08-16-2017, 09:08 PM
[attachment=14706]
Abstract
EPCglobal Class-1 Generation-2 specification (Gen2 in brief) has been approved as ISO18000-6C for global use, but the
identity of tag (TID) is transmitted in plaintext which makes the tag traceable and clonable. Several solutions have been proposed
based on traditional encryption methods, such as symmetric or asymmetric ciphers, but they are not suitable for low-cost RFID tags.
Recently, some lightweight authentication protocols conforming to Gen2 have been proposed. However, the message flow of these
protocols is different from Gen2. Existing readers may fail to read new tags. In this paper, we propose a novel authentication protocol
based on Gen2, called Gen2 , for low-cost RFID tags. Our protocol follows every message flow in Gen2 to provide backward
compatibility. Gen2 is a multiple round protocol using shared pseudonyms and Cyclic Redundancy Check (CRC) to achieve readerto-
tag authentication. Conversely, Gen2 uses the memory read command defined in Gen2 to achieve tag-to-reader authentication.
We show that Gen2 is more secure under tracing and cloning attacks.
Index Terms Protocol design and analysis, security, privacy.
1 INTRODUCTION
RADIO Frequency Identification (RFID) tags for the
function of next-generation electronic product code
(EPC) will become one of the most widely used devices
in the near future [1]. An RFID application contains three
basic roles:
1. tag,
2. reader, and
3. back-end database.
Each tag contains a unique identification, often called
the tag identification (TID). The reader is used to query the
tag s TID and forward it to the back-end database. Once the
tag is found valid, the back-end database will look up its
product information for further processing. RFID tags are
classified into three types: active, semipassive, and passive.
Active tags contain batteries so that they can actively
communicate with the reader. Semipassive tags also contain
batteries but they wait for the reader s query. As for passive
tags, the power comes from the reader. The class of a tag
represents the effective reading range. The reading range of
a class-0 tag is 5-10 cm, and that of a class-1 tag is up to
several meters.
EPCglobal class-1 generation-2 (Gen2 in brief) [2] was
approved as ISO18000-6C in July 2006. It is widely believed
that Gen2 tags will be the mainstream when developing
RFID applications because the effective reading range is
larger. However, the Gen2 specification has the vulnerability
that the TID is transmitted without any guard. Thus,
in this paper, we focus on the protection of class-1 passive
tags from being accessed by malicious readers.
1.1 Security Threats
Previous studies [1], [3], [4], [5], [6], [7] addressed several
threats to RFID applications:
. Eavesdropping: An adversary listens to all the communications
through Radio Frequency (RF) and
dumps them for later cracking.
. Hotlisting: This attack, similar to eavesdropping,
focuses on matching specific values with his chosen
keywords to understand one s personal interests,
like his favorite books or his reading behavior.
. Replay attack: An attacker repeats the same messages
logged from eavesdropping to spoof a reader or tag.
. Cloning: Since RFID tags are usually placed in open
environments such as hospitals, schools, and offices,
they may be exposed under all kinds of malicious
tools. An adversary can read the tag and then clone
the tag by writing all the obtained data into a
blank tag.
. Tag tracing: Readers and tags have different abilities
of sending data. Attackers can either identify the
same tag from passively logged messages or interact
actively with the tag to understand its location.
. Invading privacy: Customers may not want eavesdroppers
to know what items they have bought from
the store, which may indicate their interests.
. Data forging: Once RFID technology becomes the
mainstream of retailing, a tag may store extra data
such as date, price, and the place of production for
convenience. However, this also attracts attackers to
modify the price and cause great loss.
. Denial of service: It is an effective attack against some
RFID systems, which utilize locking or killing
approach as their protection. Even though this is
the weakest test when designing secure protocols,