asiaccs 2007 protecting rfid communications in supply chains yingjiu li & xuhua ding school of...
TRANSCRIPT
![Page 1: ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University](https://reader036.vdocuments.net/reader036/viewer/2022072006/56649f535503460f94c77836/html5/thumbnails/1.jpg)
ASIACCS 2007
Protecting RFID Communications in Supply
Chains
Yingjiu Li & Xuhua Ding
School of Information Systems
Singapore Management University
![Page 2: ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University](https://reader036.vdocuments.net/reader036/viewer/2022072006/56649f535503460f94c77836/html5/thumbnails/2.jpg)
ASIACCS 2007 2
Background
• RFID
• Each tag has a globally unique identification number.
• RFID tag has very weak computation power.
• RFID tag has very limited storage.
![Page 3: ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University](https://reader036.vdocuments.net/reader036/viewer/2022072006/56649f535503460f94c77836/html5/thumbnails/3.jpg)
ASIACCS 2007 3
Supply Chain Management
• Supply Chain– A coordinated system of organizations moving
a product from supplier to customer.
Partner P1
Partner P2Partner P3
Partner P4
![Page 4: ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University](https://reader036.vdocuments.net/reader036/viewer/2022072006/56649f535503460f94c77836/html5/thumbnails/4.jpg)
ASIACCS 2007 4
Security Requirements
• Authoritative Access– For a shipment to partner Pi, only Pi
’s reader can access.
• Authenticity– Only legitimate RIFD tags can be accepted
• Unlinkability– Infeasible to determine whether two
responses are from the same tag.
• Supply Chain Visibility– Manager’s ability to track and identify the flow.
![Page 5: ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University](https://reader036.vdocuments.net/reader036/viewer/2022072006/56649f535503460f94c77836/html5/thumbnails/5.jpg)
ASIACCS 2007 5
System Model
• Consider a supply chain of N partners– P1, P2,…PN
– Each has a pair of public/private keys.– Material flow: P1 P2 P3
… PN
• No assumption on global knowledge of the entire supply chain.
• Assumption:– Attackers are unable to access the stored secrets by
physically compromising RFID readers or tags.– Attackers are able to eavesdrop the interaction
between RFID tags and legitimate readers– Attackers are able to interrogate RFID tags arbitrary
times.
![Page 6: ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University](https://reader036.vdocuments.net/reader036/viewer/2022072006/56649f535503460f94c77836/html5/thumbnails/6.jpg)
ASIACCS 2007 6
The ProtocolA high level view :
P1 initializes all RFID tags with a secret key from its next Partner. Partner Pi downloads the list of ids from Pi-1, reads all the tags, updates the tags for Pi+1.
P1
C1 C2 Cn
tags
Tag Initialization
C1k2 C2k2 Cnk2
k2: the secret key chosen by P2
Database initialization
cn
c1
…ResponseSecret mask ID
![Page 7: ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University](https://reader036.vdocuments.net/reader036/viewer/2022072006/56649f535503460f94c77836/html5/thumbnails/7.jpg)
ASIACCS 2007 7
RFID Read Protocol (by Partner Pi)
h(rc2ki)c2
h(rcxki) rcx
cn
h(rc1ki)c1
ResponseSecret mask
ID
r t=H(r)
=cxki
Pi
t
t ?
database Di
a a’
RFID tags
![Page 8: ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University](https://reader036.vdocuments.net/reader036/viewer/2022072006/56649f535503460f94c77836/html5/thumbnails/8.jpg)
ASIACCS 2007 8
RFID Write Protocol (by Partner Pi)
a=kiki+1
b=H(acki)
=cxki
Pi
r2c2
h(rcxki)rxcx
rncn
r1c1
ResponseSecret mask
ID
database Di
RFID tag
b H(a )?
=a= cxki+1
![Page 9: ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University](https://reader036.vdocuments.net/reader036/viewer/2022072006/56649f535503460f94c77836/html5/thumbnails/9.jpg)
ASIACCS 2007 9
Security
• Read Protocol– The readers are NOT
authenticated.– For a tag prepared for
Pi, only Pi and Pi-1’s reader can extract its ID.
– Only legitimate tags are processed.
• Write Protocol– For a tag prepared for
Pi, only commands from Pi and Pi-1 will be accepted.
– Reveal no information to eavesdroppers.
![Page 10: ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University](https://reader036.vdocuments.net/reader036/viewer/2022072006/56649f535503460f94c77836/html5/thumbnails/10.jpg)
ASIACCS 2007 10
Balancing Security and Performance
r1
Pi
a a
a a
a a
r2
r3
ID Secret mask
Response
c1 r1 h(r1c1ki)
c2 r1 h(r1c2ki)
cx r2 h(r2cxki)
cx+1 r2 h(r2cx+1ki)
Basic Idea: Batch process with a shared nounce, instead of a fresh nounce per tag.
![Page 11: ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University](https://reader036.vdocuments.net/reader036/viewer/2022072006/56649f535503460f94c77836/html5/thumbnails/11.jpg)
ASIACCS 2007 11
Unlinkability & Supply Chain Visibility
Are they the same tag??
A weaker notion than universal unlinkability.A weaker notion than universal unlinkability.
processed
by Pi ’
Supply Chain VisibilityUnlinkability
• The ability to identify all tags and the present partner • by introducing an trusted authority and key escrow
![Page 12: ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University](https://reader036.vdocuments.net/reader036/viewer/2022072006/56649f535503460f94c77836/html5/thumbnails/12.jpg)
ASIACCS 2007 12
Performance
• Tag’s storage cost: <128 bits
• Tag’s computation cost: 1 hash + 1 XOR for read; 1 hash + 2 XOR for write
• Communication cost among Partners: the list of tag identifications, (not the whole database)
• Computation cost for a Partner: – only hash, XOR and comparison are needed;
– A major portion can be pre-computed;
– suitable for batch processes;
– Practical, since the bottleneck is the tag-reader communication delay;
![Page 13: ASIACCS 2007 Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University](https://reader036.vdocuments.net/reader036/viewer/2022072006/56649f535503460f94c77836/html5/thumbnails/13.jpg)
ASIACCS 2007 13