Providing Security and Authentication in RFID Devices using IBE based HECC

(1)

International Journal of Emerging Technology and Advanced Engineering

Website: www.ijetae.com (ISSN 2250-2459,ISO 9001:2008 Certified Journal, Volume 4, Issue 3, March 2014)

Providing Security and Authentication in RFID Devices using

IBE based HECC

Pooja Kose

1

, Niresh Sharma

2

1,2_{Student, RKDF Institute Of Science & Technology Bhopal, India}

Abstract- RFID are the devices which contain tag and reader which communicated wireless through radio waves. Since the data transmission in RFID devices are through radio waves hence security of data is important that can’t be accessed by the external users. Although there are various techniques implemented for the security of data but there is no such technique implemented which provides security from various attacks such as DDOS, replay, mutual authentication also provides less storage and time computation. Here in this paper an efficient identity based encryption based on Hyper Elliptic Curve Cryptography is implemented which provides security from various attacks.

Index Terms—RFID, EPC, DOS, DDOS , Tag, Reader, HECC, IBE.

I.INTRODUCTION

Radio Frequency Identification (RFID) system is the latest technology that plays an important role for object identification. RFID has many applications in access control, manufacturing automation, maintenance, supply chain management, parking garage management, automatic payment, tracking, and inventory control. RFID offer several advantages over barcodes like in RFID system data are read automatically, it does not required the line of sight. The reader can read the contents of the tags by broadcasting RF signals via antennas. The readers receive the tag‟s data and then passed to a host computer, which uses middleware (API). The Middleware offers processing modules or services to reduce load and network traffic within the back-end systems.

RFID

Radio Frequency Identification (RFID) is a rapidly growing technology enabling automatic objects identification. Each object is labeled with a tiny integrated circuit equipped with a radio antenna, called Tag, whose information content can be received by another device, called Reader, without physical contact, at a distance of several meters.

RFID Tags can perform computations. They are usually divided in passive Tags and active Tags. The first ones do not have a power source. They receive energy for computation from the Readers and can perform very simple operations. The second ones are powered by small batteries and are capable of performing more significant and computational heavy operations.

Important concerns associated with the RFID technology are security and privacy of the Tag content. Indeed, it is pretty much easy for anybody with technical skills to set up a device for reading the Tag content. Nevertheless, to preserve user privacy, only authorized RFID Readers should be enabled to access the Tag content. At the same time, legal RFID Readers would like to be sure that the Tags they are reading are authentic and have not been counterfeit. A (mutual) authentication protocol, which grants access to the Tag content only to a legitimate Reader and, at the same time, guarantees the Reader of the identity of the Tag, is therefore required [1].

RFID, having unique features such as many to many communications, wireless data transmissions and computing nature, draws attention from organizations like Wal-Mart, Proctor & Gamble Co., Nokia, IBM, and Infosys for investing in it. RFID systems components the major components of RFID system are the following: RFID Reader, RFID Tags and Antenna. An RFID reader is a device that is used to interrogate RFID tags. The reader has an antenna that emits radio waves, the tag responds by sending back its data.

II.RELATED WORK

In 2011, Lejla Batina, Yong Ki Lee, Stefaan Seys, Dave Singelee, Ingrid Verbauwhede Extending proposes an ECC-based RFID authentication protocols to privacy preserving multi-party grouping proofs .

In 2011 Tuan Anh Pham,Mohammad S. Hasan and Hongnian YuIn proposes the mutual authentication protocol based on the challenge response model. The Advanced Encryption Standard (AES) is used as a cryptographic primitive to secure the data it is a mutual authentication protocol which utilizes AES-128 as a primitive to encrypt the messages transmitted on the channel. With that cipher block, the protocol can protect against many types of attacks such as information leakage, tag tracking etc.[2]

(2)

In 2012 Tian-Fu Lee, Hsin-Chang Chen, Pei-Wen Sun introduced an efficient and secure RFID authentication protocol based on quadratic residues for multiple services. This protocol can solves the problems of user privacy and untraceability and keeps an invariable response time in the backend server and also suppports low computational cost in Tags.[4].

