POP Method An Approach to Enhance the Security and Privacy of RFID Systems Used in Product Lifecycle with an Anonymous Ownership Transferring Mechanism S.K.K.H.

Download Report

Transcript POP Method An Approach to Enhance the Security and Privacy of RFID Systems Used in Product Lifecycle with an Anonymous Ownership Transferring Mechanism S.K.K.H.

POP Method

An Approach to Enhance the Security and Privacy of RFID Systems Used in Product Lifecycle with an Anonymous Ownership Transferring Mechanism

S.K.K.H. Sabaragamuwa, S. M. Reza, J. Miura, Y. Goto, and J. Cheng Department of Information and Computer Sciences, Saitama University, Saitama, 338-8570, Japan {krishan, selim, miura, gotoh, cheng}@aise.ics.saitama-u.ac.jp

Advanced Information Systems Engineering Lab Saitama University, Japan 2007-March-13 1

Goal and Objectives

 Goal  The goal is to originate a way to protocol .

enhance the security and privacy of RFID tagged products in product life cycle by enabling ownership transferring mechanism with novel communicational  Objectives 1.

Discover a security & privacy enhanced communication mechanism for RFID tagged products in product lifecycle.

2.

3.

Define application layer protocols for RFID communication product life cycle.

in Derive an ownership transferring mechanism products throughout the product life cycle for RFID tagged 2

Agenda Background Motivation Solution Contribution Conclusion

3

Background

4

What is the problem?

 The secret stored inside the RFID tag may be read/modified by more than one party who may or may not allow to access it.

 Therefore the RFID tagging creates the security risks and privacy threats for the individuals product lifecycle .

as well as for corporations throughout the 5

Why does the problem occur?

 The same passive tag is used throughout product life cycle from the point of production up-to the product recycling.

 It is easy to buy a RFID tagged product and find out the information inside the tag by reverse engineering it.

 Since the RFID interception.

signal range is larger and contact-less , communication between tags and readers are susceptible to interference and  It is unable to employ strong security mechanisms on passive tags as they are low in computational power & programmability, small in memory capacity, and also constraint by cost.

 Tags cannot be switched-off agreement of their bearers.

and also tag answers without the 6

Motivation

7

Why we must solve the problem?-I

 Almost every thing in the world is to be uniquely numbered by embedding a RFID tag as the process automation efficiency and usability can be improved.

 It is the passive tag , which are acceptable to be used in the domain of product lifecycle as the cost constraints exists.

 Extensive use of RFID tags has been limited as it creates threats to security and privacy.   Corporate and individual privacy Data/information and communication security  No proper mechanism to transfer the ownership the multiple authorizations of tagged products.

and also to allow 8

Why we must solve the problem?-II

 Easy access and autonomous   Can improve the automated processing Will greatly reduce the need for manual scanning   Efficient Tracking is possible Can store fairly decent information set  Item’s serial number, Color, Size, Manufacture date and Current price, as well as a list of all distribution points the item touched before arriving at a store.

  Non-contact, non-line-of-sight reading, read/write capability Improve inventory, warehousing, distribution, logistics, and security 9

Proposed solution

10

Solution Outline

           Assumptions Product lifecycle Tag memory Proposed flow of tagged products Point of Sales After purchase Ownership Transference Multiple authorization Characteristics of proposed solution Communication protocols Recycling of tagged products 11

Assumptions

       Proper radio communication is available Tags are having rewritable memory Tags are having 10000~15000 total gate count Capability of reading and writing Able to Disable or Kill the tag at the POS (Point of Sales) Interrogator (Reader) should have the writing capability Tags memory capacity should be at least 512 bits including minimum programmable memory of 256 bits    96bits for EPC and 16 bits CRC 80bits for Authentication Key 48bits for Shared Secret key 12

Product lifecycle

Product Manufacturer

Logistics

Distributors/Resellers/Warehous es

Logistics

Retail Stores Customer 2 nd 3 rd 4 th Product Usage Customer sells the product to another customer Recycling of Products 8 9 1 2 1 3 1 4 5 6 7 13

Lifecycle of the tagged products

(1) Production (2) Logistics (3) Warehouse (4) Logistics (5) Retail Store (6) Customer Barcode Passive RFID Tag

Gen 2 ISO 18000-6

(7) Customer (8) Application (9) Recycling Productive RFID use throughout the product life cycle

