1 / 20

Randomized PRF Tree Walking Algorithm for Secure RFID

Randomized PRF Tree Walking Algorithm for Secure RFID. Leonid Bolotnyy and Gabriel Robins Department of Computer Science University of Virginia lb9xk@cs.virginia.edu, robins@cs.virginia.edu. Talk Outline. Identification Problem Secure Binary-Tree Walking Algorithm

shino
Download Presentation

Randomized PRF Tree Walking Algorithm for Secure RFID

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Randomized PRF Tree Walking Algorithm for Secure RFID Leonid Bolotnyy and Gabriel RobinsDepartment ofComputer ScienceUniversity of Virginialb9xk@cs.virginia.edu, robins@cs.virginia.edu

  2. Talk Outline • Identification Problem • Secure Binary-Tree Walking Algorithm • Reader-tag Authentication Problem • Multi-tag RFID Systems

  3. Tags Local Server Reader Tag ID Tag ID Identification Problem

  4. Tags Local Server Reader Tag ID Tag ID Secure Identification Problem

  5. Tag Reader Eavesdropper Passive vs. Active Adversary Backward Range Forward Range

  6. 1 0 00 01 10 11 000 001 010 011 100 101 110 111 Secure Binary-Tree Walking R. Rivest, S. Weis, EPCglobal, Inc. • Each tag generates a random number • Reader tree-walks these random numbers • Selected tag transmits its real-ID

  7. Algorithm Analysis Major questions about the algorithm: 1. How to deal with collisions on real-IDs? 2. How to choose optimal random number length? 3. How to choose the threshold? n: number of tags, m: random number length Number of tags per random number will have a Poisson distribution (Expected number of random IDs with k tags) (Expected total number of colliding tags) (Cost function) where t is the smallest exponent for which

  8. Optimal random number length Use average n over many traverse runs

  9. bits) (Expected number of tags on a branch after Determining threshold Pr[ tags match in threshold number of bits] = For n = 2000, after about 11 bits, we expect zero, one, or two bits per branch Still have a “long” way to finish traversing the tree Costly over all branches if we traverse every branch to the end Start the threshold at 2 Increase threshold by 1 if collision occurs Decrease threshold by 1 if over the entire traverse no collisions occurred

  10. Randomized PRF Tree Walking Algorithm Goal: Efficiently solve reader-tag authentication problem in the presence of many tags Steps of the algorithm: 1. Each tag generates a random number, and the reader performs a tree-walk on these numbers 2. Once a tag is selected, the reader and the tag engage in a tree-waking private authentication protocol 3. The reader moves the tag to a different position in a tree.

  11. Binary Tree of Secrets D. Molnar and D. Wagner Privacy and Security in Library RFID Issues, Practices, and Architecture

  12. Step 1 Each tag generates a random number, and the reader performs a tree-walk on these numbers

  13. Step 2 Once a tag is selected, the reader and the tag engage in a tree-waking private authentication protocol

  14. Step 3 The reader moves the tag to a different position in a tree

  15. Properties of the Algorithm • Allows on-line addition and removal of tags • Provides security against active eavesdroppers • Offers security against foreign readers • Enables dynamic tradeoff between security, privacy and singulation time • Effective against active attacks • stealing a tag • tracking and hotlisting • Requires a tag to be equipped with • pseudo-random function, XOR unit • random number generator • writable memory

  16. D. Molnar and D. Wagner Our algorithm Our algorithm assuming secrets are hard to steal Our algorithm assuming tags are read often and/or secrets are very hard to steal Space and Time Complexity Evolution

  17. Random Bits No Connect V Random Number Generator Will Ware http://willware.net/hw-rng.html The voltage signal is amplified, disturbed, stretched, and sampled, resulting in random bits.

  18. 1 4 2 3 New Idea: Multi-Tags Attach more than one tag to an object • Redundant Tags • Dual-Tags • Own Memory Only • Shared Memory Only • Own and Shared Memory • Triple-Tags • n-Tags

  19. Benefits of Multi-Tag Systems New applications • Increased expected voltage on a tag • Increased expected communication range • Increased availability • Increased memory • Increased reliability • Increased durability • Enhanced security

  20. Our Current and Future Work Find New and Improve Existing Algorithms A. Juels, S. Weis Authentication algorithms with human protocols D. Molnar, D. Wagner Tag identification with delegation, ownership transfer A. Juels Efficient cloning-resistant identification algorithms New and emerging problems Let’s Collaborate!

More Related