Cryptographic Techniques And Protocols For Rfid Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

To effectively assess security needs, and evaluate/choose the most effective solution for a particular application, a definition of the security goals or requirements for that application is needed [102]. The main communication security goals, also known as security services, can be defined as follows:

Confidentiality: It is a service that denies read access to information to all but those authorized to have it. There are numerous approaches to providing confidentiality, ranging from physical protection to mathematical algorithms which render data unintelligible. Encryption can be used to meet this goal.

Data integrity: it is a service which addresses the unauthorized alteration of data. To provide data integrity for data communicated across an unreliable channel, it must be possible to detect data manipulation by unauthorized parties. Data manipulation includes such things as insertion, deletion and substitution. Note that this contrasts with data integrity provision for data stored within a computer system, where it is possible (at least in principle) to prevent modification to data. That is, in a computer system the objective of an access control system is typically to control access to data thereby preventing unauthorized modifications, whereas in communications system it is not possible to prevent changes, only to detect them.

Authentication: Authentication is a term used with two distinct, albeit related, meanings. Data origin authentication enables the recipient of transmitted data to verify its origin. Entity authentication enables a party in a communication session to verify, at an instant in time, the identity of the other party in the session; mutual authentication refers to the provision of entity authentication for both parties.

Non-repudiation: it is a service which prevents an entity from denying having made a commitment or performed an action. The provision of the service involves the generation of evidence about the commitment or action. In a communications context, non-repudiation of origin involves the provision of evidence about the transmission of a message that has value even if the message originator subsequently denies having sent the message.

Access control: It provides protection against unauthorized use of resources, e.g. the use of a communications resource; the reading, writing, or deletion of an information resource; or the execution of a processing resource.

Besides these security goals, certain general usability requirements also play an important role in developing security solutions:

Scalability: a network protocol is said to be scalable if the number of nodes can be significantly increased without imposing an unacceptable workload on any entity in the network. The interpretation of unacceptable will vary depending on the context (and the size of the network). For example, a load that is quadratic function of the number of network nodes may be unacceptable if the number of network nodes becomes large, whereas a load that is linear (or less, e.g. logarithmic) in the network size is more likely to be acceptable, even for very large networks. Any security scheme deployed in a network should not significantly affect its scalability. In the context of secure RFID systems, we would typically require that the workload on the server to complete a single transaction should not be a linear function of the number of deployed RFID tags.

Performance: security features must have minimal impact on network performance. This is especially important for real-time communications, where meeting the security requirements must not prevent the provision of the required quality of service. Performance also goes hand in hand with the resource usage of the medium; the security solutions must not, for example, cause a decrease in the overall capacity of the network.

4.2 Cryptographic Primitives

Cryptography is the study of mathematical techniques to hide information [103]. The fundamental objective of cryptography is to enable two parties to communicate over an insecure channel in such a way that an adversary cannot understand and/or manipulate what is being said [105]. This channel could be a telephone line, computer network, or wireless interface [105].

Cryptographic techniques can be divided into two main classes, symmetric and asymmetric techniques, depending on the nature of the keys used [103, 104, and 105]. In symmetric cryptography (also called secret key cryptography), the sender and receiver share a common secret key. In asymmetric cryptography (also called public key cryptography), every participating entity has its own key pair, made up of a private key, which is kept secret by its owner, and a public key, which can be disseminated freely.

Symmetric Techniques: When using a symmetric cryptographic algorithm to protect a transmitted message, the sender and receiver must share a secret key. The precise use of the key will depend on the nature of the protection provided by the algorithm being used (e.g. to protect the confidentiality or the integrity of the message).

The main classes of symmetric techniques are: encryption algorithms, message authentication code algorithms, hash functions and pseudo-random bit generators, each of which are discussed in greater detail below.

4.3 Symmetric Encryption

There are a variety of different types of symmetric encryption techniques, also known as secret key encryption algorithms. The most widely discussed class of symmetric cipher is the block cipher. In a block cipher, data are processed in blocks, for example, of 64 or 128 bits [104]. A block cipher algorithm is made up of encryption and decryption functions [103, 104, and 105]. Encryption takes as input a block of plaintext and a secret key, and outputs a block of cipher-text [103, 104, and 105]. Decryption, when given the same secret key, always maps a cipher-text block back to the correct plaintext block [103, 104, and 105]. The principle function of encryption is to provide the confidentiality service for transmitted or stored data [103, 104, and 105]. However, it is possible to provide other services if encryption is used in appropriate ways [104].

