rfid security and privacy a strongresearchstrong survey.pptVIP

Privacy (Cont 4) Distance Measurement Distance as a measure of trust A tag might release general information “I’m attached to a bottle of water” when scanned at a distance, but release more specific information, like unique identifier at a close range. Privacy (Cont 5) Blocking Scheme depends on the incorporation of a modifiable bit called a privacy bit It uses a blocking tag which prevents unwanted scanning of tag on a private zone Soft-blocking -On the reader “Do not scan tags whose privacy is on” Trusted Computing Authentication ECP tags Class-1 Gen-2 have no explicit anti-counterfeiting features Yoking: Is a protocol that provides cryptographic proof that 2 tags have been scanned simultaneously to try to solve that the reader actually reads what is trying to scan. Symmetric-Key Tags (capable of computing symmetric key) Cloning With a simple challenge-response protocol a tag T, can authenticate itself to a reader that shares the key Ki The tag transmit Ti The reader generates a random bit string R The tag computes H=h(Ki,R) and transmits H The reader verifies H =h(Ki,R) Digital Signature Transponders ( created by Texas Instrument and used by Speedpass) Based on the secrecy of the algorithm “Security through obscurity” was crack by student at Johns Hopkins Reverse-Engineering Key cracking Simulation Reverse - Engineering and side channels Relay Attacks Man-in-the-middle attacks can bypass any cryptographic protocol Privacy Symmetric-Key Management Problem Leads to a paradox A tag identifies itself before authenticating the readers The tag emits it identifier Ti So the reader can learn the identity of the tag Privacy unachievable Tag emits where P is a input value Once receiving E, the reader searches all the spaces of tags keys, trying to decrypt E under every key K until its obtains P (The reader has all the tag’s key on it) Privacy Literature Tree approach Proposed approach where a tag contains more than one symmet