1 / 11

ECC-Based Lightweight Authentication Protocol with Un-traceability for Low-Cost RFID

ECC-Based Lightweight Authentication Protocol with Un-traceability for Low-Cost RFID. Authors: Hung-Yu, Chi-Sung Laih Sources: Journal of Parallel and Distributed Computing, Accepted Speaker: C. H. Wei. Outline. The problem Authentication protocol Security analysis, and performance analysis

tamma
Download Presentation

ECC-Based Lightweight Authentication Protocol with Un-traceability for Low-Cost RFID

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ECC-Based Lightweight Authentication Protocol with Un-traceability for Low-Cost RFID Authors: Hung-Yu, Chi-Sung Laih Sources: Journal of Parallel and Distributed Computing, Accepted Speaker: C. H. Wei

  2. Outline • The problem • Authentication protocol • Security analysis, and performance analysis • Conclusion • Comments

  3. The Problem • Only a few of the previous RFID authentication schemes consider anonymity and un-traceability • In some schemes, the tags do not respond to identification-related information • A server must search the whole database • About perform computation, per tag in order to identify the communicating tag, which is not efficient.

  4. 1 0 1 1 0 1 0 e (1) send 1101 Received 1101010 Hamming code (2) (3) (4)

  5. Initialization • The server randomly chooses a secret linear code C(n, k, d), length n, dimension k and minimum distance d • The server assigns row vectors G[j] to the tag, where j=(i-1)*s+1,…i*s

  6. Ti, Ki, g( ), G[j] Ti, Ki, G ci =mi*G G*HT=0

  7. Security Analysis • Mutual authentication • Only the genuine server can compute • Only the genuine tag can compute Vs • Privacy • The value seem random to an attacker who does not have the private parameters.

  8. Security Analysis (cont.) • Anonymity and un-traceability • Attacker eavesdrop two or more sessions (c1+e1, …, ci+ei) • Compromise of tags • The attacker could derive the row vectors and key inside the tag • The scheme does not provide the forward secrecy

  9. Security Analysis (cont.) • Performance analysis • Only the server is required to be equipped with the decoding algorithms. • The tag require the pseudo-random generator and simple bit operations • The number of row vectors per tag being l, the space requirement per tag is l*n+|Ki| • ex. (n=128,k=64,d=22), l=3, 64/3=21 tags, length of key is 32, space=3*128+32=416 bits

  10. Comments • 之前的論文在解決traceability和anonymity都需要將資料庫全部搜尋一次,才能確認對方身份 • 此論文建議的方法使用linear error correction codes 可以達到low-cost and better performance • 缺點:不適合用在有大量的tag環境下 因為每個tag需要用到的儲存空間很大

  11. A binary K-tuple m can be encoded to an N-bit codeword c=m*G, where G is an K-by-N generator matrix. An error vector e added to the codeword ci results in a vector • r can be decoded in to c based on the syndrome vector s=r*HT, where H is an (N-K)-by-N parity-check matrix such that G*HT=0

More Related