Lightweight Props on the Weak Security of EPC Class-1 Generation-2 Standard

Article English OPEN
Peris-Lopez, Pedro ; Li, Tieyan ; Hernandez-Castro, Julio C. (2010)

In 2006 EPCglobal and the International Organization for Standards (ISO) ratified the EPC Class-1 Generation-2 (Gen-2) [1] and the ISO 18000-6C standards [2], respectively. These efforts represented major advancements in the direction of universal standardization for low-cost RFID tags. However, a cause for concern is that security issues do not seem to be properly addressed. In this paper, we propose a new lightweight RFID tag-reader mutual authentication scheme for use under the EPCglobal framework. The scheme is based on previous work by Konidala and Kim [3]. We attempt to mitigate the weaknesses observed in the original scheme and, at the same time, consider other possible adversarial threats as well as constraints on low-cost RFID tags requirements.
  • References (38)
    38 references, page 1 of 4

    [1] EPCglobal, EPC Radio-Frequency Identity Protocols Class-1 Generation-2 UHF RFID Protocol for Communications at 860MHz-960MHz Version 1.2.0, 2008.

    [2] International Organization for Standards (ISO), ISO/IEC 18000-6: Radio frequency identification for item management - Part 6: Parameters for air interface communications at 860 MHz to 960 MHz.

    [3] D. M. Konidala and K. Kim, “RFID tag-reader mutual authentication scheme utilizing tag's access password”, AutoID Labs, White Paper WP-HARDWARE-033, 2007.

    [4] D. N. Duc, J. Park, H. Lee, K. Kim, “Enhancing security of EPCglobal Gen-2 RFID tag against traceability and cloning”, in Proc. of the Symposium on Cryptography and Information Security, 2006.

    [5] H. Y. Chien, C. H. Chen, “Mutual authentication protocol for RFID conforming to EPC Class 1 Gen 2 standards”, in Computer Standards & Interfaces, vol. 29(2), pp. 254 - 259, 2007.

    [6] A. Juels, “RFID security and privacy: a sesearch survey”, in IEEE Journal on Selected Areas in Communications, vol. 24(2), pp. 381-394, Feb. 2006.

    [7] A. Mitrokotsa, M. R. Rieback and A. S. Tanenbaum, “Classification of RFID Attacks”, in Proceedings of the 2nd International Workshop on RFID Technology, 2008.

    [8] P. Peris-Lopez, J. C. Hernandez-Castro, J. M. EstevezTapiador, and A. Ribagorda. “RFID Specification Revisited”. Book Chapter in The Internet of Things: From RFID to the Next-Generation Pervasive Networked Systems, 6:pp.127156. Auerbach Publications, Taylor & Francis Group, 2008.

    [9] T. L. Lim, and T. Li, “Addressing the weakness in a lightweight RFID tag-reader mutual authentication scheme”, in Proc. of IEEE Globecom, Nov. 2007.

    [10] D. Bailey and A. Juels. “Shoehorning security into the EPC standard”. In International Conference on Security in Communication Networks - SCN'06, volume 4116 of LNCS, pp. 303-320. Springer-Verlag, September 2006.

  • Similar Research Results (1)
  • Metrics
    views in OpenAIRE
    views in local repository
    downloads in local repository

    The information is available from the following content providers:

    From Number Of Views Number Of Downloads
    Kent Academic Repository - IRUS-UK 0 20
Share - Bookmark