In 2012 Matthew Butler, Peter J. Hawrylak and John Hale proposed Dynamic Risk Assessment Access Control (DRAAC) protocol for intrusion detection, it reduces access privileges in RFID access control system. by using This method enables one to secure the most sensitive areas of a facility while minimizing the extent to which legitimate users are restricted. [5]

In 2012 Jeremy Gummeson, Pengyu Zhang, Deepak Ganesan proposed RFID-scale sensors for distributed sensing. RFID-scale uses harvested energy. It sense and store data when not in contact with a reader. It use backscatter com-munication to upload data when a reader is in rang.[6]

In 2012 Kai Bu, Xuan Liu, Bin Xiao [7] suggested a Fast Cloned-Tag Identification Protocols for Large-Scale RFID Systems. It proposes broadcast and collisions techniques to identify cloned tags. This approach reduces the efforts from complex cryptography techniques and transmission of tag IDs which consumes much time.

In 2012 Ye Li and Fumio Teraoka [8] proposed mutual authentication protocol which is based on hash-function based for low-cost RFID-tags. It needs very limited calculation resources. The protocol prevents eavesdropping tag‟s ID by randomly-picked nicknames which shared between the RFID-tag and the back-end systems are transmitted in the air. This protocol consumes less time than Gossamer protocol for mutual authentication.

In 2012 Florian Kerschbaum and Leonardo Weiss Ferreira Chaves presented an encryption scheme for enforcing access control in a Discovery Service allows the data owner to enforce access control on an item-level by managing the corresponding keys. Data remains confidential even against the provider of the Discovery Service. We present three ways of querying data and evaluate them with databases containing up to 50 million tuples.[9]

In 2012 A. Anny Leema1, Dr.Hemalatha.M [10] proposed a technique to improve the quality of data. This approach is a hybrid approach of middleware and deferred because it is not always possible to remove all anomalies and redundancies in middleware. It performs the cleaning in an effective manner.

III.PROPOSED METHODOLOGY

HECC

Where h(x) and f(x) are polynomials with coefficients in Fq with deg h(x) <=g and deg f(x) =2g+1. An additional requirement is that C is not a singular curve. If h(x) =0 and p>2 this amount to the requirement that f(x) is a square free polynomial. In general, the condition is that there are no x and y in the algebraic closure of Fq that satisfy the equation 1.

Hyperelliptic curve cryptosystems were first suggested for cryptographic use in 1988 and it took almost 10 years until they were implemented. The first two contributions listed implemented Cantor‟s algorithm with polynomial arithmetic, whereas the others used explicit formulae. Aware of several practical advantages, the research community recently implemented HECC on embedded processors using characteristic two fields. We only present a brief introduction to the theory of hyperelliptic curves and refer the reader to for more details.

Let F be a finite field and be the algebraic closure of F. A hyperelliptic curve C of genus g 1 over the field F is defined as the following equation:

The solutions (x,y) are points which satisfy the equation C and the partial derivative equations 2y +h(x) = 0 and h‟(x)y –f‟(x) =0

The Jacobian of C over F, denoted by JC(F), is a divisor that is defined over F if is equal to D for all automorphisms of over F [28]. Each element of the Jacobian can be represented uniquely by a reduced divisor [29], [30]. This divisor can be represented as a pair of polynomials u(x) and v(x), where the coefficients of u(x) and v(x) are elements of F [31].

We derive the following IBE-Dynamic primitives:  Setup

 Keygen  Encrypt and  Decrypt

For ease of explanation, we assume that all primitives are executed by the Tag. The actual protocols involving the Tag, CA and Reader are explained in the next section of protocol.

The intuition behind is to let a Tag independently generate a public key on-the-fly using an arbitrary string. For example, a Tag collecting readings on 22/01/2009 at 03:00 PM will first create a string str = (T1|22/01/2009|15). Using this string, the Tag can derive a public key, Ystr to encrypt the data and send it to the storage site. There is no corresponding secret key created. In fact, the Tag cannot create the secret key needed to decrypt the message.

(3)

This simplifies the key management, since the Tag can generate the secret key on-demand without keeping track of which keys were used to encrypt which data. The only requirement is that the string used to describe the event is the same.

