A case against currently used hash functions in RFID protocols

Authors:
Martin Feldhofer;Christian Rechberger
Affiliations:
Institute for Applied Information Processing and Communications, Graz University of Technology, Graz, Austria;Institute for Applied Information Processing and Communications, Graz University of Technology, Graz, Austria
Venue:
OTM'06 Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part I
Year:
2006

Citing 8
Cited 43

The Design of a High Speed ASIC Unit for the Hash Function SHA-256 (384, 512)

Proceedings of the conference on Design, automation and test in Europe - Volume 3
Hash-based Enhancement of Location Privacy for Radio-Frequency Identification Devices using Varying Identifiers

PERCOMW '04 Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops
Implementation of the SHA-2 Hash Family Standard Using FPGAs

The Journal of Supercomputing
ASIC-Hardware-Focused Comparison for Hash Functions MD5, RIPEMD-160, and SHS

ITCC '05 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume I - Volume 01
A Lightweight RFID Protocol to protect against Traceability and Cloning attacks

SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
Efficient RFID authentication protocol for ubiquitous computing environment

EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
Energy comparison of AES and SHA-1 for ubiquitous computing

EUC'06 Proceedings of the 2006 international conference on Emerging Directions in Embedded and Ubiquitous Computing
Challenge-eesponse based RFID authentication protocol for distributed database environment

SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing

MAME: A Compression Function with Reduced Hardware Requirements

CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
Hash Functions and RFID Tags: Mind the Gap

CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Formal apparatus for measurement of lightweight protocols

Computer Standards & Interfaces
Techniques for Design and Implementation of Secure Reconfigurable PUFs

ACM Transactions on Reconfigurable Technology and Systems (TRETS)
Lightweight secure PUFs

Proceedings of the 2008 IEEE/ACM International Conference on Computer-Aided Design
A low-resource public-key identification scheme for RFID tags and sensor nodes

Proceedings of the second ACM conference on Wireless network security
Vulnerability of an RFID authentication protocol conforming to EPC Class 1 Generation 2 Standards

Computer Standards & Interfaces
A Practical Key Recovery Attack on Basic TCHo

Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
Ubi-Check: A Pervasive Integrity Checking System

NEW2AN '09 and ruSMART '09 Proceedings of the 9th International Conference on Smart Spaces and Next Generation Wired/Wireless Networking and Second Conference on Smart Spaces
An efficient forward private RFID protocol

Proceedings of the 16th ACM conference on Computer and communications security
Towards lightweight secure communication protocols for passive RFIDs

SECON'09 Proceedings of the 6th Annual IEEE communications society conference on Sensor, Mesh and Ad Hoc Communications and Networks
Towards Secure and Practical MACs for Body Sensor Networks

INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
S-search: finding RFID tags using scalable and secure search protocol

Proceedings of the 2010 ACM Symposium on Applied Computing
Security analysis and enhancement of one-way hash based low-cost authentication protocol (OHLCAP)

PAKDD'07 Proceedings of the 2007 international conference on Emerging technologies in knowledge discovery and data mining
On privacy models for RFID

ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Advanced smart card based password authentication protocol

Computer Standards & Interfaces
SEAS: a secure and efficient anonymity scheme for low-cost RFID tags

ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Enhancing Privacy and Security of RFID System with Serverless Authentication and Search Protocols in Pervasive Environments

Wireless Personal Communications: An International Journal
Lightweight privacy preserving authentication for RFID using a stream cipher

FSE'10 Proceedings of the 17th international conference on Fast software encryption
QUARK: a lightweight hash

CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
ARMADILLO: a multi-purpose cryptographic primitive dedicated to hardware

CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
A lightweight implementation of Keccak hash function for radio-frequency identification applications

RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
An optimal probabilistic solution for information confinement, privacy, and security in RFID systems

Journal of Network and Computer Applications
Securing low-cost RFID systems: An unconditionally secure approach

Journal of Computer Security - 2010 Workshop on RFID Security (RFIDSec'10 Asia)
A Practical Implementation Attack on Weak Pseudorandom Number Generator Designs for EPC Gen2 Tags

Wireless Personal Communications: An International Journal
Across-authority lightweight ownership transfer protocol

Electronic Commerce Research and Applications
The PHOTON family of lightweight Hash functions

CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
A lightweight 256-bit hash function for hardware and low-end devices: lesamnta-LW

ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
Protocol for ownership transfer across authorities: with the ability to assign transfer target

Security and Communication Networks
Secure multiple group ownership transfer protocol for mobile RFID

Electronic Commerce Research and Applications
On the Designing of a Tamper Resistant Prescription RFID Access Control System

Journal of Medical Systems
Forward secure privacy protection scheme for rfid system using advanced encryption standard

ISPA'07 Proceedings of the 2007 international conference on Frontiers of High Performance Computing and Networking
The Grindahl hash functions

FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Low-latency encryption: is "Lightweight = light + wait"?

CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
On the security of tan et al. serverless RFID authentication and search protocols

RFIDSec'12 Proceedings of the 8th international conference on Radio Frequency Identification: security and privacy issues
Multipurpose cryptographic primitive ARMADILLO3

CARDIS'12 Proceedings of the 11th international conference on Smart Card Research and Advanced Applications
Hardware Cost Measurement of Lightweight Security Protocols

Wireless Personal Communications: An International Journal
Cryptanalysis of the RNTS system

The Journal of Supercomputing
Pushing the limits of SHA-3 hardware implementations to fit on RFID

CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Compact and unified hardware architecture for SHA-1 and SHA-256 of trusted mobile computing

Personal and Ubiquitous Computing
Two RFID Standard-based Security Protocols for Healthcare Environments

Journal of Medical Systems
A compact FPGA-based processor for the Secure Hash Algorithm SHA-256

Computers and Electrical Engineering
KEDGEN2: A key establishment and derivation protocol for EPC Gen2 RFID systems

Journal of Network and Computer Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

Designers of RFID security protocols can choose between a wide variety of cryptographic algorithms However, when implementing these algorithms on RFID tags fierce constraints have to be considered Looking at the common assumption in the literature that hash functions are implementable in a manner suitable for RFID tags and thus heavily used by RFID security protocol designers we claim the following Current standards and state-of-the-art low-power implementation techniques favor the use of block ciphers like the Advanced Encryption Standard (AES) instead of hash functions from the SHA family as building blocks for RFID security protocols In turn, we present a low-power architecture for the widely recommended hash function SHA-256 which is the basis for the smallest and most energy-efficient ASIC implementation published so far To back up our claim we compare the achieved results with the smallest available AES implementation The AES module requires only a third of the chip area and half of the mean power Our conclusions are even stronger since we can show that smaller hash functions like SHA-1, MD5 and MD4 are also less suitable for RFID tags than the AES Our analysis of the reasons of this result gives some input for future hash function designs.