14

Memory structure of the Tag

Encryption/Decryption and Pseudo Random Number Generator Module for Protocol Processing Nonce from Interrogator 48bits

N I

Enabled or Disabled 1bit Tag Generated Nonce 48bits

N T

Interrogator ID 32bits

I ID

Shared Secret 48 bits

S

Cryptographic Key 80 bits

K a

Tag ID (EPC) 96 bits

K a

Actor 1

S EPC

Enabled

K’ a

Actor 2

S’ EPC

Enabled

15

EPC E

K a S a

EPC E

K b S b

EPC E

K c S c

EPC E

K d S d

EPC E

K e S e

EPC E

K f S f

EPC E

K g S g

EPC E

K i S i

EPC E

K h S h

EPC E

K j S j

EPC E

K k S k

EPC E

K l S l

EPC E EPC E EPC E

16

Point of Sales

 

Customer card

 Contains the 80 bits number card key

Customer PIN number

 Will have to remember their own number 17

Point of Sales

   Tag data is changed in POS   80 bits Authentication key 48 bits Shared Secret key Customer Card & PIN number Disable Enable Other Parts of the Tag

Encryption & Decryption K 80 bits S 48 bits EPC E

    PIN number will be assigned to for 48 bit Shared Secret key Card key will be assigned to 80 bits Authentication key By swiping the card and key-in the PIN number once for all items purchase at any given time.

The card and the PIN number will allow smart home appliances to protect the security and privacy Disable the tag  No more use of RFID tag after the purchase 18

After purchase

Smart appliances with RFID tags   Each smart device at home will consist of Key pad and proximity or swipe card reader to input your shared secrets Each smart device will have their own database and reader in it 19

Transferring ownership

  Seller will have to swipe his card and enter his PIN number for the product to trusted transferring point Buyer will have to swipe his card key and enter his PIN number 20

Multiple authorization

  This is necessary in case of product recall, repair or return Since these actions should carry out with the consent of the owner of the product each party who expect to read the product tag need to transfer the ownership to proceed 21

Characteristics of proposed solution

 Algorithm  Grain1 stream cipher algorithm   1650 gate count Lightweight and 80 bits Cryptographic Key  Protocols design  Authentication   Reading Writing  Security  Proper authentication before reading or writing    Changing the shared secrets in defined frequency Usage of nonce makes duplication extremely difficult Cryptographic key is 80 bits long 22

1.

2.

3.

4.

5.

Protocol outline

Reading the EPC Disabling the Tag Changing Shared Secret Changing Cryptographic Key Changing both Shared Secret and Cryptographic key 23

Protocol outline

24

Protocol outline

25

Recycling of tagged products

 Each product to be recycled should change the tag data as follows

Other Parts of the Tag

K

Encryption & Decryption

S

EPC E

Should assign NULL for two Secrets S:=NULL K:=NULL  Same method can be used in each stage to remove the damaged products 26

Contribution

27

Devise

New process flow for RFID tagged products  Re-assigning method of shared secrets when changing hands over the product lifecycle  Anonymous ownership transferring method for tagged products even after purchase without using database  New protocols for secured authentication, reading and writing of data in RFID tag  Introduced security and privacy enhanced use of RFID tagged products from production to its recycling  A method for recycling RFID tagged products using the same structure 28

Conclusion

29

Conclusion

 Allow anonymous ownership transference  Enhance security  Protect privacy  Single protocol and light weight algorithm is used throughout the product life cycle  No need to implement multiple authorization 30

Conclusion

 The POP ( Product flow with Ownership transferring Protocol ) Method Is an approach to enhance the security and privacy of RFID tagged products in product lifecycle by enabling anonymous ownership transference. It requires the tag to have a rewritable memory and a simple logic circuit. These requirements are practical and easy to implement though currently cost constraint exists.

31

Thank you very much for your attention !!!.....

32

Q & A

33

Thank you

34

 K. H. S. Sabaragamu Koralalage, Mohammed Reza Selim, Junichi Miura, Yuichi Goto, and Jingde Cheng: POP Method: An Approach to Enhance the Security and Privacy of RFID Systems Used in Product Lifecycle with an Anonymous Ownership Transferring Mechanism, Proceedings of the 22nd Annual ACM Symposium on Applied Computing (SAC '07), pp. 270-275, Seoul, Korea, ACM Press, March 2007. 35