Securing low-cost RFID systems: An unconditionally secure approach

Basel Alomair, Loukas Lazos, Radha Poovendran

Research output: Contribution to journalArticle

10 Citations (Scopus)

Abstract

In this paper, we explore a new direction towards solving the identity authentication problem in RFID systems. We break the RFID authentication process into two main problems: message authentication and random number generation. For parties equipped with a good source of randomness and a secure cryptographic primitive to authenticate messages, the literature of cryptography is rich with well-studied solutions for secure identity authentication. However, the two operations, random number generation and message authentication, can be expensive for low-cost RFID tags. In this paper, we lay down the foundations of a new direction towards solving these problems in RFID systems. We propose an unconditionally secure direction for authenticating RFID systems. We use the fact that RFID readers are computationally powerful devices to design a protocol that allows RFID readers to deliver random numbers to RFID tags in an unconditionally secure manner. Then, by taking advantage of the information-theoretic security of the transmitted messages, we develop a novel unconditionally secure message authentication code that is computed with a single multiplication operation. The goal of this work is to bring more research to the design of such unconditionally secure protocols, as opposed to the computationally secure protocols that have been proposed extensively, for the purpose of suiting the stringent computational capabilities of low-cost devices.

Original languageEnglish (US)
Pages (from-to)229-257
Number of pages29
JournalJournal of Computer Security
Volume19
Issue number2
DOIs
StatePublished - 2011

Fingerprint

Radio frequency identification (RFID)
Authentication
Costs
Random number generation
Security of data
Cryptography

Keywords

  • authentication
  • RFID
  • secrecy
  • unconditional security

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Software
  • Safety, Risk, Reliability and Quality

Cite this

Securing low-cost RFID systems : An unconditionally secure approach. / Alomair, Basel; Lazos, Loukas; Poovendran, Radha.

In: Journal of Computer Security, Vol. 19, No. 2, 2011, p. 229-257.

Research output: Contribution to journalArticle

Alomair, Basel ; Lazos, Loukas ; Poovendran, Radha. / Securing low-cost RFID systems : An unconditionally secure approach. In: Journal of Computer Security. 2011 ; Vol. 19, No. 2. pp. 229-257.
@article{b042277727b2457f82fe828b86dc9c0c,
title = "Securing low-cost RFID systems: An unconditionally secure approach",
abstract = "In this paper, we explore a new direction towards solving the identity authentication problem in RFID systems. We break the RFID authentication process into two main problems: message authentication and random number generation. For parties equipped with a good source of randomness and a secure cryptographic primitive to authenticate messages, the literature of cryptography is rich with well-studied solutions for secure identity authentication. However, the two operations, random number generation and message authentication, can be expensive for low-cost RFID tags. In this paper, we lay down the foundations of a new direction towards solving these problems in RFID systems. We propose an unconditionally secure direction for authenticating RFID systems. We use the fact that RFID readers are computationally powerful devices to design a protocol that allows RFID readers to deliver random numbers to RFID tags in an unconditionally secure manner. Then, by taking advantage of the information-theoretic security of the transmitted messages, we develop a novel unconditionally secure message authentication code that is computed with a single multiplication operation. The goal of this work is to bring more research to the design of such unconditionally secure protocols, as opposed to the computationally secure protocols that have been proposed extensively, for the purpose of suiting the stringent computational capabilities of low-cost devices.",
keywords = "authentication, RFID, secrecy, unconditional security",
author = "Basel Alomair and Loukas Lazos and Radha Poovendran",
year = "2011",
doi = "10.3233/JCS-2010-0406",
language = "English (US)",
volume = "19",
pages = "229--257",
journal = "Journal of Computer Security",
issn = "0926-227X",
publisher = "IOS Press",
number = "2",

}

TY - JOUR

T1 - Securing low-cost RFID systems

T2 - An unconditionally secure approach

AU - Alomair, Basel

AU - Lazos, Loukas

AU - Poovendran, Radha

PY - 2011

Y1 - 2011

N2 - In this paper, we explore a new direction towards solving the identity authentication problem in RFID systems. We break the RFID authentication process into two main problems: message authentication and random number generation. For parties equipped with a good source of randomness and a secure cryptographic primitive to authenticate messages, the literature of cryptography is rich with well-studied solutions for secure identity authentication. However, the two operations, random number generation and message authentication, can be expensive for low-cost RFID tags. In this paper, we lay down the foundations of a new direction towards solving these problems in RFID systems. We propose an unconditionally secure direction for authenticating RFID systems. We use the fact that RFID readers are computationally powerful devices to design a protocol that allows RFID readers to deliver random numbers to RFID tags in an unconditionally secure manner. Then, by taking advantage of the information-theoretic security of the transmitted messages, we develop a novel unconditionally secure message authentication code that is computed with a single multiplication operation. The goal of this work is to bring more research to the design of such unconditionally secure protocols, as opposed to the computationally secure protocols that have been proposed extensively, for the purpose of suiting the stringent computational capabilities of low-cost devices.

AB - In this paper, we explore a new direction towards solving the identity authentication problem in RFID systems. We break the RFID authentication process into two main problems: message authentication and random number generation. For parties equipped with a good source of randomness and a secure cryptographic primitive to authenticate messages, the literature of cryptography is rich with well-studied solutions for secure identity authentication. However, the two operations, random number generation and message authentication, can be expensive for low-cost RFID tags. In this paper, we lay down the foundations of a new direction towards solving these problems in RFID systems. We propose an unconditionally secure direction for authenticating RFID systems. We use the fact that RFID readers are computationally powerful devices to design a protocol that allows RFID readers to deliver random numbers to RFID tags in an unconditionally secure manner. Then, by taking advantage of the information-theoretic security of the transmitted messages, we develop a novel unconditionally secure message authentication code that is computed with a single multiplication operation. The goal of this work is to bring more research to the design of such unconditionally secure protocols, as opposed to the computationally secure protocols that have been proposed extensively, for the purpose of suiting the stringent computational capabilities of low-cost devices.

KW - authentication

KW - RFID

KW - secrecy

KW - unconditional security

UR - http://www.scopus.com/inward/record.url?scp=79952959811&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=79952959811&partnerID=8YFLogxK

U2 - 10.3233/JCS-2010-0406

DO - 10.3233/JCS-2010-0406

M3 - Article

AN - SCOPUS:79952959811

VL - 19

SP - 229

EP - 257

JO - Journal of Computer Security

JF - Journal of Computer Security

SN - 0926-227X

IS - 2

ER -