http://csce.uark.edu/~drt/rfid1 mixnet for radio frequency identification jaanus uudmae, harshitha...

http://csce.uark.edu/~drt/rfidhttp://csce.uark.edu/~drt/rfid 11

MIXNET for Radio MIXNET for Radio Frequency IdentificationFrequency Identification

Jaanus Uudmae, Harshitha Sunkara, Dale R. Thompson, Sean Bruce, and Jaanus Uudmae, Harshitha Sunkara, Dale R. Thompson, Sean Bruce, and Jayamadhuri PenumarthiJayamadhuri Penumarthi

Dale R. Thompson, Ph.D., P.E.Dale R. Thompson, Ph.D., P.E.Associate ProfessorAssociate Professor

Computer Science and Computer Engineering Computer Science and Computer Engineering Dept.Dept.

University of ArkansasUniversity of Arkansas


Related ActivitiesRelated Activities Member of GS1 EPCglobal Hardware Action Group Product Member of GS1 EPCglobal Hardware Action Group Product

Data Protection ad hoc Committee (Dec. 2006 – present)Data Protection ad hoc Committee (Dec. 2006 – present) Affiliated with University of Arkansas RFID Research Center Affiliated with University of Arkansas RFID Research Center

(http://itri.uark.edu/rfid/) (Feb. 2005 – present)(http://itri.uark.edu/rfid/) (Feb. 2005 – present) Lightweight Authentication for RFID (Aug. 2006 – present)Lightweight Authentication for RFID (Aug. 2006 – present) Categorizing RFID Privacy Threats with STRIDE (July 2006)Categorizing RFID Privacy Threats with STRIDE (July 2006) Taught RFID Communications class (May – June 2006) Taught RFID Communications class (May – June 2006) RFID Security Threat Model (Mar. 2006)RFID Security Threat Model (Mar. 2006) Brute Force Attack of EPCglobal UHF Class-1 Generation-2 Brute Force Attack of EPCglobal UHF Class-1 Generation-2

RFID Tag (Jan. – May 2006)RFID Tag (Jan. – May 2006) Attack Graphs for EPCglobal RFID (Jan. – May 2006)Attack Graphs for EPCglobal RFID (Jan. – May 2006) MIXNET Using Universal Re-encryption for Radio Frequency MIXNET Using Universal Re-encryption for Radio Frequency

Identification (RFID) (Aug. 2005 – Dec. 2006)Identification (RFID) (Aug. 2005 – Dec. 2006) RFID Technical Tutorial and Threat Modeling Project (Jun. – RFID Technical Tutorial and Threat Modeling Project (Jun. –

Dec. 2005)Dec. 2005)


University of Arkansas RFID University of Arkansas RFID Research CenterResearch Center

Fully student staffed with 24 industry members, which recently Fully student staffed with 24 industry members, which recently became the first open laboratory to be accredited by EPCglobal became the first open laboratory to be accredited by EPCglobal Inc.Inc.


What is RFID?What is RFID?

Stands for Radio Frequency Stands for Radio Frequency IdentificationIdentification

Uses radio waves for identificationUses radio waves for identification New frontier in the field of information New frontier in the field of information

technology technology One form of Automatic IdentificationOne form of Automatic Identification Provides unique identification or serial Provides unique identification or serial

number of an object (pallets, cases, number of an object (pallets, cases, items, animals, humans)items, animals, humans)


RFID systemRFID system


RFID readerRFID reader Also known an interrogatorAlso known an interrogator Reader powers passive tags with RF energyReader powers passive tags with RF energy Can be handheld or stationaryCan be handheld or stationary Consists of:Consists of:

– TransceiverTransceiver– AntennaAntenna– MicroprocessorMicroprocessor– Network interfaceNetwork interface

Reader Antenna


RFID tagsRFID tags

Tag is a device used to transmit Tag is a device used to transmit information such as a serial number information such as a serial number to the reader in a contact less to the reader in a contact less mannermanner

Classified as :Classified as :– Passive – energy from readerPassive – energy from reader– Active - batteryActive - battery– Semi-passive – battery and energy from Semi-passive – battery and energy from

readerreader


UHF passive tagUHF passive tag


Supply Chain ManagementSupply Chain Management

RFID adds visibility as the items flow RFID adds visibility as the items flow through the supply chain from the through the supply chain from the manufacturer, shippers, distributors, manufacturer, shippers, distributors, and retailers.and retailers.

The added visibility can identify The added visibility can identify bottlenecks and save money.bottlenecks and save money.