Setup:

We select an Hyper elliptic curve E over GF(p), where p is a big prime number. We also denote P as the base point of E and q as the order of P, where q is also a big prime. A set of n secret keys x1, · · · , xn ∈ GF(q) is chosen to generate the master secret key,

X = (x1, · · · , xn).

The n public keys are then generated to make up the master public key,

Y = (y1, · · · , yn)

Where yi = xi · P, 1 ≤ i < n. Finally, a collision resistant one-way hash function h: {0, 1} → {0, 1}n is chosen. The parameters (y, P, p, q, h(.))are released as the system public parameters.

Keygen:

To derive a secret key Xstr corresponding to a public key generated by a string str, the Tag executes Keygen(str) = Xstr,

Where hi(str) is the ith bit of h(str).

Encrypt:

To encrypt a message m using a public key derived from string str, the Tag does Encrypt(m, str) to determine the ciphertext c. Alg. 3 shows the process. Note that Alg. 3 lines 1 and 2 need only be run once to derive the public key Ystr.

Algorithm 3. Encrypt(m,public_key)

1. Determine the String str using agreed upon pattern

2. Generate public key Ystr.

3. Execute Encryption(m, Ystr) to obtain c.

Decrypt

The reader executes Decrypt(c, xstr) to obtain the original message m which was encrypted using a secret key derived from str. The process is shown in Alg. 4.

Algorithm 4. Decrypt(U,c,r) where r is a private key

Reader executes Decrypt(U,c,r) to obtain m

The algorithm 5. Is then used for the encryption of the data using the known flag string and the private key for each public key and send this tuple to the storage site.

Algorithm 5. Tag encrypting data

1. Derive the string str, that is also using as flag

string. This string is a known bit string.

2. Calculate c =Encrypt (str, d)

3. Send (Flag, c) to storage site.

The reader when want the record of the Tag will have to authenticate first to the trusted third party and after verifying the authenticity of the reader, the reader can query for the particular Tag record using the identity of the known flag string stored at the storage site.

Algorithm 6. Reader querying for data

1. Reader send certificate (reader-Id) to CA and PKG (KMS) and Tag-Id with known str (flag string) for Authentication and key generation. 2. CA will check the authorization and Access

Permission of reader based on policy 3. If “Authenticated” then

I. PKG runs Keygen(str) to derive Xstr II. CA sends the Private key (Xstr) to reader

4. Reader sends Tag-id and flag string to Storage Site. And then

I. For every (ci, flagi) i ∈ K for Tag do II. Storage site matches flagi string with

flag string given by reader III. If flag string = = flagi then

IV. Storage site sends corresponding encrypted ci to reader

V. reader execute the Decrypt (ci , Xstr) VI. reader accept the Tag data

VII. End if VIII. End For

IV.RESULT ANALYSIS

(4)

[image:4.595.314.566.136.366.2]

Table 1.

Comparative analysis of Base & Proposed Work

Algorithms

ECC

IBE-HECC

Key Length

256 16-256

Encryption

Time

34 microsec 10.345

microsec

Decryption

Time

41 microsec 12.6583 microsec

Storage Cost

15.42,35,43 bits 15,31 bits

Timing Analysis Of Proposed Work

Ts Server time for HECC algorithm

Tr Reader time for HECC algorithm

Tt Tag Time for HECC algorithm

Tc Time to transfer message from server to reader.

Tr/t Time to transfer message from reader to tag.

Tt/r Time to transfer message from tag to reader.

Total time to perform an authentication phase using HECC is:

Ttot= Tserver to tag + Ttag to server

Ttot=(Ts+Tc+Tr+Tr/t+Tt) + (Tt+Tt/r+Tr+Tc+Ts)

The time of the HECC is based on the key sizes, the time will vary for each key length size, here we assume „TE‟ be the time to encrypt in HECC and „TD‟ is the time to decrypt.

In tag-to-database direction, the value Tr is 0 because the reader just transfers the tag‟s response to the database without performing any operation.

Hence,

T = 2 x (Ts + Tc + Tt) + Tr + (Tpu + T1 + T2 + T3 + T4) Tr = 2 x 10.345 =20.69 μs

Tr=2*12.6583= 25.3166 μs

The figure shown below is the storage cost required when performing encryption and decryption operation on base and proposed work. The proposed technique implemented here provides less storage cost.