4.3.1 Message Authentication Codes

A Message Authentication Code (MAC) algorithm is a cryptographic function that takes as input a message and a secret key, and outputs a short, fixed length, block of bits known as the MAC [103, 104, and 105]. This MAC is then sent or stored with the message, and acts to protect its integrity and guarantee its origin [103, 104, and 105]. If the recipient of a MAC is equipped with the correct secret key, then the key can be used with the received message to re-compute the MAC value [103, 104, and 105]. If this re-computed value agrees with the MAC value sent or stored with the message, then the recipient knows that the message has not been changed and that it must have been sent by someone who knows the secret key (presumably the legitimate originator) [103, 104, and 105].

4.3.2 Hash Functions

Hash functions are somewhat different to the functions we have considered so far in that they do not use keys. A hash function takes an input an arbitrary data string and gives as output a short, fixed-length value that is a function of the entire input; this output is known as a hash code or hash value [103, 104, and 105]. Hash functions must have the one-way property, that is, they must be designed so that they are simple and efficient to compute, but also so that given an arbitrary output, and it is computationally infeasible to find an input that gives the chosen output [103, 104, and 105].

That is, a hash function is an efficiently computable function which maps an arbitrary length input to a fixed length output

The basic requirements for a cryptographic hash function are as follows:

Preimage resistance: for any output y, it is computationally infeasible to find an input x such that h(x) = y, given no corresponding input is known.

2nd-preimage resistance: given x, it is computationally infeasible to find such that

Collision resistance: it is computationally infeasible to find any pair of distinct sInputs.

4.3.3 Pseudo-Random Bit Generators

A pseudo-random bit generator (PRBG) is a deterministic algorithm which, given a truly random binary sequence of length m, outputs a binary sequence of length l > m which appears to be random. The input to the PRBG is called the seed, while the output of the PRBG is called a pseudo-random bit sequence [103, 106].

The security strength of a PRBG depends on a variety of factors, including the period and probability distribution of the output sequence.

4.4 Asymmetric Techniques

We now discuss two of the main classes of asymmetric algorithms, namely asymmetric encryption algorithms and digital signature schemes. Unlike symmetric cryptosystems, which make use of a single key known to sender and receiver, asymmetric cryptosystems employ two keys, a public key and a private key. These public and private keys are related mathematically, and an entity's private key cannot be derived from its public key [103] [104] [105] [106].

4.4.1 Asymmetric Encryption

Asymmetric encryption, also known as public key encryption, involves an encryption operation that transforms blocks of plaintext into cipher-text blocks, and a decryption operation that reverses this process [103] [104] [105] [106].The main difference from symmetric encryption is the way in which keys are used [103] [104] [105] [106].. The public key of the intended recipient of a message is used for encryption and the recipient's private key is used for decryption [103] [104] [105] [106].A user's public key is made available to anyone who wants to encrypt a message intended for that user; the recipient's private key is used to decrypt received encrypted messages [107].

Implementing such an algorithm requires the computation of complex mathematical functions, e.g. involving multi-precision integer or finite field arithmetic [104]. As a result, public key encryption schemes tend to be more computationally intensive, and hence slower to compute, than secret key encryption algorithms [104]. Because of this, simple wireless devices such as RFID tags are likely to lack the computational power necessary to handle asymmetric encryption algorithms [104].

4.4.2 Digital Signatures

A digital signature is computed as a function of the message to be signed using the signer's private key, and can then be verified by anyone equipped with the signer's public key [103] [104] [105] [106].When computing a signature it is almost always the case that a hash function is applied to the message being signed. The most common form of a signature gives a value that, much like a MAC, is sent or stored with the message it is protecting [103] [104] [105] [106].

One key difference from a MAC is the way in which signatures are verified [104]. Verifying a MAC essentially involves re-computing it. However, verifying a digital signature uses a special verification function that takes as input the signature, the message and the public verification key, and gives as output an indication as to whether the signature is valid or not [104]. Thus, just because an entity can verify the correctness of a signature, does not mean that it is possible to forge a signature [104]. Thus, as well as being able to provide data integrity and data origin authentication functions, a digital signature can also provide non-repudiation services. The disadvantage is that digital signature functions are generally significantly more complex to compute than MAC functions [104].

4.5 Authentication Protocols

An authentication protocol is a defined exchange of messages between two (or possibly more) parties, with the objective of providing one or both parties with an entity authentication service [103] [104] [108]. That is, the objective is for one or both of the parties to verify the identity of which it is they are exchanging messages with, and that the other party is actively involved in the protocol, that is, that the messages are not replayed versions of `old' messages [103] [104] [108].

Authentication protocols make use of cryptographic techniques to protect the origin and integrity of individual messages [103] [104] [108]. One common approach is to employ MACs for this purpose. As an alternative to the use of MACs to protect the protocol messages, it is also possible to use digital signatures [103] [104].

A number of authentication protocols have been developed since the emergence of RFID technologies. Few of the prominent RFID identification and authentication protocols have been discussed in the ascending chapter.