You are on page 1of 6

Trapdoor-based Mutual Authentication Scheme

without Cryptographic Primitives in RFID Tags

Hwaseong Lee 1∗ Eun Young Choi 2 Su-Mi Lee 2 Dong Hoon Lee1
Center for Information Security Technologies (CIST),
Korea University, Seoul, Korea
1
email{hwaseong,donghlee}@korea.ac.kr
2
email{bluecey,smlee}@cist.korea.ac.kr

Abstract This pervasive deployment creates a potential threat to


security and privacy such as counterfeit of RFID tag and vi-
Radio Frequency IDentification(RFID) systems are be- olation of customer privacy. It is because the unique ID of
ing used in many applications such as the supply chain. RFID tag allows an adversary to track the moving history
The widespread usage of tags creates new threats of se- of the RFID tag or copy it into a bogus tag and an adversary
curity and privacy in RFID systems. Many schemes have can easily eavesdrop communication via public channel. A
been proposed to provide security and privacy, based on natural solution to security vulnerability for RFID systems
basic cryptographic primitives such as hash function and is to perform the basic cryptographic primitives, specially
encryption algorithm. However, it may be a burden on hash function, in order to support cryptographic character-
a resource-constrained tag. As considering the require- istics and authentication [12, 3, 10, 11]. However, we must
ments on a tag, we propose a lightweight mutual authen- keep in mind the scare computation/storage capability of
tication scheme based on trapdoor one-way property and RFID tag. The cost of manufacturing a RFID tag has to be
challenge/reaponse approach. Even though the proposed below 50 cents [15] (RFID Journal expects the price of a
scheme does not perform cryptograhic primitives, it guar- single RFID tag to be 5 cents by 2007 [14]). It means that it
antees security and privacy provided by the authentication is infeasible to implement a basic cryptographic primitive,
schemes using cryptographic primitives. We expect this mu- requiring thousands of logic gates, in RFID tag. Practically,
tual authentication scheme to activate RFID systems in var- hash function is out of the capability of weak RFID tag,
ious applications. even if the number of logic gates for hash function becomes
less and less. Hence, it will be difficult to perform the ex-
pensive cryptographic primitives in RFID systems.

1 Introduction Generally, an authentication scheme is designed based


on cryptographic primitives, in order to use cryptographic
characteristics such as one-way property and randomness
An amount of research has been recently achieved on and confidentiality and so on. These characteristics are use-
RFID systems which have an automatic identification char- ful in authentication via public channel. For authentication,
acteristic. Basically, RFID systems consist of RFID tag, two parties must check them to share same secret or infor-
RFID reader, and database(s). RFID tag is attached to cus- mation via public channel. Even though hash values or en-
tomer items and RFID reader broadcasts an RF signal to coded values are exchanged via public channel, an adver-
know information of the items through (mutual) authentica- sary cannot know original values, usually secret informa-
tion with RFID tag. RFID tag, smart-label, is recognized tion. Namely, there is no secret information leakage.
as a replacement for optical bar code in sense of economi-
cal and efficient inventory management [7] and expected to A few lightweight authentication schemes suitable for
be used in more various applications : for example, inven- RFID systems have been proposed in [16, 6, 8, 9, 1, 6].
tory control, automobile identification, livestock, and ac- The motivation of these schemes is the resource limitation
cess control to building, etc [16]. of RFID tag so that the schemes did not use cryptographic
primitives. However, the schemes are weak against some
∗ This research was supported by the Seoul R&BD Program(10665), attacks or insecure under a practical assumption. Even if
Korea. cryptographic primitives are not used for an authentication

