1 / 13

Protecting RFID Communications in Supply Chains

Protecting RFID Communications in Supply Chains. Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University. Background. RFID. Each tag has a globally unique identification number . RFID tag has very weak computation power. RFID tag has very limited storage.

leala
Télécharger la présentation

Protecting RFID Communications in Supply Chains

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Protecting RFID Communications in Supply Chains Yingjiu Li & Xuhua Ding School of Information Systems Singapore Management University

  2. Background • RFID • Each tag has a globally unique identification number. • RFID tag has very weak computation power. • RFID tag has very limited storage.

  3. Supply Chain Management • Supply Chain • A coordinated system of organizations moving a product from supplier to customer. Partner P4 Partner P2 Partner P3 Partner P1

  4. Security Requirements • Authoritative Access • For a shipment to partner Pi, only Pi’s reader can access. • Authenticity • Only legitimate RIFD tags can be accepted • Unlinkability • Infeasible to determine whether two responses are from the same tag. • Supply Chain Visibility • Manager’s ability to track and identify the flow.

  5. System Model • Consider a supply chain of N partners • P1, P2,…PN • Each has a pair of public/private keys. • Material flow: P1 P2  P3…  PN • No assumption on global knowledge of the entire supply chain. • Assumption: • Attackers are unable to access the stored secrets by physically compromising RFID readers or tags. • Attackers are able to eavesdrop the interaction between RFID tags and legitimate readers • Attackers are able to interrogate RFID tags arbitrary times.

  6. Tag Initialization Database initialization ID Secret mask Response … c1 C1k2 C2k2 Cnk2 cn The Protocol A high level view : P1 initializes all RFID tags with a secret key from its next Partner. Partner Pi downloads the list of ids from Pi-1, reads all the tags, updates the tags for Pi+1. P1 tags C1 C2 Cn k2: the secret key chosen by P2

  7. r t=H(r) ? t RFID Read Protocol (by Partner Pi) Pi ID Secret mask Response t c1 h(rc1ki) c2 h(rc2ki) cx r h(rcxki)   cn =cxki a a database Di ’ RFID tags

  8. ID Secret mask Response c1 r1  c2  r2 a=kiki+1 b=H(acki) cx rx h(rcxki)  ? b H(a  ) cn rn  database Di RFID Write Protocol (by Partner Pi) Pi  =cxki =a= cxki+1 RFID tag

  9. Read Protocol The readers are NOT authenticated. For a tag prepared for Pi, only Pi and Pi-1’s reader can extract its ID. Only legitimate tags are processed. Write Protocol For a tag prepared for Pi, only commands from Pi and Pi-1 will be accepted. Reveal no information to eavesdroppers. Security

  10. a a  Balancing Security and Performance Basic Idea: Batch process with a shared nounce, instead of a fresh nounce per tag. Pi r3 r1 r2 a a a  a 

  11. processed by Pi  ’  Unlinkability & Supply Chain Visibility Supply Chain Visibility Unlinkability • The ability to identify all tags and the present partner • by introducing an trusted authority and key escrow Are they the same tag?? A weaker notion than universal unlinkability.

  12. Performance • Tag’s storage cost: <128 bits • Tag’s computation cost: 1 hash + 1 XOR for read; 1 hash + 2 XOR for write • Communication cost among Partners: the list of tag identifications, (not the whole database) • Computation cost for a Partner: • only hash, XOR and comparison are needed; • A major portion can be pre-computed; • suitable for batch processes; • Practical, since the bottleneck is the tag-reader communication delay;

More Related