Providing Stronger Authentication at a LowCost to RFID Tags Operating under the EPCglobal Framework

Transcription

1 2008 IEEE/IFIP Internatonal Conference on Embedded and Ubqutous Computng Provdng Stronger Authentcaton at a LowCost to RFID Tags Operatng under the EPCglobal Framework Pedro Pers-Lopez, ppers@nf.uc3m.es Tong-Lee Lm tllm@2r.a-star.edu.sg Teyan L lteyan@2r.a-star.edu.sg Abstract In 2006, EPCglobal and the Internatonal Organzaton for Standards (ISO) ratfed the EPC Class-1 Generaton-2 (Gen-2) [1] standard and the ISO standard [2] respectvely. These efforts represented major advancements n the drecton of unversal standardzaton for low-cost RFID tags. However, a cause for concern s that securty ssues do not seem to be properly addressed n these standards. In ths paper, we propose a new lghtweght RFID tag-reader mutual authentcaton scheme for use under the EPCglobal framework. The scheme s based on prevous work by Kondala and Km [3]. We attempt to mtgate the weaknesses observed n the orgnal scheme, and at the same tme, consder other possble adversaral threats, as well as constrants on low-cost RFID tags requrements. 1. Introducton In ths paper, we focus on desgnng a secure authentcaton scheme for use under the EPCglobal framework. A number of works, such as [3], [4] and [5], have proposed protocols to enhance the securty of the EPC Class-1 Gen-2 standard. Unfortunately, due to weaknesses that have been exposed aganst them, these protocols fall short of meetng the desred securty objectves. From these bad experences, t seems lke enforcng authentcaton under the EPC Class-1 Gen-2 standard specfcatons s an almost mpossble task and any proposed scheme based on the standard looks doomed to fal. In fact, the proposed nfrastructure seems to be too weak to support any real securty. However, we contend that by makng some small enhancements and wthout the need to revamp the entre set of specfcatons, t s stll possble to desgn a reasonably secure authentcaton scheme for use on low-cost RFID tags. A tag-reader mutual authentcaton scheme that uses a specally desgned M xbts functon s presented n ths work. The underlyng protocol s smlar to that proposed by Kondala and Km n [3] (we shall refer to ther scheme as the tag-reader mutual authentcaton or TRMA scheme), wth ts observed weaknesses addressed by ntroducng the M xbts functon. Under some rgorous analyss, we show that MxBts ncreases the securty of the scheme by provdng stronger resstance aganst attacks. Furthermore, we show that MxBts requres only a small amount of crcut area, memory sze, and power consumpton and can be feasbly mplemented on low-cost RFID tags. 2. The TRMA Schemes In ths secton, we brefly descrbe the orgnal TRMA scheme, as well as the extended TRMA scheme by Kondala et al., and descrbe the weaknesses observed n them The Orgnal TRMA Scheme In [3], Kondala and Km presented a lghtweght tagreader mutual authentcaton (TRMA) scheme that uses some of the features n a EPC Class-1 Gen-2 tag, as well as a specally desgned pad generaton functon P adgen. The P adgen functon s used to produce a cover-codng pad to mask the tag s access password before transmsson. The functon s performed on the tag s 32-bt access password P W D, whch s broken up nto 2 parts P W D M (comprsng the 16 most sgnfcant bts) and P W D L (comprsng the 16 least sgnfcant bts). P adgen takes two 16- bt random numbers R T ag (generated by the tag) and R Rdr (generated by the reader) as ts nputs. Usng each of the (or R Rdr ) to ndcate a bt address wthn P W D M or P W D L, P adgen then selects those bts from P W D M and P W D L to form the 16-bt output pad. An example of a pad computaton under P adgen s shown n Fg. 1. Under the scheme, each cover-codng pad P AD (for = 1, 2, 3, 4) can be expressed as four hexadecmal dgts n R T ag P AD = P adgen(p W D, R T ag, R Rdr ) (1) /08 $ IEEE DOI /EUC