Third International Workshop on Security


Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU 2007)
0-7695-2863-5/07 $25.00 © 2007
scheme in RFID systems, it is critical that the authentica- Bringer et al. proposed HB++ scheme [1]. It has limitation
tion scheme identically support security and privacy defined in terms of implementation because permutation function
in the authentication schemes using the expensive crypto- must keep distribution of scalar products as well as satisfies
graphic primitives. low computational complexity.
Our aim is to design an authentication scheme satisfying Our contribution is to propose a novel lightweight mu-
cryptographic characteristics without using cryptographic tual authentication scheme in a low-power RFID tag by in-
primitives in a low-power RFID tag. Instead of hash-based troducing the concept of trapdoor one-way property into
or encryption-based authentication, we introduce trapdoor- RFID systems.
based authentication using challenge and response ap-
• Lightweight operation : both a low-power RFID tag
proach. Trapdoor-based authentication is achieved by sat-
and a reader perform only bitwise operation, which is
isfying trapdoor one-way property, even though it does not
more lightweight than traditional cryptographic primi-
perform actual cryptographic primitives. A property is trap-
tives.
door one-way property if it has one-way property but it can
be easily inverted with the knowledge of trapdoor. This • Strong against attacks : the proposed scheme is
property satisfies cryptographic characteristics explained secure against passive attacks, the probability of suc-
above. Hence, the proposed scheme is strong against di- ceeding in active attacks is negligible, and the dam-
verse attacks and has no assumption. age due to tag-compromising attack does not affect the
Related Works. The necessity of lightweight operation other tags. Besides, it does not require synchronization
in a low-power RFID tag has been insisted through many for mutual authentication since key materials or a tag
researches [16, 6, 8, 9, 1, 6]. Vajda and Buttyan proposed a ID need not be updated for mutual authentication.
lightweight authentication scheme in which a secure matrix • Trapdoor one-way property : communication via
is stored on RFID tag in advance and used for authentica- public channel does not help an adversary know secret
tion (the matrix consists of s-bit primes) [16]. This scheme information of RFID tag. Only parties knowing trap-
is also challenge-response type authentication like the pro- door can derive response corresponding to a specific
posed scheme but deriving response requires exhaustive challenge.
search by integer division in side of RFID tag. Although
this scheme does not use cryptographic primitives, it is un- Organization. The rest of the paper is organized as follows.
able to be called lightweight authentication scheme since Section 2 describes notations used in this paper. Section 3
it makes RFID tag compute multiple division operations in explains system model and security requirements. We pro-
order to derive response. Karthilkeyan and Nesterenko pro- pose a mutual authentication scheme in Section 4. We ana-
posed an authentication scheme by computing multiplica- lyze its security and performance in Section 5. Finally, we
tion of a matrix [9]. It has the limitation such as synchro- conclude our paper in Section 6.
nization between RFID reader and RFID tag in order to up-
date key material. 2 Notation
Juels proposed a lightweight scheme based on rotation
by RFID tag through many pseudonyms [6]. When it is For concreteness and simpler presentation, we use
practically applied into RFID systems, it may not guar- notations as below.
antee security, since this scheme is secure under limited
eavesdropping of communication between RFID reader and c is challenge a reader sends to a tag
RFID tag. Duc et al. presented a lightweight authentication r is response to challenge
scheme suitable for EPCglobal Class 1 Gen-2 tags [4]. This T rap is trapdoor containing information to derive response
scheme uses CRC code instead of hash values but requires Blind is a blinding factor used to cover a tag ID
session-key synchronization which can be difficult in unre- R is a random number for singulation
liable channel such as RFID systems. K is a key shared between reader-tag
Juels and Weis proposed HB+ scheme in which authenti- M1 is a binary matrix commonly shared between reader-tag
cation is achieved through q times responses about a single M2 is a binary matrix separately shared between reader-tag
challenge [8]. RFID tag intentionally inserts noise in re- N is the number of rows in M1
sponse and is authenticated by a reader if the error bound of M [i] is an element of i-th row in any matrix M
responses is less than pre-defined noisy probability. How- M [i][j] is a j-th bit on i-th row in any matrix M
ever, an adversary can know the secret of RFID tag through |bits| is the length of bits
man-in-the-middle attack and replay attack, under the as-  is the concatenation operation
sumption she can check whether modified response is ac- −→ is sending a message from left party to right one
cepted by a reader or not. To improve security of [8],

