of paramount importance. In this paper, we formalise various threat models due tag cloning on the RFID system. We also present a simple but efficient and cost effect technique that strengthens the resistance of RFID tags to cloning attacks. Our techniques can even strengthen tags against cloning in environments with untrusted reading devices.

StenoCipher to provide data confidentiality and tampered data recovery for RFID tag

Radio Frequency Identification (RFID) is an emerging wireless object identification technology with many potential applications such as supply chain management, personnel tracking and healthcare. However, security vulnerabilities of the RFID system have been a serious concern for its wide adoption in many applications. Although much work has been done to provide privacy and anonymity, little focus has been given to ensure RFID data confidentiality, integrity and to address the tampered data recovery problem. To this end, we propose a lightweight stenographic-based approach to ensure RFID data confidentiality and integrity as well as the recovery of tampered RFID data.

Secure RFID tag ownership transfer based on quadratic residues

In this paper, we propose a novel approach to secure ownership transfer in RFID systems based on the quadratic residue property. We present two secure ownership transfer schemes-the closed loop and open loop schemes. An important property of our schemes is that ownership transfer is guaranteed to be atomic. Further, both our schemes are suited to the computational constraints of EPC Class-1 Gen-2 passive RFID tags as they only use operations that such passive RFID tags are capable of. We provide a detailed security analysis to show that our schemes achieve strong privacy and satisfy the required security properties of tag anonymity, tag location privacy, forward secrecy, and forward untraceability. We also show that the schemes are resistant to replay (both passive and algebraic), desynchronization, and server impersonation attacks. Performance comparisons demonstrate that our schemes are practical and can be implemented on low-cost passive RFID tags.

Hybrid approach to ensure data confidentiality and tampered data recovery for RFID tag

Radio Frequency Identification (RFID) is an emerging wireless object identification technology with many potential applications such as supply chain management, personnel tracking and healthcare. However, security vulnerabilities of the RFID system have been a serious concern for its wide adoption in many applications. Although there are lots of work to provide privacy and anonymity, little focus has been given to ensure confidentiality and integrity of RFID tag data. To this end, we propose a lightweight hybrid approach based on stenographic and watermarking to ensure data confidentiality, linkability resistance and integrity on the RFID tags data. The proposed technique is capable of tampered data recovering and restoring for RFID tag. It has been validated and tested on EPC class 1 gen2 tags.

RFID tag ownership transfer protocol for a closed loop system

In the RFID system a tag is attached to an object which might own by a number of people during its life cycle. As a result, the RFID system requires to transfer ownership of the tag. The ownership transfer has to protect privacy of current and new owner. There are number of ownership transfer protocol proposed to achieve secure ownership transfer. However, most of them are impractical or insecure to implement on current passive RFID tags. We are presenting an ownership transfer protocol using timer based shared secret for closed loop RFID systems. The protocol will ensure security and privacy of involved parties in the idle circumstances. Our comparison shows that the proposed protocol is more secure and practical than existing similar ones.

Scenarios for an RFID tag ownership transfer protocol for a closed loop system

In RFID system a tag is attached to an object which might own by a number of owners during its life time. This requires the RFID system to transfer ownership of the tag to its new owner. The ownership transfer has to protect privacy of current and new owner. Many ownership tag ownership transfer exists in the literature, however, most of them are impractical or insecure to implement on current passive RFID tags. We are proposing a timer based ownership transfer protocol for closed loop RFID systems. The proposal in this paper includes two implement scenario to cover diverse tags type. The protocol will ensure security and privacy of involved parties in the idle circumstances. Our comparison shows that the proposed protocol is more secure and practical than existing similar ones.

Steno cipher to provide data confidentiality and tampered data recovery for RFID tag

Radio Frequency Identification (RFID) is an emerging wireless object identification technology with many potential applications such as supply chain management, personnel tracking and healthcare. However, security vulnerabilities of the RFID system have been a serious concern for its wide adoption in many applications. Although much work has been done to provide privacy and anonymity, little focus has been given to ensure RFID data confidentiality, integrity and to address the tampered data recovery problem. To this end, we propose a lightweight stenographic-based approach to ensure RFID data confidentiality and integrity as well as the recovery of tampered RFID data. © 2013 Springer-Verlag Berlin Heidelberg.

Enhanced RFID mutual authentication scheme based on shared secret information

RFID is a revolutionary remote technology which has many useful implications. Large scale implementation of RFID is seeking 100% information privacy and untraceability, for users and organizations, which is suitable for low cost RFID tag (Class1). To protect users and organization we are proposing an enhanced RFID mutual authentication scheme. In this protocol we use authentication based on shared unique parameters as a method to protect privacy. This protocol will be capable of handling forward and backward security, rouge reader better than existing protocols. In our new scheme we involved RFID reader’s hardware ID in addition to other shared secret information which uses hash to protect users and industries privacy. Moreover, we used LAMED as our PRNG (Pseudorandom Number Generator) which is faster and take less computational power.