2 Fgure 1. Computng P adgen(p W D, 0x1234, 0x78CD) on P W D = 0x6548 E8CA. (0x6548 = and 0xE8CA = ) and the authentcaton responses (otherwse known as the cover-coded passwords n [3] nad [7]) can be expressed as CCP 1 = P W D M P AD 1 (2) CCP 2 = P W D L P AD 2 (3) CCP 3 = P W D M P AD 3 (4) CCP 4 = P W D L P AD 4 (5) Fg. 2 depcts a sngle run of the authentcaton protocol. The pseudo-random number nputs to the P adgen functon (R T ag, R Rdr for = 1, 2, 3, 4) are known to an eavesdropper. Ths allows the eavesdropper to dentfy whch bts of the access password are selected to form the output pad. Each bt n every authentcaton response (CCP for = 1, 2, 3, 4) s obtaned by xorng bts n the access password, where the locaton of the bts are known to an eavesdropper. For example: (we use [A] b to denote the value of bt b n A and A x to denote the value of hexadecmal dgt x n A) [CCP 1 ] 1 = [P W D M ] 1 [P W D M ] R T ag 1 1 [CCP 1 ] 4 = [P W D M ] 4 [P W D L ] R T ag 1 0 Snce each CCP s sent n clear, ths allows the eavesdropper to correlate the bts n the access password. Fgure 2. The authentcaton protocol under the TRMA scheme. In [6], Lm and L uncovered two effectve attacks aganst the TRMA scheme, whch arses due to the followng weaknesses: Each hexadecmal dgt n R T ag and R Rdr (where = 1, 2, 3, 4) s always mapped to the same bts n CCP for a gven access password. Hence, the adversary can collect a dctonary of vald authentcaton responses correspondng to each eavesdropped value for R T ag and R Rdr. In the frst attack, Lm and L showed how a passve attacker can perform correlatons over the eavesdropped nformaton to recover the access password from only a sngle eavesdropped authentcaton sesson. In the second attack, they showed how a passve attacker can record the random challenges and ther correspondng responses eavesdropped from multple authentcaton sessons to form a dctonary The Extended TRMA Scheme In [7], Kondala, Km and Km presented an extended verson of TRMA, whch uses both the 32-bt access password and the 32-bt kll password. The extended TRMA 160

3 scheme uses two rounds of P adgen (nstead of a sngle round n the orgnal TRMA scheme), one nested wthn the other, to compute each cover-codng pad. The nner round performs P adgen over the access password, whle the outer round performs P adgen over the kll password. Instead of (1), the resultng pad would then be expressed as P AD = P adgen(kw D, P adgen(p W D, R T ag, R Rdr ), R T ag ) (6) where KW D denotes the kll password. The extended TRMA scheme offers greater resstance aganst Lm and L s attacks. It s much more dffcult for an adversary to recover the access password under the correlaton attack, or to forge a successful authentcaton under the dctonary attack. However, Pers-Lopez et al. showed how the access password can be dsclosed under the assumpton of an actve attacker [8]. In addton, Lm et al. exposed that the correlaton attack can be used aganst ths scheme n a dfferent way to recover the kll password after eavesdroppng over multple authentcaton sessons [9]. 3. M 3 Authentcaton Protocol (M 3 AP) In ths secton, we ntroduce a new lghtweght authentcaton scheme, known as M 3 AP, to strengthen the securty of the EPC Class-1 Gen-2 standard. We desgn M 3 AP by extendng Kondala and Km s scheme [3], and make use of a MxBts functon to mtgate the securty weaknesses found n the orgnal scheme Objectves Wth M 3 AP, we emphasze that the man objectve s to desgn a lghtweght authentcaton protocol that provdes mutual authentcaton between an RFID tag and an RFID reader under the EPCglobal framework, and prvacy s not a man focus. Hence, as n the authentcaton protocol specfed under the EPC Class-1 Gen-2 standard and the prevously proposed TRMA protocols, we do not make provsons to enforce prvacy by protectng the unque EPC but nstead, allow the EPC of RFID tags to be transmtted n clear. Inevtably, ths poses a problem to applcaton envronments whereby the prvacy of tags and/or tag users s essental. In such cases, t would be pertnent to nclude measures for prvacy protecton. Whle our current scheme does not enforce prvacy, we contend that t would be possble to extend the scheme to provde the necessary protecton although ths would requre addtonal consderatons The Protocol In ths secton, we present an mproved