Third International Workshop on Security


Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU 2007)
0-7695-2863-5/07 $25.00 © 2007
3 System Model and Security Requirements messages between a reader and a tag but cannot inject and
modify an answer to a reader(or a tag)and have no ability
3.1 RFID Systems to make a physical attack to a tag. For example, tracing
through eavesdropping is included in this passive attack.
RFID Systems consist of RFID tag, RFID reader, and Active Attack. We define an active attack as inject-
back-end database. ing/modifying/blocking answer as well as eavesdropping.
RFID Tag. Each RFID tag(hereafter a tag) has its unique In this attack it is possible to impersonate a tag. Still an ac-
ID(UID) which is a 96-bit number in EPC Code [5]. A tag tive attack does not include a physical access to a tag. DoS
is divided into passive tag and active tag according to the attack or spoofing attack belongs to this attack.
source of energy. Generally, a tag is comprised of antenna Tag-compromising Attack. We define a tag-
and IC chip which are used for communication with RFID compromising attack as an attack where an adversary
reader and data storage/logical operation, respectively. captures a tag and obtains a secret information in the tag.
RFID Reader. RFID Reader(hereafter a reader) trans- It is important that a compromised tag does not affect
mits a RF signal to tags, receives information from tags, non-compromised tag in security point of view. It is noted
and sends it to back-end database. In addition, a reader has that this attack includes passive and active attacks.
an ability to read and write data to the tags.
Back-End Database. Back-end database(hereafter In general, if an adversary can launch active attack(tag-
database) is a secure data-processing server that can store compromising attack), she is considered to have the ability
and manage information of tags such as ID, product infor- enough to launch passive attack(active and passive attack).
mation, reader location, and so on. Moreover, database can
resolve the ID of a tag which responds to a reader’s query. 3.3 Security Requirements
Usually, the communication between a reader and a tag
is considered to be weak to eavesdrop while the commu- There are a few problems to be solved for secure RFID
nication between a reader and database is assumed to be systems; in other words, we must block the goals of an
conducted over secure channel. On occasion, a reader is a adversary which were described in attack models. The
proxy of database so that database stores all secret informa- first is to keep information on which tags a user holds.
tion and can establish a value required for authentication. It means that tag information must not be revealed. It is
For a simple explanation, we think a reader plays a role of important in terms of tag anonymity, privacy, and tracing,
database together. If tag reading does not exceed 1 sec- etc. The second is to prevent an adversary from being
ond, each tag can transmit almost 500 bits [12]. Since a illegally authenticated because it can lead to counter-
tag is a very low-cost device, it is considered that a tag can- feit tag and then a great damage in RFID systems. We
not afford to use the standard cryptographic primitives such suggest two security requirements for secure RFID systems.
as MAC, encryption, and digital signature [16]. Therefore,
we will not use cryptographic primitives in a tag. More- Indistinguishability. If the probability of distinguishing
over, it is too expensive to support tamper-resistant in a tag. the output of a tag and a random output is negligible, it will
It means an adversary can obtain the internal data in a tag be called indistinguishability. It means that it is infeasible to
through physical attacks. know that the output is from a target tag. It is satisfied when
there is no information leakage. It is a critical requirement
3.2 Attack Models to prevent the above first goal.
Hardness of Correct Response. As soon as receiving
The ultimate goal of an adversary is divided into the the challenge from a reader, an adversary must correctly
following. The first is to know tag ID even though an guess a tag’s answer and respond to the challenge in
adversary does not have a secret which is shared between order to be illegally authenticated by the reader. If an
database and a legitimate tag and used in process of au- adversary guesses the response of unspecific tag, she would
thentication. The second is to produce a correct response to be estimated to have the capability of correct response.
a challenge even though she is not a legitimate tag. In other Hence it must be hard that an adversary responds cor-
words, she wants to be authenticated by a reader(ultimately rectly, in order to fail to identify her as a correct object. It
database), whether she impersonates a legitimate tag to a is a requirement to prevent the second goal explained above.
reader and participates in authentication protocol or not.
Below, we can classify attack models achieving such goals. A public key-based mechanism satisfies the above secu-
rity requirements while public key-based mechanism gener-
Passive Attack. It is classified into a passive attack if ally requires a greater amount of computation overhead than
an adversary can just eavesdrop and collect the exchanged a low-power tag can afford. Hence, it is necessary to satisfy

