Top

Journal of Electronic Testing

Published in:

17-04-2018

Security Enhancements of a Mutual Authentication Protocol Used in a HF Full-Fledged RFID Tag

Authors: Yassine Naija, Vincent Beroulle, Mohsen Machhout

Published in: Journal of Electronic Testing | Issue 3/2018

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Radio Frequency IDentification (RFID) is used in many applications such as access control, transport, ticketing and contactless payment. The full-fledged High Frequency (HF) tags are the most popular RFID tags for these applications that require relatively high cost security operations. However, these HF tags are threatened by many passive attacks such as eavesdropping, desynchronization and ElectroMagnetic (EM) Side Channel Attacks (SCA). In this article, we propose the implementation and the validation of a full-fledged HF tag architecture using an enhanced mutual authentication protocol. This is achieved using a FPGA platform. Security analysis against Electromagnetic Attack (EMA) and desynchronization attacks on the original protocol are presented. Then enhancements at the protocol level are proposed to overcome these attacks. The implementation of these security enhancements shows a low overhead (+22 LUTs) compared to previous existing security hardware solutions (+598 LUTs).

previous article On-chip Generation of Sine-wave Summing Digital Signals: an Analytic Study Considering Implementation Constraints

next article Golden-Free Processor Hardware Trojan Detection Using Bit Power Consistency Analysis

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

ATZelectronics worldwide

ATZlectronics worldwide is up-to-speed on new trends and developments in automotive electronics on a scientific level with a high depth of information.

Order your 30-days-trial for free and without any commitment.

inform now

ATZelektronik

Die Fachzeitschrift ATZelektronik bietet für Entwickler und Entscheider in der Automobil- und Zulieferindustrie qualitativ hochwertige und fundierte Informationen aus dem gesamten Spektrum der Pkw- und Nutzfahrzeug-Elektronik.

Lassen Sie sich jetzt unverbindlich 2 kostenlose Ausgabe zusenden.

inform now

Brier E, Clavier C, Olivier F (2004) Correlation power analysis with a leakage model. In: Proceeding of Internetional Conference of Cryptographic Hardware and Embedded Systems, CHES04, Lecture Notes in Computer Science, vol. 3156, p. 135–152, Springer

Chien H.-Y. (2006) Secure access control schemes for RFID systems with anonymity. Proc. 2006 Int’l workshop future mobile and ubiquitous information technologies (FMUIT ‘06)

Chien H-Y (2007) SASI: a new ultra lightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Trans Dependable Secure Comput 4(4):337–340CrossRef

Chien H-Y, Chen C-H (2007) Mutual authentication protocol for RFID conforming to EPC class 1 generation 2 standards. Computers Standards & Interfaces 29(2):254–259CrossRef

Chou J-S, Chen Y, Wu C-L, Lin C-F (2011) An efficient RFID mutual authentication scheme based on ECC. IACR Cryptology ePrint Archive 2011:418

Common criteria recognition arrangement for components up to EAL 4 (2011) Certification report BSI-DSZ-CC-0712-2011 for NXP Mifare DESFire EV1 MF3ICD81 from NXP semiconductors Germany GmbH. In: Federal office for information security

Das R, Harrop P, RFID forecasts, players and opportunities 2009–2019, IdTechEx report, 2009

Doiron TJ, Dreon ST Digital radio transceiver with encrypted key storage. United States Patent. Jan 2, 1996

Finkenzeller K (2010) RFID handbook fundamentals and applications in contactless smart cards, radio frequency identification and near-field communication, 2010 third edition

10.

Fritzke AW, Second Lieutenant, USAF, B.S.E.E. Master Thesis: Obfuscating Against Side-Channel Power Analysis Using Hiding Techniques for AES. Air Force Institute of Technology USA. Graduate School of Engineering and Management (AFIT/EN) son Way WPAFB OH 45433–7765. 22/03/2012

11.

Garcia FD, de Koning Gans G, Muijrers R, van Rossum P, Verdult R, Schreur RW, Jacobs B. Dismantling MIFARE Classic. ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer security. Pages 97 – 114. Málaga, Spain — October 06–08, 2008

12.

Garcia FD, de Koning Gans G, Verdult R (2012) Tutorial: proxmark, the swiss army knife for RFID security research. 8th workshop on RFID security and privacy (RFIDSec 2012)

13.

Hutter M, Mangard S, Feldhofer M. Power and EM attacks on passive 13.56MHz RFID Devices. Cryptographic Hardware and Embedded Systems CHES 2007. 9th International Workshop, Vienna, Austria, September 10–13, 2007. Proceedings.

14.

Hutter M, Schmidt J-M, Plos T (2008) RFID and its vulnerability to faults. Cryptographic Hardware and Embedded Systems. CHES

15.

Hutter M, Schmidt J-M, Plos T (August 2009) Contact-based fault injections and power analysis on RFID tags. European Conference on Circuit Theory and Design:23–27

16.

International Standard (1999) ISO/IEC 9798-2: information technology - security techniques - entity authentication. Part 2: mechanisms using symmetric encipherment algorithms. In: Second edition

17.

International standard ISO/IEC 14443. Identification cards, contactless integrated circuit(s) cards, Proximity cards, Part 2: Radio frequency power and signal interface, First edition, 2001-07-01. Part 3: Initialization and anti-collision, First edition, 2001-02-01. Part 4: Transmission protocol, 2007-06-13

18.