Wal-Mart requested in June 2003 that Wal-Mart requested in June 2003 that their top 100 suppliers use RFID at the their top 100 suppliers use RFID at the pallet and case level by January 2005.pallet and case level by January 2005.


Electronic Product Code (EPC) Electronic Product Code (EPC) 96-bit Version96-bit Version

• Every product has unique identifier• 96 bits can uniquely label all products for the next 1,000 years• 2^96 = 79,228,162,514,264,337,593,543,950,336

VersionVersion EPC Manager EPC Manager (Manufacture(Manufacturer)r)

Object Class Object Class (Product)(Product)

Serial Serial NumberNumber

8 bits8 bits 28 bits28 bits 24 bits24 bits 36 bits36 bits


Physical TrackingPhysical Tracking


MIXNET using Universal Re-encryptionMIXNET using Universal Re-encryption

ElGamal:ElGamal:• A conventional cryptosystem, permits re-encryption if A conventional cryptosystem, permits re-encryption if

the public key is known at each MIXNETthe public key is known at each MIXNET• Ciphertext C’ represents re-encryption of C if both Ciphertext C’ represents re-encryption of C if both

decrypt to the same plaintext.decrypt to the same plaintext.• Privacy is because the ciphertext pair (C, C’) is Privacy is because the ciphertext pair (C, C’) is

indistinguishable from (C, R) for a random cipher R.indistinguishable from (C, R) for a random cipher R.• The tag pseudonym, a false name for the original The tag pseudonym, a false name for the original

identity is re-encrypted each time it passes a MIXNET.identity is re-encrypted each time it passes a MIXNET.


ElGamalElGamal

Key Generation:Key Generation:Alice: Alice: A random prime p, generator element g and private key x.A random prime p, generator element g and private key x. Generate public key Generate public key Publicize (p, g, y) and x as the private key.Publicize (p, g, y) and x as the private key. Encryption:Encryption:Bob:Bob:Chooses random k to send message m and computes a ciphertext pair Chooses random k to send message m and computes a ciphertext pair (c1, c2):(c1, c2): and and Decryption:Decryption:To decrypt ciphertext (c1, c2), Alice computesTo decrypt ciphertext (c1, c2), Alice computes


Universal Re-encryptionUniversal Re-encryption• Re-encrypts the ciphertext without the knowledge of the Re-encrypts the ciphertext without the knowledge of the

public key using a random encryption factor.public key using a random encryption factor.• Re-encryption is based on a homomorphic property,Re-encryption is based on a homomorphic property,

• Allows external anonymity which provides total privacy Allows external anonymity which provides total privacy protection for data being transmitted protection for data being transmitted

• Encrypts under the public key and random encryption factor Encrypts under the public key and random encryption factor • Appends an identity element to the ciphertext encrypted Appends an identity element to the ciphertext encrypted

based on ElGamal.based on ElGamal.• First decrypts the identity element to confirm the intended First decrypts the identity element to confirm the intended

message.message.


Universal Re-encryption ExampleUniversal Re-encryption Example

P = 23, g = 19, x = 17P = 23, g = 19, x = 17

Y = 19 ^ 17 mod 23 = 21Y = 19 ^ 17 mod 23 = 21

Publicize ( y, g) = (21, 19)Publicize ( y, g) = (21, 19)

m = 20 , random encryption factorm = 20 , random encryption factor

Encryption:Encryption:

= [(20,2),= [(20,2),(7,19)](7,19)]

Decryption:Decryption:


Universal Re-encryption ExampleUniversal Re-encryption Example

Re-encryption:Re-encryption:

Input: Input:

Random re-encryption factor : Random re-encryption factor :

Ciphertext Ciphertext

= [(3,21), (19,21)] = [(3,21), (19,21)]

To Verify decryption of :To Verify decryption of :

(Plaintext)(Plaintext)


Future WorkFuture Work

• Extend simulation to a system of security Extend simulation to a system of security agentsagents

• Add MIXNET agent to open source TagCentricAdd MIXNET agent to open source TagCentric• Implement MIXNET on a readerImplement MIXNET on a reader• Implement traditional MIXNET between Implement traditional MIXNET between

readers and databases to hide location of tags readers and databases to hide location of tags from the databasefrom the database


RFID-related publicationsRFID-related publications M. Byers, A. Lofton, A. K. Vangari-Balraj, and D. R. Thompson, “Brute force M. Byers, A. Lofton, A. K. Vangari-Balraj, and D. R. Thompson, “Brute force

attack of EPCglobal UHF class-1 generation-2 RFID tag,” in Proc. IEEE Region 5 attack of EPCglobal UHF class-1 generation-2 RFID tag,” in Proc. IEEE Region 5 Technical Conf., Fayetteville, Arkansas, April 20-21, 2007, to appear.Technical Conf., Fayetteville, Arkansas, April 20-21, 2007, to appear.