Figure 1. Analysis of the Storage Cost

V.CONCLUSION

The IBE based HECC provides security from various attacks in RFID devices. Also the proposed methodology implemented here is efficient in terms of storage cost and computational time. The proposed methodology implemented here is based on key generation using HECC and encryption is performed using identity of the tags. The result analysis shows the performance of the proposed technique.

REFERENCES

[1] Tuan Anh Pham, Mohammad S. Hasan and Hongnian Yu, “A RFID mutual authentication protocol based on AES algorithm”, 2012 UKACC International Conference on Control, pp. 997 – 1002, Sept. 2012.

[2] Liangmin WANG, Xiaoluo YI, Chao LV, Yuanbo GUO, “Security Improvement in Authentication Protocol for Gen-2 Based RFID System”, 2011 Journal of Convergence Information Technology, Volume 6, Number 1, pp. 157 to 169. January 2011, [3] Mike Burmester and Jorge Munilla, “Lightweight RFID

(5)

[4] Tian-Fu Lee, Hsin-Chang Chen, Pei-Wen Sun, “efficient and secure RFID authentication protocol based on quadratic residues for multiple services”, 2010 Computer Symposium (ICS) International conference , pp. 279 – 283, Dec. 2010.

[5] Bongno Yoon, Man Young Sung, and Sujin Yeon, Hyun S, “HB-MP++ Protocol: An Ultra Light-weight Authentication Protocol for RFID System” , 2009 IEEE International Conference on RFID, pp. 186 – 191, April 2009.

[6] Ramzi Bassil Wissam El-Beaino Ayman Kayssi Ali Chehab, “A PUF-Based Ultra-Lightweight Mutual-Authentication RFID Protocol‟‟ , 2011 Internet Technology and Secured Transactions (ICITST), International Conference for Computing & Processing (Hardware/Software), pp. 495 – 499, Dec. 2011.

[7] Matthew Butler, Peter J. Hawrylak and John Hale, “Graceful Privilege Reduction in RFID Security” , 2011 CSIIRW Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research, Article No. 47, pp.47+12, Oct 2012.

[8] Jeremy Gummeson, Pengyu Zhang, Deepak Ganesan, “Flit: A Bulk Transmission Protocol for RFID-Scale Sensors” 2012, 10th international conference on Mobile systems, applications, and services, pp.71-84. Sep 2012.

[9] Imran Erguler and Emin Anarim “Security flaws in a recent RFID delegation protocol”, 2012 Journal Personal and Ubiquitous Computing, issn no. ISSN: 4909 (print version) ISSN: 1617-4917 (electronic version), Volume 16 Issue 3, pp.337-349, March 2012.

[10] Kai Bu, Xuan Liu, Bin Xiao “Fast Cloned-Tag Identification Protocols for Large-Scale RFID Systems”, 2012 IEEE 20th International Workshop on Quality of Service (IWQoS), pp. 1 – 4, June 2012.

[11] Yonghao Gu, Weiming Wu “A Light-Weight Mutual Authentication Protocol For ISO 18000-6B Standard RFID System” 2009 IEEE International Conference on Communications Technology and Applications (ICCTA '09), pp. 21 – 25 , Oct. 2009.

[12] Paolo D‟Arco and Alfredo De Santis, “On Ultralightweight RFID Authentication Protocols” 2011 IEEE Transactions on Dependable and Secure Computing, volume. 8, Issue. 4, pp. 548 – 563, Aug. 2011.

[13] Ye Li and Fumio Teraoka, “Privacy Protection for Low-Cost RFID Tags in IoT Systems”, 2012 7th International Conference on Future Internet Technologies (CFI '12), pp. 60-65, 2012. [14] Florian Kerschbaum and Leonardo Weiss Ferreira Chaves ,

“Encryption-Enforced Access Control for an RFID Discovery Service” 2012 17th ACM symposium on Access Control Models and Technologies (SACMAT '12), pp.127-130, 2012.

[15] A.Anny Leema, Dr.Hemalatha.M “A New Deferred cleansing technique for Effective Warehousing of RFID”, (CCSEIT‟12) Second International Conference on Computational Science, Engineering and Information Technology, pp. 626-631, 2012.