verson of Kondala and Km s TRMA scheme that seeks to mtgate ts securty weaknesses. The proposed protocol was desgned by takng nto account tag restrctons (computatonal, storage and crcutry) and wth mnmal modfcatons to the general framework of the EPC Class-1 Gen-2 specfcaton. The protocol s descrbed as follows: Assumptons: We assume that the tag s sngulated usng a probablstc (.e. Aloha-based protocol) or determnstc (.e. bnary tree-walkng protocol) collson avodance protocol. At the end of each sngulaton, a tag s selected to communcate wth the reader. (1) T ag Reader : EP C, R T ag 1, R T ag 2, R T ag 3, R T ag 4 The tag backscatters ts EPC number. Then, the reader sends the command Req RN to the tag over four tmes. Each tme, the tag backscatters a new random number (R T ag for = 1, 2, 3, 4) and stores t nto ts memory. These are used as random challenges to the reader. Upon recevng the EPC, the reader uses t to perform an ndex search to retreve the access password P W D assocated wth the tag from the backend database. Once P W D s obtaned, the reader wll then go on to compute the authentcaton responses. (2) Reader T ag : CCP 1, CCP 2, R1 Rdr, R2 Rdr, R3 Rdr, R4 Rdr The reader transmts ts computed responses, as well as a set of random numbers as authentcaton challenges to the tag. To obtan the responses CCP 1 and CCP 2, t frst computes an ntermedate 32-bt vector P W D from P W D and the receved R T ag s usng our proposed MxBts functon: P W D = MxBts(P W D (R T ag 1 R T ag 2 ), R T ag 3 R T ag 4 ) (7) The reader then computes the authentcaton responses CCP 1 and CCP 2 as follows: CCP 1 = P W D M P adgen( P W D, R T ag 1 P W D L, R T ag 1 P W D M ) CCP 2 = P W D L P adgen( P W D, R T ag 2 P W D L, R T ag 2 P W D M ) Instead of applyng P adgen to the statc access password, we apply P adgen on a vector computed from the access password. Ths vector changes as the random challenges vary. Furthermore, both CCP 1 and CCP 2 depend only on the random challenges generated by the tag. In the orgnal and extended TRMA 161

4 schemes, CCP 1 and CCP 2 would partally depend on pseudo-random numbers generated by the reader, whch presents an avenue for a malcous reader to explot and reduces the relablty of the responses computed. After computng the responses, the reader then generates four new random numbers (R Rdr for = 1, 2, 3, 4) and present them as challenges to the tag. The reader also stores the random challenges, whch wll be used to verfy the tag responses. 1. If CCP 3 = CCP 3 and CCP 4 = CCP 4, then verfcaton s successful. The reader consders the tag as an authentc (or genune) tag. 2. Otherwse, verfcaton fals. The reader wll emt an alarm to the back-end database to ndcate ths event (perhaps to nform the database that a fake tag or a counterfet product s detected). Fg. 3 depcts a sngle run of the authentcaton protocol. (3) T ag : Verfy CCP 1 and CCP 2. The tag receves CCP 1 and CCP 2. The access password and the random numbers used n the computaton of CCP 1 and CCP 2 are already stored n ts memory. Therefore, t has the necessary nformaton to compute CCP 1 and CCP 2 n the same way that the reader computed CCP 1 and CCP 2. The tag then compares these values wth the values sent by the reader: 1. If CCP 1 = CCP 1 and CCP 2 = CCP 2, then verfcaton s successful. The tag consders the reader to be an authorzed entty. 2. Otherwse, verfcaton fals. The tag ends ts communcaton wth the reader and returns to arbtrate state. (4) T ag Reader : CCP 3, CCP 4 To authentcate tself, the tag needs to reply to the reader wth CCP 3 and CCP 4, whch are computed by takng steps smlar to those taken by the reader. The tag frst computes an ntermedate 32-bt vector from ts access password: P W D = MxBts(P W D (R1 Rdr R2 Rdr ), R3 Rdr R4 Rdr ) (8) Thereafter, the tag computes CCP 3 and CCP 4 as follows (note that P adgen s now computed over the new ntermedate vector P W D ): CCP 3 = P W D M P adgen(p W D, R1 Rdr P W D L, R1 Rdr P W D M ) CCP 4 = P W D L P adgen(p W D, R2 Rdr P W D L, R2 Rdr P W D M ) The tag then sends the two authentcaton responses (CCP 3, CCP 4 ) to the reader. (5) Reader : Verfy CCP 3 and CCP 4. The reader receves the responses CCP 3 and CCP 4 from the tag, computes CCP 3 and CCP 4 based on the nformaton known to t, and then compares the receved values wth the computed values: Fgure 3. The authentcaton protocol under the M 3 AP protocol. 