JOURNAL OF INFORMATION AND COMMUNICATION TECHNOLOGIES, VOLUME 3, ISSUE 3, MARCH 2013 16

Providing Anonymity for RFID Systems

Wissam Razouk, Ferucio Laurentiu iplea, Abderrahim Sekkaki and Cosmin Varlan
AbstractRadio Frequency Identification (RFID) is considered as the next generation technology, and is certainly playing an important role for several applications. Therefore, security is a pressing need for various cases. However, Low-cost RFID tags are very constrained devices and cannot apply the existing cryptographic algorithms due to computation and memory size restrictions. Consequently, RFID systems are vulnerable to numerous security attacks, which imply many privacy issues. In this paper, we propose a security protocol that fits low-cost RFID tags requirements, and provides data protection and location privacy for the consumer. Moreover, different from previous works, our protocol enables searching on encrypted data without leaking any information, and provides also protection based on the assumption that the server is not necesserally considered as a trusted third party. We present the formal proof of correctness of our scheme based on GNY Logic. Index TermsRFID Security, Anonymity, Formal Verification, GNY Logic, Security Protocols.

1 INTRODUCTION
RFID systems have become widely used in access control and security applications, and more significantly in industries that require tracking or identification of products like the supply chain management or the manufacturing process. The potential benefits of RFID applications are multiple; first, unlike barcodes, RFID tags do not require a line of sight to be read; they can be read from distance and from any orientation. Therefore, a huge number of tags can be scanned remotely at once and very quickly. Second, bar codes are in most cases scanned only once at the checkout during the lifetime of the item. On the other hand, RFID systems have read and write capabilities, which allow for data to be changed dynamically at any time. Thus, RFID systems can be deployed in a way in which numerous supply chain management applications can be simultaneously implemented, benefiting all entities involved in the commercial transaction process (the manufacturers, the retailers and the users). An RFID system typically consists of three main components; the readers (or transceivers), the tags (or transponders) and a back end database. The reader starts the communication by querying the tag and transferring energy by emitting electronic waves. The tag charges up and uses RF energy to send the stored data. the tags are not compromised. Resistance to DoS attacks: Power interruption or fault induction should not compromise future communication or make hijacking possible. Resistance to replay attacks: Impersonation using previous messages should not be possible. Backward and forward traceability: Should be provided even if the tag is compromised. An attacker should not be able to identify past or future interactions [7]. To avoid privacy treats the protocol should also satisfy the following requirements [8]: Resistance to traceability: The tag's messages should be anonymous and randomized. Hence, an adversary should not be able to link messages to each other or to the tag. Resistance to information leakage: Only a genuine reader should be able to access the information associated with a tag [8].

1.2 RFID Performance Requirements In order to fit the low-cost RFID tags requirements, a security protocol has to fulfill the following conditions: Computational capabilities: Cost effective RFID tags are very constrained devices and cannot afford very intensive computations due to their low power and small memory size. Thus the computational effort required at the tag 1.1 RFID Security and Privacy Requirement side is considered as an important criterion. Many studies have developed a classification of RFID at- Storage abilities: The protocol should not exceed the catacks and presented several analyses of potential security pacity of the tag, as low-cost RFID tags have very limited treats in RFID systems. We describe below some security storage area goals; nevertheless, we refer the reader to the studies [2], Message traffic: For performance optimization reasons, [6], [1], [9], [5] for a comprehensive and detailed descrip- the number and size of the messages exchanged between tion of possible attacks. readers and tags should be minimized [7]. We summarize the RFID security requirement as fol- Scalability: The readers usually have to perform an exlows: haustive search over a list of entries in order to identify or Resistance to tag impersonation attacks: The protocol authenticate a tag. This has to be done in a reasonable should not allow the authentication of fake tags as long as time to provide scalability. The rest of this paper is organized as follows: First, we summarize the relevant related work in Section 2, then Wissam Razouk and Abderrahim Sekkaki are with the Department of Mathematics and Computer Science, Hassan II University, Casablanca, we present our security protocol in Section 3. In section 4, Morocco. we formally verify the proposed scheme. Next, we dis Ferucio Laurentiu Tiplea and Cosmin Varlan are with the Faculty of Computer Science, Alexandru Ioan Cuza University of Iasi, Iasi, Romania. cuss the security and performance evaluation in Section 5.

17

Finally, we make conclusions in Section 5.

