1 / 11

draft-urien- hip-tag-03.txt

draft-urien- hip-tag-03.txt. HIP support for RFID Pascal.Urien@telecom-paristech.fr. http://www.telecom-paristech.fr. Open Issues for the Internet Of Thing. What is a thing? , f rom draft-urien- hip-iot-00.txt Two classes of things

toshi
Download Presentation

draft-urien- hip-tag-03.txt

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. draft-urien-hip-tag-03.txt HIP support for RFID Pascal.Urien@telecom-paristech.fr http://www.telecom-paristech.fr

  2. Open Issues for the Internet Of Thing • What is a thing? , from draft-urien-hip-iot-00.txt • Two classes of things • Things that are full computers equipped with communication interfaces. • Things that are not full computers (i.e. TAGS, RFIDs), but who are associated with objects. • What is the identifier of a thing? •  They are several proposals: • A serial number, such as the EPC code. • An IP address. • Other, for example a fix hash value, or adhoc naming scheme.

  3. Open issues • Identity Protection • Things can be used to track people or objects, which are identified by a set of things. Identity protection enforces privacy by hiding things identities thanks to cryptographic means. • Communication Protocol • A thing communicates with the Internet network by various interfaces •  Via MAC (OSI2) radio protocols, as defined by EPC GLOBAL • Thanks the IP protocol, in that case the thing is an IP node, and is natively plugged in the Internet Cloud. • Other, for example the Host Identity Protocol • Things to Things communications • In some cases, things communicate with other things. If identity protection is required, the associated infrastructure is complex from a cryptographic or physical point of view, because classical routing techniques can't be used.

  4. HIP Tags for the IoT • Project funded by the French National Research Agency (ANR) • Modified BEX exchange • The HIT is a true random number • HIP-Tags never expose their identity in clear text, but hide this value (typically an EPC-Code) by a particular equation (f) that can be only solved by a dedicated entity, referred as the portal. • f(r1,r2, EPC-Code) • HIP exchanges occurred between HIP-Tags and PORTALs; they are shuttled by IP packets, through the Internet cloud.

  5. Identity Protection for Tags • Privacy issues • EPC-Code MUST be protected • EPC-Code is a solution of f(r1,r2,EPC-Code) • Example • Many f proposal in the scientific literature • f(r1,r2, EPC-Code) = SHA1 (r1 | r2 | EPC-Code) r1 Tag EPC-Code Reader r2, f(r1,r2, EPC-Code) S. Weis, S. Sarma, R. Rivest and D. Engels. "Security and privacy aspects of low-cost radio frequency identification systems." In D. Hutter, G. Muller, W. Stephan and M. Ullman, editors, International Conference on Security in Pervasive Computing - SPC 2003, volume 2802 of Lecture Notes in computer Science, pages 454- 469. Springer-Verlag, 2003.

  6. HIP-TAGS Architecture Main Ideas • The TAG runs a modified version of HIP • HIP Only! – NO IP stack • HIT is a true 16 bytes random number generated by the TAG • The Reader is an IP node • It acts as a docking host for HIP tag • The Reader is not able to solve the f equation • The identity solver entity is located in a node called the PORTAL • HIP dialog between Tag and Portal • HIP packets MAY be encapsulated by a HAT (HIP Address Translation) layer.

  7. HIP-Tags Architecture Identity Solver HIP HIP SPI-I HAT HAT EPC-Code IP IP SPI-R RFID-MAC MAC MAC RFID-MAC EPC-Code RFID-PHY RFID-PHY PHY PHY Tag Reader Portal

  8. T-Transform 0001 - HMAC • K = HMAC-SHA1(r1 | r2, EPC-Code) • F-T = HMAC-SHA1(K, CT1 | "Type 0001 key ") • CT1 = 0x00000001 (32 bits) • K-AUTH-KEY = HMAC-SHA1(K, CT2 | "Type 0001 key") • CT2 = 0x00000010 (32 bits)

  9. Example, with T-Transform = 0001 Portal Tag EPC-CODE 0123456789abcdefcdab I1-T HEAD 3b04401100000000 sHIT 6a682e53516b516f2f58ce6025421ae6 dHIT 00000000000000000000000000000000 HEAD 3b0a411100000000 sHIT 00000000000000000000000000000000 dHIT 6a682e53516b516f2f58ce6025421ae6 ATT 0400 20 bytes 276d034ddd2d52793b172cb95bcd0297e2df6115 ATT 0402 04 bytes 00010000 R1-T r1 I2-T HEAD 3b13401100000000 sHIT 6a682e53516b516f2f58ce6025421ae6 dHIT 00000000000000000000000000000000 ATT 0402 04 bytes 00010000 ATT 0400 20 bytes c5958b236b9b0eaa7abb25f27d24c5046e89199e ATT 0404 20 bytes 801dbc55c5f39789f83c6cba1450187d83833caf ATT 0406 20 bytes 2a2368932bf73abec46bddb83f1b3f7f9ded8b83 r2 f Signature

  10. T-Transform 0002 – Tree • F-T = H1 | H2 | Hi | Hn • Hi = HMAC-SHA1(r1 | r2, Ki | CT1 ),or • Hi = HMAC-SHA1(r1 | r2, Ki | CT2 ) • CT1 = 0x00000001, CT2 = 0x00000002 • Notation: HiCTkKi k=1,2 i=1...n • K-AUTH-KEY = HMAC-SHA1(K, CT1 | "Type 0002 key") • K = HMAC-SHA1(r1 | r2, EPC-Code) • CT1 = 0x00000001 (32 bits) 0 1 H1CT1K1 H1CT2K1 1 EPC-Code = 010…. F-T = H1CT1K1 H2CT2K2 H3CT1K1 H2CT2K2 0 H3CT1K1

  11. Open Java Resources • http://perso.telecom-paristech.fr/~urien/hiptag • Java code for portal. • Java card code for tags. • ISO 14443 tags work at 13,56 MHz. • Java card are widely deployed, about 1 billion devices per year. • Thanks to the NFC technology, HIP-TAG could be supported by billions of mobile phones. • http://gforge.cnam.fr/gf/project/t2tit • Code source of the T2TIT project, funded by the French National Research Agency (ANR). • Papers: HIP-Tags Architecture Implementation for the Internet of Things • Pascal Urien, Simon Elrharbi, DoriceNyamy , HervéChabanne, Thomas Icart, François Lecocq, CyrillePépin, KhalifaToumi, Mathieu Bouet, Guy Pujolle, Patrice Krzanik, Jean-Ferdinand Susini " HIP-Tags Architecture Implementation for the Internet of Things ", First Asian Himalayas International Conference on Internet AH-ICI2009, 3-5 November, 2009, Kathmandu, Nepal, Available at IEEE Explorer.

More Related