4. The MxBts Functon RFID tags (e.g. EPCGlobal Class I or Class II tags) are devces wth severe lmtatons (n terms of computatonal, storage and crcutry requrements). Due to these hard restrctons, the use of standard cryptographc prmtves le beyond ther capabltes. Hence, the desgn of a secure lghtweght MxBts functon for our M 3 AP protocol becomes a thought-provokng challenge. We contend that the basc requrements of ths functon should be as follows: 1. Only effcent operatons that are easly mplemented n hardware should be used. For example, rotatons may be ncluded, but multplcatons should be excluded due to ts hgh cost. 2. A hghly non-lnear functon that provdes a neglgble relatonshp between the nputs and the outputs, should be used. 162

5 3. Temporal requrements wll lmt the number of operatons a tag may compute. The read speed of a tag conformng to Gen-2 s about twce that of Gen-1, wth average read rates of around 450 tags per second. We obtaned possble canddates for M xbts through evolvng compostons of extremely lght operands by means of genetc programmng. (We refer the nterested reader to [11] where a detaled descrpton of the methodology used to obtan our functon s explaned.) Several experments were then conducted on the canddates to pck a hghly non-lnear functon. At the end of the experments, the followng functon was selected for MxBts: Z = MxBts(X,Y) Z = X; for(=0; <32; ++) { Z = (Z<<1) + ((Z+Y)>>1);} where addton s carred out modulo 2 32, << denotes btwse left shft and >> denotes btwse rght shft. 5. Analyss of the MxBts Functon Lnear cryptanalyss, commonly used for block cpher cryptanalyss, was employed to study how the output of ths functon can be approxmated by a lnear functon. In order to obtan a lnear bas, the followng experment was carred out: two 32-bt masks (A, B) were randomly pcked, and two consecutve outputs (Z, Z +1 ) were generated from them. Wth these two masks, the equalty A Z = B Z +1 s evaluated ( denotes scalar product, wth a mod 2 operaton carred out after the addton). Ths process s repeated 2 n tmes, from whch we obtan the number of successes (m). The bas s then defned as: BIAS = 1 2 log2( m 2 n 1 2 ) (9) Several pars of dfferent masks A and B, were randomly pcked and tested. For each mask par, bt outputs were generated, and the expresson A Z = B Z +1 was evaluated over them. To obtan these outputs, the X and Y varables were ntalzed to random values n the begnnng and as the experment runs, the X varable remans unchanged (here, we attempt to consder a dsadvantageous scenaro) whle the Y varable s set to a new random value each tme a new output s computed. From the above experment we can deduce that the bas of the MxBts functon s bounded by: BIAS = (10) Table 1. Seral Correlaton Test Z = MxBts(X, Y ) Experment Bt Byte 4-Byte Z Z Z Z Z Table 2. Bt-Byte Predcton Tests for Randomness (Adapted from [12]) Z = MxBts(X, Y ) Test Z Z Z +1 Z Z +1 Bt Predcton Test A Bt Predcton Test B Bt Predcton Test C Bt Predcton Test D Bt Predcton Test E Byte Predcton Test A Byte Predcton Test B Byte Predcton Test C Byte Predcton Test D Byte Repetton Test The seral correlaton coeffcents (at bt, byte and 4-byte level) were also studed to measure the extent to whch a new ntermedate output Z depended upon the prevous value Z 1. To obtan a szeable test sample, 2 24 Z outputs were computed. As n the above experment, the X and Y varables are randomly ntalzed at the begnnng, and the Y varable s set to a new random value each tme a new output s computed. Further analyses on the XOR (Z Z +1 ) and the dfference (Z Z +1 ) between two consecutve outputs were performed. The results are summarzed n Table 1. In addton, we evaluate how an attacker mght predct an output f prevous outputs are known. The bt-byte predcton tests [12] used