Authentication and lightweight cryptography in low cost RFID
2010 (English)In: 2nd International Conference on Software Technology and Engineering (ICSTE), Piscataway, NJ: IEEE Communications Society, 2010, Vol. 2, 123-129 p.Conference paper (Refereed)
Technology-driven transactions, or e-commerce, should not involve a tradeoff in which consumers relinquish widening amounts of their privacy in return for greater convenience. Businesses that put customers in control of their online privacy options increase consumer faith in the online world - and promote greater acceptance of e-commerce. Ultimately, though, the issue comes down to consumer empowerment and trust. "Companies rolling out RFID must have a clear and rigidly enforced policy on the deactivation of their tracking mechanisms, as having a cost-effective supply chain will be pretty meaningless if nobody trusts you enough to buy from you," states Martin Butler. RFID is rapidly pushed to the existing markets with diversified applications, such as automatic tariffs payment in public transport, animal identification and tracking, and automated manufacturing and logistics control. Unprotected communications between tags and readers over a wireless channel can disclose information about the tags and their positions. Due to the potential wide deployment of Radio Frequency Identification (RFID), the security of RFID systems has drawn extensive attention from both academia and industry, and the RFID authentication protocol is an important mechanism in the security of RFID systems. The desired security requirements of RFID authentication protocols include privacy, integrity, authentication, anonymity/untraceability, and even availability. To design an efficient protocol that satisfies all the requirements with limited resources is a challenge According to Benoit Calmels et.al - 2006 -Strong cryptography mechanisms need high computing resources which is not possible to be embedded into RFID tags. The approach would be an implementation of some low -cost but secure cryptographic functions in the tag. It would bring a high level of privacy where there is no need for any substantial change in the synopsis of communication between the tag and the reader. On - - the other hand, the tag broadcasts the same data to any reader, with dependency on given authorization, could read and process all or part of the said data. The major challenge faced when trying to provide security for low-cost radio frequency identification (RFID) tags in their very limited resources- for example, tag memory will be restricted to several hundred bits, and approximately 250-4000 logic gates out of the total tag space can be devoted to security- related tasks. So readers should bear in mind that these constrained devices are unable to support on-chip standard cryptographic primitives. During this research with an exploratory purpose some different protocols around authentication and cryptography in low cost RFID would be investigated and compared as the output and result with a qualitative approach. This strategy makes the opportunity to discover similarities and differences among protocols and solutions. So that specialists or executives who are looking for a proper protocol or scheme correspondent to their needs or priorities, could choose one or two among others, in other words when investigating the varied types of attacks against schemes, the administrator or the customer of the technology (technology buyer) could set up a comparison to find the suitable protocol according to his /her criterions or priorities like the value of data that is going to be transmitted by RFID transceivers in the air field or wireless media, or the probable attacks could happen according to situation of located RFID devices. For example, if the administrator or executive knows that the position or location that his/her RFID devices located are vulnerable to DOS attack would not choose RHLK or LCAP as the appropriate protocol, or if he/she assumes that spoofing or replay attack is more probable than other attacks then would not choose Li et al. or SRAC schemes for his/ her RFID transceivers authentication.
Place, publisher, year, edition, pages
Piscataway, NJ: IEEE Communications Society, 2010. Vol. 2, 123-129 p.
Research subject Industrial Marketing
IdentifiersURN: urn:nbn:se:ltu:diva-39986DOI: 10.1109/ICSTE.2010.5608776Local ID: ef1a65d0-f7ff-11df-8b95-000ea68e967bISBN: 978-1-4244-8667-0 (print)OAI: oai:DiVA.org:ltu-39986DiVA: diva2:1013506
International Conference on Software Technology and Engineering : 03/10/2010 - 05/10/2010
Godkänd; 2010; 20101124 (ysko)2016-10-032016-10-03Bibliographically approved