180 likes | 323 Views
Technieue for Preventing DoS Attacks on RFID System. Conference:SoftCOM(2010) Author: Deepak Tagra, Musfiq, Rahman and Srinivas Sampalli Present: 102062595 侯宗佑. Outline. Introduction Security Issues Gossamer Protocol De-synchronization Attack Extension Conclusion. Introduction.
E N D
Technieue for Preventing DoS Attacks on RFID System Conference:SoftCOM(2010)Author: Deepak Tagra, Musfiq, Rahman and Srinivas Sampalli Present: 102062595 侯宗佑
Outline • Introduction • Security Issues • Gossamer Protocol • De-synchronization Attack • Extension • Conclusion 1/17
Introduction 2/17
Security Issues • Vulnerable to Evasdropping. • Traffic analysis • Confidential data • Personal privacy • Spoofing • SQL injection • Data integerty • Replay attack • De-synchronization 3/17
Security Issues • Deny of service • Kill command attack • Jamming • De-synchronization attack • Tag data modification • Data encryption and authentication is required. 4/17
Security Issues • Difficulties • No power supply. • Cost must be low. • Limited hardware scale. • Only able to do bitwise operation. • Classic encryption/authentication techniques cannot be implemented. • AES,DES,SHA-1,md5.... • Protocol must be low-cost and light-weighted. 5/17
Gossamer Protocol • UMAP family • Tag anoymity • Data encryption • Mutual authentication • Only bitwise logical operation. • Enhancement of SASI protocol. • Using non-triangular function for encryption. 6/17
Gossamer Protocol • Tag identication Reader Tag Hello IDS 7/17
Gossamer Protocol • Mutual Authentication Reader Tag PRNG: (n1,n2) Keys: (IDS,K1,K2) Keys: (IDS,K1,K2) n3 = MIXBITS(n1,n2) A = f(IDS,K1,K2,n1,Const) B = f(IDS,K1,K2,n1,Const) A||B||C C = f(IDS,K1’,K2’,n3,Const) 8/17
Gossamer Protocol • Mutual authentication Reader Tag n1’ = MIXBITS(n3,n2) Keys: (IDS,K1,K2) Compute D’, If D’ == D D Extract n1, n2 from A,B SUCCESS Compute C’, If C’ == C n1’ = MIXBITS(n3,n2) D = (IDS,K1’,K2’,n1’,Const) 9/17
Gossamer Protocol • Key updating Reader Tag New Keys(IDSnew,K1new,K2new) = f(IDS,K1,K2,n1,n2,n3) New Keys(IDSnew,K1new,K2new) = f(IDS,K1,K2,n1,n2,n3) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) 10/17
De-synchroniztion Attack • Prevented Reader Tag C(Blocked) New Keys(IDSnew,K1new,K2new) = f(IDS,K1,K2,n1,n2,n3) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) D(Blocked) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) Attacker 11/17
De-synchronization Attack • Not prevented Reader Tag New Keys(IDSnew,K1new,K2new) = f(IDS,K1,K2,n1,n2,n3) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) A||B||C(Copied) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) D(Blocked) Attacker 12/17
De-synchronization Attack Reader Reader Tag A’||B’||C’ New Keys(IDS’new,K1’new,K2’new) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) D’ New Keys(IDS’new,K1’new,K2’new) Attacker 13/17
De-synchronization Attack Attacker Tag A||B||C New Keys(IDSnew,K1new,K2new) = f(IDS,K1,K2,n1,n2,n3) D Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) 14/17
De-synchronization Attack Reader Reader Tag Hello New Keys(IDS’new,K1’new,K2’new) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) IDS or IDSnew New Keys(IDSnew,K1new,K2new) Attacker 15/17
Extension Reader Reader Tag Hello New Keys(IDS’new,K1’new,K2’new) Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) IDS or IDSnew Old Keys(IDSold,K1old,K2old) = (IDS, K1,K2) ) New Keys(IDSnew,K1new,K2new) Attack 16/17
Conclusion • Classified DoS attack on RFID. • Point out the vulerbility of Gossamer protocol. • Propose a simple extension to solve the problem. 17/17