to evaluate the randomness of the Konton2 stream cpher were employed for ths purpose. Eght algorthms were used to predct the value of each bt (resp. byte) from the begnnng to the end of the sequence. For a perfectly random sequence, the probablty of success of any of the algorthms should be 1/2 (resp. 1/2 8 ). The number of successes s counted, and a ch-squared statstc wth 1 degree of freedom computed. Table 2 shows the results. From our analyses, we fnd that M xbts has very good propertes. Indeed, our analyss shows that the output of M xbts cannot be predcted sgnfcantly better than a pure random guess f the adversary does not have any knowledge of the secret access password. At ths pont, two of the three ntal requrements are fulflled: only effcent operatons are used, and the functon s hghly non-lnear. An estmate of the gate count for MxBts can be easly 163

6 obtaned. Sx logc gates are needed for each bt added n parallel 1. The regsters wll be mplemented by means of flp-flops, each of whch requres 8 gates. Furthermore, two 32-bt regsters are needed one to store the output Z and another for the ntermedate results. Hence, a total of around 700 logc gates are needed to mplement MxBts. An estmate of the temporal requrements can also be carred out. A tag has to spend around 128 clock cycles to compute an output (Z = MxBts(X, Y )). Assumng a clock frequency of 100 khz, a tag can compute around 780 updates per second. Hence, the tmng requrements are also fulflled. To complete the analyss, a comparson wth several block/stream cphers and hash functons was carred out and the results shown n Table 3 (for the prce comparson, M xbts s fxed as the reference and every extra 1,000 gates s assumed to ncrease chp prce by $0.01 [13]). We fnd that MxBts s the most effcent n crcut area and although throughput s not the hghest, t s wthn the requrements of the ntended applcatons (.e. baggage trackng, electronc toll collecton, pallet trackng, etc.). Lght-weght cphers such as Present or Gran requre only 1,570 or 1,294 logc gates respectvely. However, ths number of gates, even though small, may stll exceed the capabltes of tags conformng to the EPC Class-1 Gen-2 specfcaton. Furthermore, where tag prce s concerned, slght dfferences n tag prces can be greatly magnfed under an operatng envronment where large numbers of tags are deployed. Imagne for a company that needs to deploy 500 mllon tags. A dfference of US$ (Gran-Present) per tag would amount to US$ 2,950,000 4,350,000 of extra costs n total, whch s a sgnfcant sum. In ths case, usng the Gran or Present cpher could be rather expensve. In addton, a sgnfcant number of logc gates devoted to securty would have to be set asde for the 16-bt PRNG snce a lght-weght PRNG conformng to the EPC Class-1 Gen-2 specfcaton would requre around 1,600 gates. Whle the use of a cpher or hash functon wll ncrease the level of securty, t wll also ncur hardware costs. In ths work, our man objectve s to desgn a lghtweght authentcaton protocol under the EPCGlobal Framework, and requres balancng tradeoffs between securty and hardware restrctons. From our analyss, we fnd that our proposed M xbts functon performs reasonably well and provdes an approprate securty level for tags complant wth the EPC Class-1 Gen-2 specfcaton. 6. Analyss of the M 3 AP Protocol In ths secton, we provde a proof sketch to show that our proposed M 3 AP protocol provdes mutual authentcaton between a tag and a reader. In addton, we also ana- 1 S = A [B CENT ] C SAL = BC ENT + AC ENT + AB Table 3. Performance comparson Cryptographc Gates Cycles per Throughput at Prce prmtve Equvalent block 100 KHz (Kbps) (Cents) Mxbts K Block cphers Present [14] 1, K DESL [15] 1, K HIGHT [16] 3, K AES [17] 3,400 1, K Stream cphers Gran-80 [18] 1, K Gran-80, x16 [18] 3, ,600 K Trvum [18] 2, K Trvum, x16 [18] 3, ,600 K Hash functons MD5 [19] 8, K SHA-1 [19] 8,120 1, K SHA-256 [19] 10,868 1, K lyze the securty of the protocol by examnng how the protocol fares aganst prevous attacks exposed on the TRMA schemes, as well as other passve and actve attacks Verfcaton