1 / 18

Technieue for Preventing DoS Attacks on RFID System

Technieue for Preventing DoS Attacks on RFID System. Conference:SoftCOM(2010) Author: Deepak Tagra, Musfiq, Rahman and Srinivas Sampalli Present: 102062595 侯宗佑. Outline. Introduction Security Issues Gossamer Protocol De-synchronization Attack Extension Conclusion. Introduction.

eavan
Download Presentation

Technieue for Preventing DoS Attacks on RFID System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Technieue for Preventing DoS Attacks on RFID System Conference:SoftCOM(2010)Author: Deepak Tagra, Musfiq, Rahman and Srinivas Sampalli Present: 102062595 侯宗佑

  2. Outline • Introduction • Security Issues • Gossamer Protocol • De-synchronization Attack • Extension • Conclusion 1/17

  3. Introduction 2/17

  4. Security Issues • Vulnerable to Evasdropping. • Traffic analysis • Confidential data • Personal privacy • Spoofing • SQL injection • Data integerty • Replay attack • De-synchronization 3/17

  5. Security Issues • Deny of service • Kill command attack • Jamming • De-synchronization attack • Tag data modification • Data encryption and authentication is required. 4/17

  6. Security Issues • Difficulties • No power supply. • Cost must be low. • Limited hardware scale. • Only able to do bitwise operation. • Classic encryption/authentication techniques cannot be implemented. • AES,DES,SHA-1,md5.... • Protocol must be low-cost and light-weighted. 5/17

  7. Gossamer Protocol • UMAP family • Tag anoymity • Data encryption • Mutual authentication • Only bitwise logical operation. • Enhancement of SASI protocol. • Using non-triangular function for encryption. 6/17

  8. Gossamer Protocol • Tag identication Reader Tag Hello IDS 7/17

  9. Gossamer Protocol • Mutual Authentication Reader Tag PRNG: (n1,n2) Keys: (IDS,K1,K2) Keys: (IDS,K1,K2) n3 = MIXBITS(n1,n2) A = f(IDS,K1,K2,n1,Const) B = f(IDS,K1,K2,n1,Const) A||B||C C = f(IDS,K1’,K2’,n3,Const) 8/17

  10. Gossamer Protocol • Mutual authentication Reader Tag n1’ = MIXBITS(n3,n2) Keys: (IDS,K1,K2) Compute D’, If D’ == D D Extract n1, n2 from A,B SUCCESS Compute C’, If C’ == C n1’ = MIXBITS(n3,n2) D = (IDS,K1’,K2’,n1’,Const) 9/17

  11. Gossamer Protocol • Key updating Reader Tag New Keys(IDSnew,K1new,K2new) = f(IDS,K1,K2,n1,n2,n3) New Keys(IDSnew,K1new,K2new) = f(IDS,K1,K2,n1,n2,n3) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) 10/17

  12. De-synchroniztion Attack • Prevented Reader Tag C(Blocked) New Keys(IDSnew,K1new,K2new) = f(IDS,K1,K2,n1,n2,n3) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) D(Blocked) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) Attacker 11/17

  13. De-synchronization Attack • Not prevented Reader Tag New Keys(IDSnew,K1new,K2new) = f(IDS,K1,K2,n1,n2,n3) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) A||B||C(Copied) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) D(Blocked) Attacker 12/17

  14. De-synchronization Attack Reader Reader Tag A’||B’||C’ New Keys(IDS’new,K1’new,K2’new) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) D’ New Keys(IDS’new,K1’new,K2’new) Attacker 13/17

  15. De-synchronization Attack Attacker Tag A||B||C New Keys(IDSnew,K1new,K2new) = f(IDS,K1,K2,n1,n2,n3) D Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) 14/17

  16. De-synchronization Attack Reader Reader Tag Hello New Keys(IDS’new,K1’new,K2’new) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) IDS or IDSnew New Keys(IDSnew,K1new,K2new) Attacker 15/17

  17. Extension Reader Reader Tag Hello New Keys(IDS’new,K1’new,K2’new) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) IDS or IDSnew Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) New Keys(IDSnew,K1new,K2new) Attack 16/17

  18. Conclusion • Classified DoS attack on RFID. • Point out the vulerbility of Gossamer protocol. • Propose a simple extension to solve the problem. 17/17

More Related