Third International Workshop on Security


Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU 2007)
0-7695-2863-5/07 $25.00 © 2007
the above security requirements at lightweight computation. Database Reader Tag
Query, R

4 Trapdoor-based Mutual Authentication K † Trap, c


K, M1, {M2} K, M1, M2
Scheme r, ID †Blind

We propose lightweight mutual authentication scheme


for RFID systems in this section. For authentication, a
reader sends XORed trapdoor and a challenge to tags and
Figure 1. Overview of the Proposed Scheme
only tags sharing a pre-stored secret can recover trapdoor
and correctly respond to the challenge with trapdoor.
The key idea for authentication is trapdoor one-way
property using challenge/response approach and two matri- Step 2. (Tag Authenticates Reader) First, a reader selects
ces. In the proposed scheme, a challenge and a response are rows on M1 and can establish a tag’s response r in advance.
respectively considered a point in the range and a point in Second, a reader can establish challenge c from response
the domain. Accordingly, it is easy to derive the response r with trapdoor one-way function Punc() and trapdoor
of a given challenge with the knowledge of trapdoor while containing information to help derive response r from
it is infeasible to derive the response without the knowledge challenge c. Third, a reader sends K ⊕ T, c to a tag. Fourth,
of trapdoor. Accordingly, trapdoor is for legitimate tags in a tag can recover T rap and authenticate a reader with
security point of view. Two matrices are embodied in each checksum. Below, more details are explained in order.
tag. The matrices play a role of secret information, which is
able to minimize the damage on tag-compromising attack. Reader −→ Tag : K ⊕ T rap, c = P unc(A)
The proposed scheme is divided into two phases as below.

4.1 System Setup 1. Reader establishes r in advance. Response r is a N ×1


binary matrix. Reader selects randomly the N4 ele-
Three secrets are embodied on each tag before the tag is ments from M1 as taking complement into account.
attached in an item : one key and two different matrices. A is a N4 × log2 N  binary matrix and consists of the
The same key is pre-stored into each tag. Two matrices are selected elements like A = A[1]  A[2]  ...  A[ N4 ].
as following : the first matrix M1 is identical to all the tags The other N4 elements are the complements of the se-
and the second M2 is different to separate tags. Let M1 lected N4 elements (message length to transmit is re-
and M2 be respectively a N × log2 N  binary matrix and a duced by using complement). In total, N2 elements are
|R| × |ID|·2
|R| binary matrix, where N is the number of rows selected on M1 without no overlap. The N −bit r is set
in M1 and R is a random number used in singulation. It is to 1 at rows which correspond to rows of the selected
important that the values corresponding to each row must elements in M1 and 0 at remaining rows. Namely, re-
not be in order and overlapped. sponse r represents the index on selected elements in
M1 .
4.2 Mutual Authentication using Trap-
door One-way Property 2. Reader establishes c and T rap. P unc() intentionally
punctures a bit per element on A as considering a tag to
Step 1. (Singulation) Before authentication, every scheme derive r as like Algorithm 1. T rap holds information
must pass by singulation in order to wake up and identify for recovery : punctured position on challenge c and
a single tag in multiple tags [5]. Singulation consists of indirect bit information recovering puncture position.
three flows : query phase and exchanging phase of random 3. Reader covers T rap with a key. A reader cover T rap
number R. A reader initiates query phase, and then a tag with a pre-stored key and transmits XORed T rap and
sends a random number R and a reader echoes R to a tag. c to a tag. It is important that T rap has a relation with
The first flow in Fig. 1 represents singulation phase briefly. c. It is explained below.
Note that R is a random number generated by a tag, not
a reader (precisely, a pseudo random generator which is a 4. Tag recovers T rap and authenticates reader. A tag can
basic component for a tag [5]). We use R in this round to recover T rap with a pre-stored key K. It is possible
XOR a tag’s ID in Step 3. It is reasonable to use R since all for a tag to authenticate a reader with the relation be-
the protocols must send R for singulation. tween c and T rap. Namely, c and T rap play a role
Reader ←→ Tag : Query, R of message and checksum, respectively. If an adver-
sary randomly selects T rap , T rap may not satisfy