S. C. G. Periaswamy, S. Bharath, M. Chagarlamudi, S. Estes, D. R. Thompson, S. C. G. Periaswamy, S. Bharath, M. Chagarlamudi, S. Estes, D. R. Thompson, “Attack graphs for EPCglobal RFID,” in Proc. IEEE Region 5 Technical Conf., “Attack graphs for EPCglobal RFID,” in Proc. IEEE Region 5 Technical Conf., Fayetteville, Arkansas, April 20-21, 2007, to appear.Fayetteville, Arkansas, April 20-21, 2007, to appear.

J. Uudmae, H. Sunkara, D. R. Thompson, S. Bruce, and J. Penumarthi, “MIXNET J. Uudmae, H. Sunkara, D. R. Thompson, S. Bruce, and J. Penumarthi, “MIXNET for radio frequency identification,” in Proc. IEEE Region 5 Technical Conf., for radio frequency identification,” in Proc. IEEE Region 5 Technical Conf., Fayetteville, Arkansas, April 20-21, 2007, to appear.Fayetteville, Arkansas, April 20-21, 2007, to appear.

D. R. Thompson, J. Di, H. Sunkara, and C. Thompson, “Categorizing RFID D. R. Thompson, J. Di, H. Sunkara, and C. Thompson, “Categorizing RFID privacy threats with STRIDE,” in Proc. ACM Symposium on Usable Privacy and privacy threats with STRIDE,” in Proc. ACM Symposium on Usable Privacy and Security (SOUPS), Carnegie Mellon University, Pittsburgh, Pennsylvania, July Security (SOUPS), Carnegie Mellon University, Pittsburgh, Pennsylvania, July 12-14, 2006.12-14, 2006.

D. R. Thompson, “RFID technical tutorial,” The Journal of Computing Sciences D. R. Thompson, “RFID technical tutorial,” The Journal of Computing Sciences in Colleges, vol. 21, no. 5, pp. 8-9, May, 2006.in Colleges, vol. 21, no. 5, pp. 8-9, May, 2006.

D. R. Thompson, N. Chaudhry, and C. W. Thompson, “RFID security threat D. R. Thompson, N. Chaudhry, and C. W. Thompson, “RFID security threat model,” in Proc. Acxiom Laboratory for Applied Research (ALAR) Conf. on model,” in Proc. Acxiom Laboratory for Applied Research (ALAR) Conf. on Applied Research in Information Technology, Conway, Arkansas, Mar. 3, 2006.Applied Research in Information Technology, Conway, Arkansas, Mar. 3, 2006.

N. Chaudhry, D. R. Thompson, and C. Thompson, RFID Technical Tutorial and N. Chaudhry, D. R. Thompson, and C. Thompson, RFID Technical Tutorial and Threat Modeling, ver. 1.0, tech. report, Dept. of Computer Science and Threat Modeling, ver. 1.0, tech. report, Dept. of Computer Science and Computer Engineering, University of Arkansas, Fayetteville, Arkansas, Dec. 8, Computer Engineering, University of Arkansas, Fayetteville, Arkansas, Dec. 8, 2005. Available: http://csce.uark.edu/~drt/rfid2005. Available: http://csce.uark.edu/~drt/rfid


Contact InformationContact Information

Dale R. Thompson, Ph.D., P.E.Dale R. Thompson, Ph.D., P.E.Associate ProfessorAssociate ProfessorComputer Science and Computer Engineering Dept.Computer Science and Computer Engineering Dept.University of ArkansasUniversity of Arkansas311 Engineering Hall311 Engineering HallFayetteville, Arkansas 72701Fayetteville, Arkansas 72701Phone: +1 (479) 575-5090Phone: +1 (479) 575-5090FAX: +1 (479) 575-5339FAX: +1 (479) 575-5339E-mail: [email protected]: [email protected]: http://csce.uark.edu/~drt/WWW: http://csce.uark.edu/~drt/

http://csce.uark.edu/~drt/rfid1 mixnet for radio frequency identification jaanus uudmae, harshitha...

Documents

epcglobal rfid

rfid technical tutorial

suppliers use rfid

reencryption of c

rfid security threat

passive energy

mixnetciphertext c

universal reencryptionelgamal