Mutual authentication with malware protection for a RFID system

Radio Frequency Identification (RFID) system is a remote identification technology which is taking the place of barcodes to become electronic tags of an object. However, its radio transmission nature is making it vulnerable in terms of security. Recently, research proposed that an RFID tag can contain malicious code which might spread viruses, worms and other exploits to middleware and back-end systems. This paper is proposing a framework which will provide protection from malware and ensure the data privacy of a tag. The framework will use a sanitization technique with a mutual authentication in the reader level. This will ensure that any malicious code in the tag is identified. If the tag is infected by malicious code it will stop execution of the code in the RFIF system. Here shared unique parameters are used for authentication. It will be capable of protecting an RFID system from denial of service (DOS) attack, forward security and rogue reader better than existing protocols. The framework is introducing a layer concept on a smart reader to reduce coupling between different tasks. Using this framework, the RFID system will be protected from malware and also the privacy of the tag will be ensured.

Smart RFID reader protocol for malware detection

Radio frequency identification (RFID) is a remote identification technique promises to revolutionize the way a specific object use to identify in our industry. However, large scale implementation of RFID sought for protection, against Malware threat, information privacy and un-traceability, for low cost RFID tag. In this paper, we propose a framework to provide privacy for tag data and to provide protection for RFID system from malware. In the proposed framework, malware infected tag is detected by analysing individual component of the RFID tag. It uses sanitization technique for analysing individual component. Here authentication based shared unique parameters is used as a method to protect privacy. This authentication protocol will be capable of handling forward and backward security and identifying rogue reader better than existing protocols. Using this framework, the RFID system will be protected from malware and the privacy of the tag will be ensured as well.

Secure mobile RFID ownership transfer protocol to cover all transfer scenarios

Existing business models require RFID tag to transfer its ownership during its life cycle. As a result, a RFID tags might have many owners during its life cycle. However, the transfer of ownership should ensure that previous owners have no information about current owner's data. Physical ownership does not ensure digital ownership transfer given the wireless nature of communication with RFID tags. Most of the proposed protocol in this nature is implacable to address aU existing RFID tag ownership transfer scenarios. Moreover, they have many security concerns and vulnerabilities. In this paper, we have investigated and discussed all existing business cases and their transfer scenarios. To cover all ownership transfer scenarios, we have presented an ownership transfer protocol. The proposed protocol has used modified DiffieHellman algorithm to perform ownership request validation and authentication of involved parties. Performance comparison shows that our protocol is practical to implement passive low-cost RFID tags, securely performs tag ownership transfer and can be used for all existing ownership transfer scenarios.

Multi-input-multi-output antennas for radio frequency identification systems

In this chapter the authors discuss the physical insight of the role of wireless communication in RFID systems. In this respect, this chapter gives a brief introduction on the wireless communication model followed by various communication schemes. The chapter also discusses various channel impairments and the statistical modeling of fading channels based on the environment in which the RFID tag and reader may be present. The chapter deals with the fact that the signal attenuations can be dealt with up to some level by using multiple antennas at the reader transmitter and receiver to improve the performance. Thus, this chapter discusses the use of transmit diversity at the reader transmitter to transmit multiple copies of the signal. Following the above, the use of receiver combining techniques are discussed, which shows how the multiple copies of the signal arriving at the reader receiver from the tag are combined to reduce the effects of fading. The chapter then discusses various modulation techniques required to modulate the signal before transmitting over the channel. It then presents a few channel estimation algorithms, according to which, by estimating the channel state information of the channel paths through which transmission takes place, performance of the wireless system can be further increased. Finally, the Antenna selection techniques are presented, which further helps in improving the system performance.

A secure tag ownership transfer scheme in a closed loop RFID system

In this paper we propose a novel secure tag ownership transfer scheme for closed loop RFID systems. An important property of our method is that the ownership transfer is guaranteed to be atomic and the scheme is protected against desynchronisation leading to permanent DoS. Further, it is suited to the computational constraints of EPC Class-1 Gen-2 passive RFID tags as they only use the CRC and PRNG functions that passive RFID tags are capable of. We provide a detailed security analysis to show that our scheme satisfies the required security properties of tag anonymity, tag location privacy, forward secrecy, forward untraceability while being resistant to replay, desynchronisation and server impersonation attacks. Performance comparisons show that our scheme is practical and can be implemented on passive low-cost RFID tags.

Secure ownership transfer in multi-tag/multi-owner passive RFID systems

In this paper we propose a secure ownership transfer protocol for a multi-tag and multi-owner RFID environment. Most of the existing work in this area do not comply with the EPC Global Class-1 Gen-2 (C1G2) standard since they use expensive hash operations or sophisticated encryption schemes that cannot be implemented on low-cost passive tags that are highly resource constrained. Our work aims to fill this gap by proposing a protocol based on simple XOR and 128-bit Pseudo Random Number Generators (PRNG), operations that can be easily implemented on low-cost passive RFID tags. The protocol thus achieves EPC C1G2 compliance while meeting the security requirements. Also, our protocol provides additional protection using a blind-factor to prevent tracking attacks.

Security protocols for EPC class-1 Gen-2 RFID multi-tag systems

The objective of the research is to develop security protocols for EPC C1G2 RFID Passive Tags in the areas of ownership transfer and grouping proof.