Linear Dependencies in Linear Feedback Shift Registers
IEEE Transactions on Computers
On functions of linear shift register sequences
Proc. of a workshop on the theory and application of cryptographic techniques on Advances in cryptology---EUROCRYPT '85
IEEE Transactions on Computers - Special issue on fault-tolerant computing
A New Class of Invertible Mappings
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Grain: a stream cipher for constrained environments
International Journal of Wireless and Mobile Computing
LAMED - A PRNG for EPC Class-1 Generation-2 RFID specification
Computer Standards & Interfaces
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Review: Privacy versus scalability in radio frequency identification systems
Computer Communications
Non-uniform stepping approach to RFID distance bounding problem
DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
A Practical Implementation Attack on Weak Pseudorandom Number Generator Designs for EPC Gen2 Tags
Wireless Personal Communications: An International Journal
KEDGEN2: A key establishment and derivation protocol for EPC Gen2 RFID systems
Journal of Network and Computer Applications
Hi-index | 0.00 |
The EPC Gen2 is an international standard that proposes the use of Radio Frequency Identification (RFID) in the supply chain. It is designed to balance cost and functionality. The development of Gen2 tags faces, in fact, several challenging constraints such as cost, compatibility regulations, power consumption, and performance requirements. As a consequence, security on board of Gen2 tags is often minimal. It is, indeed, mainly based on the use of on board pseudorandomness. This pseudorandomness is used to blind the communication between readers and tags; and to acknowledge the proper execution of password-protected operations. Gen2 manufacturers are often reluctant to show the design of their pseudorandom generators. Security through obscurity has always been ineffective. Some open designs have also been proposed. Most of them fail, however, to prove their correctness. We analyze a recent proposal presented in the literature and demonstrate that it is, in fact, insecure.We propose an alternative mechanism that fits the Gen2 constraints and satisfies the security requirements.