of Mutual Authentcaton. Reader-to-Tag Authentcaton: The frst two messages of our proposed scheme allow a legtmate reader that has knowledge of the tag s access password to authentcate tself to the tag. A malcous (or llegtmate) reader does not possess the access password to generate the correspondng responses (CCP 1 and CCP 2 ). Due to lack of authorzaton for the llegtmate reader, ths nformaton cannot be obtaned from the manufacturer (EPC-IS). In addton, the computaton of CCP 1 and CCP 2 uses only random challenges from the tag. In the orgnal TRMA scheme, CCP 1 and CCP 2 are computed from random values generated by the tag, as well as random values generated by the reader. However, ths provdes an avenue for an llegtmate reader to specfy the random values n such a way that allows t to crcumvent the scheme and forge a successful authentcaton more easly. By havng the reader compute the authentcaton responses based solely on random challenges generated by the tag and the shared secret (the tag access password), our scheme elmnates such a weakness. Tag-to-Reader Authentcaton: The thrd message of our scheme s for a legtmate tag to authentcate tself to the reader after t has confrmed that the reader s a legtmate one. A fraudulent tag does not possess the access password that s necessary to compute the cover-codes (CCP 3 and CCP 4 ). In ths case, cover-codes only depend on the random numbers pcked by the genune reader and avods the vulnerablty n the orgnal TRMA scheme whereby the attacker has control over the nputs requred to compute the authentcaton response. Hence, wthout knowledge of the correct access password, a tag mpersonaton attack cannot 164

7 be successful and authentcaton would fal Resstance aganst Prevous Attacks on TRMA Resstance aganst the Correlaton Attack. In order to perform the correlaton attack descrbed n [6], the adversary frst needs to fnd a correlaton between the access password P W D and the MxBts output (P W D and P W D ). Once ths s found, the adversary can make use of the relatonshps derved n [6] (the relatonshps between P W D and the output of P adgen, where n our new scheme, P adgen s appled to P W D and P W D nstead of P W D) to attack the scheme. However, as wtnessed n the last secton, we have shown that t s hghly dffcult to obtan any correlaton between the nput and output of M xbts. Hence, we contend that our proposed scheme provdes strong resstance aganst the correlaton attack. Resstance aganst the Dctonary Attack. In the orgnal TRMA scheme, the value of each bt of the authentcaton response CCP (=1,2,3,4) s only dependent on the value of a partcular hex-dgt n R T ag or R Rdr. For example, the frst bt of CCP 1 depends on the frst hexdgt of R T ag 1. If the value of a hex-dgt n any R T ag or s repeated (.e. t had the same value n a prevous R Rdr authentcaton sesson), then the adversary would be able to successfully predct the value for the correspondng bt n R to forge a successful authentcaton. In our proposed scheme, we fnd that each bt n any R s dependent on all four 16-bt random numbers generated by the tag and the reader. For example, each bt n CCP 1 or CCP 2 s dependent on all four of R T ag 1, R T ag 2, R1 Rdr and R2 Rdr. Ths s because all of them are nvolved n the computaton of P W D n M xbts. Moreover, the nature of M xbts ensures that the bts of the four random numbers are dffused wthn P W D. In order to successfully predct the value of a bt n CCP 1 or CCP 2, the adversary must encounter a stuaton whereby all four random numbers contan the same values that have appeared together n a prevous sesson. The probablty of ths occurrng s extremely low, snce wth a total of 64 bts between them, the number of possble combnatons amounts to Hence, the dctonary attack s stll possble but becomes extremely dffcult. In fact, ths attack can be completely prevented f we update or refresh the access password after every authentcaton sesson. For example, we can change the access password from P W D to P W D at the end of the protocol after both partes are mutually authentcated. The new access password