Juvekar CS, Lee H-M, Kwong J, Chandrakasan AP. A Keccak-based wireless authentication tag with per-query key update and power-glitch attack countermeasures. 2016 I.E. International Solid-State Circuits Conference (ISSCC)

19.

Kasper T, Oswald D, Paar C (2009) EM side-channel attacks on commercial contactless smart cards using low-cost equipment. In Youm, Heung Youl and Yung, editors. Information security applications: 10th international workshop, WISA 2009, Busan, Korea, August 25–27

20.

Kasper T, von Maurich I, Oswald D, Paar C (2010) Cloning cryptographic RFID cards for 25$. Presented at the 5th Benelux Workshop on Information and System Security, WisSec 2010, November 29–30, 2010, Nijmegen, The Netherlands

21.

Kasper T, Oswald D, Paar C (2011) Side-channel analysis of cryptographic RFIDs with analog demodulation. RFIDSec'11 Proceedings of the 7th international conference on RFID security and privacy. Pages 61-77. Amherst, MA-June 26–28

22.

Lei H, Xin-mei L, Song-he J, Zeng-yu C (2010) A one-way Hash based low-cost authentication protocol with forward security in RFID system

23.

Munilla J, Peinado A (2007) HB-MP: a further step in the HB-family of lightweight authentication protocols. Comput Netw 51:2262–2267. https://doi.org/10.1016/j.comnet.2007.01.011 CrossRefMATH

24.

Naija Y, Beroulle V, Hely D, Machhout M (2016) Implementation of a secured digital ultralight 14443-type A RFID tag with an FPGA platform. 2016 11th International Conference on Design & Technology of Integrated Systems in Nanoscale Era, Istanbul Turkey

25.

Naija Y, Beroulle V, Machhout M (2017) Low cost countermeasure at authentication protocol level against electromagnetic side channel attacks on RFID tags. Int J Adv Comput Sci Appl (IJACSA) 8(11)

26.

Nassar M, Souissi Y, Guilley S, Danger J-L (2012) RSM: a small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs. Design, Automation & Test in Europe Conference & Exhibition (DATE)

27.

NXP Semiconductors. MIFARE classic 1K - mainstream contactless smart card IC for fast and easy solution development. Product data sheet. Rev 3.1. 21 February 2011

28.

Ouafi K, Phan R C.-W. (2008) Traceable privacy of recent provably secure RFID protocols, in: The proceedings of ACNS 2008, LNCS, 5037, Springer-Verlag, pp. 479–489

29.

Peris-Lopez P, Hernandez JC & Estevez-Tapiador JM & Ribagorda A (2006) EMAP: an efficient mutual authentication protocol for low-cost RFID tags”, In Proc. of IS’06, springer-Verlag, vol 4277 of LNCS, pp 352–361

30.

Peris-Lopez P, Hernandez JC, Estevez-Tapiador JM, Arturo R (2009) Advances in ultra lightweight cryptography for low-cost RFID tags: Gossamer protocol. J Inf Sci Eng 25(1):33–57

31.

Pham TA, Hasan MS, Yu H (2012) A RFID mutual authentication protocol based on AES algorithm. UKACC international conference on control 2012. Cardiff, UK, 3–5 September 2012

32.

Texas Instruments (December 2014) MIFARE DESFire EV1 AES authentication with TRF7970A. In: Appli-cation report SLOA213

33.

Toiruul B, Lee KO (2006) An advanced mutual-authentication algorithm using AES for RFID systems. IJCSNS Int J Comput Sci Netw Secur 9B:6

34.

Yang J, Park J, Lee H, Ren K, Kim K (2005) Mutual authentication protocol for low-cost RFID. Proc, Ecrypt Workshop RFID and Lightweight Crypto

35.

Zetter K (2006) Hackers clone E-passports:17.02.11 Available from: http://www.wired.com/science

36.

Zhou YongBin, Feng DengGuo (2005) Side-channel attacks: ten years after its publication and the impacts on cryptographic module security testing. IACR Cryptology ePrint Archive, 2005- csrc.nist.gov.

Title: Security Enhancements of a Mutual Authentication Protocol Used in a HF Full-Fledged RFID Tag
Authors: Yassine Naija
Vincent Beroulle
Mohsen Machhout
Publication date: 17-04-2018
Publisher: Springer US
Published in: Journal of Electronic Testing / Issue 3/2018
Print ISSN: 0923-8174
Electronic ISSN: 1573-0727
DOI: https://doi.org/10.1007/s10836-018-5725-x

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

ATZelectronics worldwide

ATZelektronik

Other articles of this Issue 3/2018

Golden-Free Processor Hardware Trojan Detection Using Bit Power Consistency Analysis

Digital Predistortion for Spectrum Compliance in the Internet of Things

Practical Harmonic Cancellation Techniques for the On-Chip Implementation of Sinusoidal Signal Generators for Mixed-Signal BIST Applications

Measuring Group Delay of Frequency Downconverter Devices Using a Chirped RF Modulated Signal

A Distortion Shaping Technique to Equalize Intermodulation Distortion Performance of Interpolating Arbitrary Waveform Generators in Automated Test Equipment

Editorial