Third International Workshop on Security


Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU 2007)
0-7695-2863-5/07 $25.00 © 2007
Algorithm 1. Establishing Challenge and Trapdoor to be selected on M2 . We concatenate the elements
Input: A := A[1]  A[2]  ...  A[ N4 ] corresponding on the index and use it as Blind. There-
Output: Challenge, Trapdoor fore blinded ID on each tag is separate and changed
01 : length := log2 N  every time because of a separate M2 on each tag and a
02 : for i := 1 to N4 random number R.
03 : A[i] := A[i]
3. Reader authenticates tag. A reader authenticates a tag
04 : for j := 0 to (length - 1)
by checking whether an expected response r is equal to
05 : if (A[i][j] = 1)
a received response r. The overview of authentication
06 : then A[i][j] := 0
is like Fig. 1.
07 : else
08 : A[i][j] := 1
09 : element := A[i]
4.3 Example on the Proposed Scheme
10 : element := A[i]
11 : row := (element / length) + 1 Due to the limited page, we omit an example on the pro-
12 : col := element (mod length) posed scheme. Refer to a full paper where the proposed
scheme is easily described [17].
13 : row := element / length + 1
14 : col := element (mod length)
15 : bit[i] := M1 [row][col] 5 Analysis
16 : bit[i] := M1 [row][col]
17 : if (bit[i] = bit[i]) 5.1 Security Analysis
18 : delete a j-th bit on A[i]
19 : T rap[i] := j || bit[i] We discuss security of the proposed scheme. Assume
20 : c[i] := A[i] that an adversary can launch passive attack, active attack,
21 : break and tag-compromising attack as explained in 3.2. Further-
22 : Return c, T rap more, an adversary tries to know a tag ID and/or want a
reader to regard her as a legitimate tag. Therefore, authen-
tication scheme in RFID systems should be able to protect
an adversary from achieving the goal of attacks. Below, we
the relation. Therefore, this scheme is secure against summarize security briefly due to limited pages.
DoS attack since a tag will respond only if checksum
is correct. 1. Secure against Passive Attack. In the proposed scheme
an adversary launching passive attack such as track-
Step 3. (Reader Authenticates Tag) First, a tag derives ing cannot succeed in both goals since the proposed
response r with T rap. Second, a tag establishes blinding scheme supports randomness and any information on
factor Blind and sends r and blinded ID to a reader. Third, a tag is never revealed through eavesdropping.
a reader authenticates a tag by checking r. Below we
explain how to derive r and share Blind. 2. A Negligible Probability against Active Attack. Even
though an adversary under active attack tries such as
Tag −→ Reader : r, ID ⊕ Blind spoofing to be illegally authenticated, she succeeds
with a negligible probability which is about as much
as she guesses ID or collision occurs. To achieve it,
1. Tag derives r from c with T rap. A tag can find where she must correctly guess response r corresponding to
the punctured positions on c are and also know what challenge c. The advantage she can get is negligible
the bits of punctured positions are by using T rap. because there is trapdoor one-way property between
Hence, a tag can derive r which is used when a reader challenge/response.
authenticates the tag.
3. Minimized Damage against Tag-compromising Attack.
2. Reader blinds ID. As explained before, singulation In fact, it is very important to minimize the damage due
precedes an authentication scheme in order to wake to tag-compromising attack since it is infeasible to ex-
a tag and confirm the tag. We use R in singulation pect no damage under tag-compromising attack. In the
and the second binary matrix M2 to establish a Blind. proposed scheme the damage under tag-compromising
First, we compute Index = R ⊕ K by using only |R| attack affects just the compromised tag itself. It is
bits on K. Second, as if r signifies the index of se- because each tag uses separate matrix shared with
lected rows on M1 , Index becomes the index of rows database.

Third International Workshop on Security


Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU 2007)
0-7695-2863-5/07 $25.00 © 2007
5.2 Efficiency Analysis [3] E. Y. Choi, S. M. Lee, and D. Hoon Lee. Ef-
ficient RFID Authentication Protocol for Ubiq-
We analyze efficiency in terms of memory space, opera- uitous Computing Environment. EUC workshop
tion, and communication overhead in a tag. 2005, pp. 945-954, 2005.