wll then be used for the next authentcaton sesson, and so on. Resstance aganst the Tag Kllng Attack. Unlke the extended TRMA scheme, the kll password s not used n our proposed authentcaton scheme. Furthermore, all messages exchanged durng the protocol are ndependent of the kll password of the communcatng tag. Hence, an adversary would not be able to gather any nformaton about the kll password of tags from authentcaton sessons under our proposed scheme Resstance aganst Other Attacks Resstance aganst Replay Attacks. In a replay attack, the adversary eavesdrops on the messages exchanged between a legtmate reader and a legtmate tag, and replays the authentcaton responses to masquerade as the reader or the tag. Such an attack would be successful only f all the four random challenges have appeared together and n the rght sequence n a prevous authentcaton sesson. Wth the legtmate partes generatng fresh random challenges for each authentcaton sesson, the probablty of success for a replay attack would be low. Resstance aganst Offlne Brute Force Attacks. In an offlne brute force attack, an adversary eavesdrops on a sngle pass (for example, the reader-to-tag authentcaton) of an authentcaton sesson to obtan a set of random challenges and the vald response based on those challenges. Next, the adversary assumes a value for the access password and computes a response based on the collected challenges (by executng the MxBts functon, the P adgen functon, and other necessary operatons). If the computed response matches wth the collected response, then the value assumed for the access password was correct. Otherwse, the adversary tres the next probable value for the access password, repeatng untl a correct match s found. The complexty of ths attack s O(2 l ), where l s the number of bts n the access password. To offer adequate resstance aganst such an attack, l should be suffcently large. Resstance aganst Actve Brute Force Attacks. Actve brute force attacks generally requre an adversary to actvely take part n the authentcaton protocol by masqueradng as a tag or a reader. A number of scenaros are possble. In the frst scenaro, an adversary can programme a malcous reader to repeatedly probe a legtmate tag. Durng each authentcaton attempt, the reader tres a dfferent value for the access password. Ths contnues untl the adversary authentcates successfully to the tag. In another scenaro, an adversary can teratvely ssue challenges to the legtmate reader and record vald sets of challenges and responses to form a dctonary. Both attacks can be made nfeasble wth suffcently large access passwords and random challenges, or the use of password updatng. Resstance aganst Desynchronzaton Attacks. Under our proposed scheme, snce the access password s constant, there s no threat of desynchronzaton. However, as dscussed earler, to completely prevent some of the attacks, t would be necessary to update the access password at the end of each successful mutual authentcaton. In ths case, the 165

8 copes of the access password kept at the tag and the reader (or the back-end database, as n most cases) must be the same at all tmes,.e. they must be synchronzed. Once any party fals to update ts copy of the access password at the end of a successful authentcaton sesson, both partes wll be de-synchronzed. Hence, wth password updatng, extra measures may need to be taken to ensure that the protocol s robust aganst desynchronzaton. Resstance aganst Unauthorzed Trackng. As mentoned earler, prvacy s not a focus n ths work and the current EPCglobal Framework does not seem to address prvacy ssues. The transmsson of the EPC n clear mples that unauthorzed trackng of tags s possble. We contend that t s possble to ntegrate prevously proposed methods wth our scheme to guard aganst prvacy volaton. For example, the EPC can be replaced wth a pseudonym (as proposed n [20]) or be relabelled (as n [21]) to prevent trackng of the tag. The EPC can also be protected usng maskng or RF jammng technques (e.g. [22]), or through controls provded by an RFID proxy devce (e.g. [23]). Naturally, mplementng these solutons for prvacy protecton leads to hgher costs ncurred on the resultng system. 