Analysis and improvement of a pseudorandom number generator for EPC Gen2 tags

Authors:
J. Melia-Segui;J. Garcia-Alfaro;J. Herrera-Joancomarti
Affiliations:
Universitat Oberta de Catalunya, Barcelona, Spain;Universitat Oberta de Catalunya, Barcelona, Spain and Institut Telecom, Telecom Bretagne, Cesson-Sevigne, France;Universitat Autònoma de Barcelona, Bellaterra, Spain
Venue:
FC'10 Proceedings of the 14th international conference on Financial cryptograpy and data security
Year:
2010

Citing 7
Cited 4

Linear Dependencies in Linear Feedback Shift Registers

IEEE Transactions on Computers
On functions of linear shift register sequences

Proc. of a workshop on the theory and application of cryptographic techniques on Advances in cryptology---EUROCRYPT '85
Built-In Test for Circuits with Scan Based on Reseeding of Multiple-Polynomial Linear Feedback Shift Registers

IEEE Transactions on Computers - Special issue on fault-tolerant computing
A New Class of Invertible Mappings

CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Grain: a stream cipher for constrained environments

International Journal of Wireless and Mobile Computing
LAMED - A PRNG for EPC Class-1 Generation-2 RFID specification

Computer Standards & Interfaces
Dismantling MIFARE Classic

ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security

Review: Privacy versus scalability in radio frequency identification systems

Computer Communications
Non-uniform stepping approach to RFID distance bounding problem

DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
A Practical Implementation Attack on Weak Pseudorandom Number Generator Designs for EPC Gen2 Tags

Wireless Personal Communications: An International Journal
KEDGEN2: A key establishment and derivation protocol for EPC Gen2 RFID systems

Journal of Network and Computer Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

The EPC Gen2 is an international standard that proposes the use of Radio Frequency Identification (RFID) in the supply chain. It is designed to balance cost and functionality. The development of Gen2 tags faces, in fact, several challenging constraints such as cost, compatibility regulations, power consumption, and performance requirements. As a consequence, security on board of Gen2 tags is often minimal. It is, indeed, mainly based on the use of on board pseudorandomness. This pseudorandomness is used to blind the communication between readers and tags; and to acknowledge the proper execution of password-protected operations. Gen2 manufacturers are often reluctant to show the design of their pseudorandom generators. Security through obscurity has always been ineffective. Some open designs have also been proposed. Most of them fail, however, to prove their correctness. We analyze a recent proposal presented in the literature and demonstrate that it is, in fact, insecure.We propose an alternative mechanism that fits the Gen2 constraints and satisfies the security requirements.