1. Memory Cost. Normally, logic gates to be used for [4] D. N. Duc, J. Park, H. Lee, and K. Kim. En-
security are from 250 to 3000 in a tag [13]. In the hancing Security of EPCglobal Gen-2 RFID Tag
proposed scheme, a tag has to store one key and two against Traceability and Cloning. SCIS06, 2006.
binary matrices. A tag need not store the implementa- [5] EPC Radio-Frequency Identity Protocols Class-1
tion of a low-cost cryptographic primitives which can Generation-2 UHF RFID, EPCglobal Inc., 2005.
be constructed with 6 to 13 K gates [2]. It results in the
usage of less memory than previous scheme. [6] A. Juels. Minimalist Cryptography for Low-Cost
RFID Tags. SCN04, pp. 149-164, 2004.
2. Computation Cost. The proposed scheme requires
a lightweight bitwise operation both in a tag and a [7] A. Juels. RFID Security and Privacy:A Research
reader. It reduces the burden on database in process Survey. IEEE Journal on Selected Areas in Com-
of searching a tag ID as well as on a tag to operate. munications, Vol. 24, NO. 2, pp. 381-394, 2006.

3. Communication Cost. Communication cost can be af- [8] A. Juels and S. A. Weis. Authenticating Perva-
forded in a tag. If the bit length of R and the number of sive Devices with Human Protocols. Crypto05,
rows on M1 and the bit length of each row on M1 and pp. 293-308, 2005.
the length of ID are respectively 16, 128, 7, and 128, [9] S. Karthikeyan and M. Nesterenko. RFID Secu-
the length of message in Step 2 is in total 320 bits(= rity without Extensive Cryptography. SASN05,
128 + 192) and the length of message in step 3 is 256 pp. 63-67, 2005.
bits(= 128 + 128). A tag can afford it when consider-
ing a transmit rate in Section 3. By using complement [10] J. Kang and D. Nyang. RFID Authentication Pro-
rows, communication overhead is reduced as keeping tocol with Strong Resistance Against Traceability
strong security. and Denial of Service Attacks. ESAS05, pp. 164-
175, 2005.
We expect the proposed scheme to be practically used
[11] D. Molnar, A. Soppera, D. Wagner. A scalable,
in a current RFID tag. Further, it is likely to advance the
delegatable, pseudonym protocol enabling own-
feasible usage of RFID tag.
ership transfer of RFID tags. EASA05, pp. 1-16,
2005.
6 Conclusion
[12] M. Ohkubo, K. Suzuki, and S. Kinoshita. A
We defined attack models and security requirements for Cryptographic Approach to Privacy- Friendly tag.
RFID systems. As taking the requirements into account, RFID Privacy 2003 Workshop, 2003.
we proposed a lightweight mutual authentication, based on [13] P. Peris-Lopez, J. C. Hernandez-Castro, J.
trapdoor one-way property. The security of the proposed Estevez-Tapiador, A. Ribagorda. M2 AP: A Min-
scheme was proven under pre-defined attack models. It imalist Mutual-Authentication Protocol for Low-
means the proposed scheme to guarantee the security of cost RFID Tags. UIC06, pp. 912-923, 2006.
schemes performing cryptographic primitives, although it
does not perform cryptographic primitives and uses only [14] RFID Journal, http://www.rfidjournal.com/.
lightweight operation. Further, the proposed scheme can
be practically applied into current RFID systems because of [15] S. Sarma, S. Weis and D. Engels. Radio-frequency
lightweight property of the proposed scheme. identification : Security risks and challenges.
CryptoBytes 6, 2003.
References
[16] I. Vajda and L. Butydan. Lightweight authentica-
tion protocols for low-cost RFID tags. Workshop
[1] J. Bringer, H. Chabanne, E. Dottax. HB++ : on Security in Ubiquitous Computing, 2003.
a Lightweight Authentication Protocol Secure
agsint Some Attacks. eprint 2005. [17] http://protocol.korea.ac.kr/p̃uzzle
/paper/trapdoorRFID.pdf
[2] CRYPTOREC reports, published 2002

Third International Workshop on Security


Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU 2007)
0-7695-2863-5/07 $25.00 © 2007