7. Conclusons In ths paper, a new authentcaton protocol, whch s named as M 3 AP and based on the protocol by Kondala et al., s proposed. The securty defcences were corrected n M 3 AP wth the ntroducton of the MxBts functon. Ths lghtweght functon has been obtaned by means of Genetc Programmng. Its securty and performance has been studed n depth. In addton, a securty analyss of the whole M 3 AP protocol has been accomplshed and we fnd that there s greater resstance aganst attacks. In concluson, we expect that our M 3 AP protocol can help to ncrease the securty level for the upcomng Gen-3 specfcaton. References [1] EPCglobal, EPC Rado-Frequency Identty Protocols Class- 1 Generaton-2 UHF RFID Protocol for Communcatons at 860MHz-960MHz Verson [2] Internatonal Organzaton for Standards (ISO), ISO/IEC 18000: Rado frequency dentfcaton for tem management. [3] D. M. Kondala and K. Km, RFID Tag-Reader Mutual Authentcaton Scheme Utlzng Tag s Access Password, Auto- ID Labs Whte Paper WP-HARDWARE-033, Jan [4] D. N. Duc, J. Park, H. Lee, K. Km, Enhancng securty of EPCglobal GEN-2 RFID tag aganst traceablty and clonng, n The 2006 Symposum on Cryptography and Informaton Securty, [5] H. Y. Chen, C. H. Chen, Mutual authentcaton protocol for RFID conformng to EPC Class 1 Gen 2 standards, n Computer Standards & Interfaces 29 (2007), pp , [6] T. L. Lm, and T. L, Addressng the Weakness n a Lghtweght RFID Tag-Reader Mutual Authentcaton Scheme, n Proc. of IEEE Globecom 2007, Nov [7] D. M. Kondala, Z. Km, and K. Km, A Smple and Costeffectve RFID Tag-Reader Mutual Authentcaton Scheme, n Proc. of Int l Conference on RFID Securty (RFIDSec 07), pp , Jul [8] P. Pers-Lopez, T. L, T. L. Lm, J.C. Hernandez-Castro and J.M. Estevez-Tapador. Vulnerablty Analyss of a Mutual Authentcaton Scheme under the EPC Class-1 Generaton-2 Standard, n Proc. of RFIDSec 08, Jul [9] T. L. Lm, T. L. Exposng an Effectve Denal of Informaton Attack from the Msuse of EPCglobal Standards n an RFID Authentcaton Scheme, n Proc. of IEEE PIMRC, Sep [10] J. R. Koza, Evolvng a computer program to generate random number usng the genetc programmng paradgm, n Proc. of the 4th Int l Conf. on Genetc Algorthms, [11] J. C. Hernandez-Castro, J. M. Estevez-Tapador, A. Rbagorda-Garnacho, B. Ramos-Alvarez, Wheedham: An automatcally desgned block cpher by means of genetc programmng, n Proc. of CEC 06, pp , [12] Davd Sexton, Randomness Analyss of Konton2, [13] M. Lehtonen, et al., Networked RFID Systems and Lghtweght Cryptography, n Chapter from Identfcaton to Authentcaton - A revew of RFID Product Authentcaton Technques, pp Sprnger, [14] A. Bogdanov, L. R. Knudsen, G. Leander, C. Paar, A. Poschmann, M. J. B. Robshaw, Y. Seurn, and C. Vkkelsoe, PRESENT: An Ultra-Lghtweght Block Cpher, n Proc. of CHES 07, LNCS vol. 4727, pages , [15] A. Poschmann, G. Leander, K. Schramm, and C. Paar, New Lght-Weght Crypto Algorthms for RFID, n Proc. of IEEE Internatonal Symposum on Crcuts and Systems, ISCAS 07, pages , [16] D. Hong, et al., HIGHT: A New Block Cpher Sutable for Low-Resource Devce, n Proc. of CHES 06, LNCS vol. 4249, pp , [17] M. Feldhofer, J. Wolkerstorfer, and V. Rjmen, AES mplementaton on a gran of sand, n IEEE Proc. of Informaton Securty, vol. 152, no.1, pp , [18] T. Good, and M. Benassa, Hardware results for selected stream cpher canddates, n [19] M. Feldhofer and C. Rechberger, A case aganst currently used hash functons n RFID protocols, n Prnted handout of Workshop on RFID Securty RFIDSec 06, [20] A. Juels, Mnmalst Cryptography for Low-Cost RFID Tags, n Proc. of SCN 04, LNCS 3352, pp , [21] S. Inoue, and H. Yasuura, RFID Prvacy Usng User- Controllable Unqueness, n RFID Prvacy Workshop, [22] M. R. Reback, B. Crspo, and A. S. Tanenbaum, Keep on Blockn n the Free World: Personal Access Control for Low- Cost RFID Tags, n Proc. of the 13th Int l Workshop on Securty Protocols, Apr [23] A. Juels, P. Syverson, and D. Baley, Hgh-Power Proxes for Enhancng RFID Prvacy and Utlty, n Proc. of PET 05,