2 RELATED WORK
The hash lock scheme was first proposed by Weis et al. [10], followed by the improved hash-lock scheme where a random value is generated by the tag to avoid traceability attacks. However, their protocol is considered insecure, as eavesdropping and impersonating attacks can easily be done. In the same way, Henrici et al. [4] presented the randomized hash lock scheme where the tag is authenticated with its ID hashed together with a transaction number. The tag's identifier is refreshed using a random value sent by the reader. Their protocol is simple but cannot resist manin-the-middle attacks; since messages between the tag and reader can be relayed, and an attacker can be easily authenticated by the reader before the next session. Indeed, the one-wayness of hash functions is considered as an efficient solution for low-cost RFID tags [11], and many proposals were published to address RFID security issues using this cryptographic tool, but obtaining a maximum security for these very constrained devices is still considered as a real challenge [15].

2.

3.

the server's secret key. In addition, T possesses a hash function which is used to compute H ( NT , NR, EkS ( P )) . Also, a counter C is incremented after each query to keep the protocol lightweight and produce randomness in the tag's response; thus, we choose to generate the pseudo random number NT using H ( NR C ) , instead of implementing a random number generator on the tag side, wich is not easy and practical on lowcost RFID tags. The reader stores the encrypted pointers, and possesses a random number generator to generate N R . A secret key KR is also necessary to retrieve the encrypted data received from the server. The server S has a secret key KS to retrieve P from EkS (P) and stores also the encrypted information related to the tag.

3.3 Detailed Description The general description of the proposed scheme is detailed as follows: Step 1 The reader R generates a fresh random nonce NR . Then R sends NR along with the request to the queried tag T. In our scheme NR is very important, as it is in-

3 THE PROPOSED SECURITY PROTOCOL FOR RFID SYSTEMS

3.1 Notations and Assumptions We use the following notations to describe the protocol throughout the paper:
TABLE 1 PROTOCOL NOTATIONS T RFID tag R RFID reader S The server that stores the encryptedf data NT A random number generated by the tag NR A random number generated by the reader KS The secret key of the server KR The secret key of the reader P A pointer D Data H The output of the hash function EK(M) An encrypted message M with the key K Our protocol works with the assumption that the tag has a hash function, a re-writable memory EEPROM and the capability to keep state during a single session. Usually, in the previous proposed protocols in the literature, the server S is assumed to be a TTP (Trusted third party) and the communication channel between the reader R and server S is secure. However, we assume that S is not necessarily a TTP and the communication channel between R and S is insecure. We also assume that R and S have normally sufficient computation abilities; and thus, can support cryptographic operations.

Fig.1. Description of the proposed protocol.

3.2 Initial Setup 1. Each tag stores initially a pointer encrypted with

cluded in the tag's answer to prevent from replay attacks and detect illegitimate responses. Step 2 When queried, the tag T generates a fresh random number NT , this nonce is hashed together with the reader's nonce NR and the encrypted pointer EkS (P) to form a one-time-use authentication key. Then T sends NT along with the output of the computed hash H ( NT , NR, EkS ( P )) . This allows protecting the protocol from replay and man-in-the-middle attacks. Therefore, the reader is able to verify the freshness of the received message. Step 3 When the reader receives the tag's response, R verifies at first whether the forwarded message is valid or not by computing H' using NT and NR for the stored encrypted pointers, and comparing H' with H until a match is found. This proves that the message is fresh and genuine, mainly because it was generated using the reader's and tag's nonce, and also the secret encrypted pointer. If the received message is valid, R can easily forward the encrypted pointer EkS (P) to the server. Step 4 The server is not considered as a trusted third party since it stores only the encrypted information and doesn't know about the decryption process. Thus, when the pointer has been recovered using the server's secret key KS , S can easily access the encrypted data to be sent in the next step to the reader. Step 5 Finally, the reader receives the encrypted information and retrieves data using its private key KR .

18

FORMAL VERIFICATION

Formal methods have a very important role in examining security protocols. Numerous logic techniques have highlighted many protocol weaknesses, and are considered successful [13]. Furthermore, the designers are forced to make security assumptions, and to achieve well-defined authentication goals. In this paper we use GNY Logic (Gong L., Needham R., and Yahalom R.) [3], which is a direct successor to BAN [14] logic; it is considered reasonably powerful in its capacity to reveal whether a security protocol is ambiguous, incorrect, inconsistent or incomplete [13]. Indeed, message extensions are used in GNY Logic to describe the formalization of the protocol. Thus, the involved parties can transfer and reason about their beliefs. Moreover, unlike BAN Logic which assumes that all parties are honest and competent, it is possible to deal with diverse levels of trust. In this section, we show the correctness of our scheme based on GNY Logic [3]. Precisely, it means that after the protocol execution, both parties T and S are sure that the received messages are fresh. They should also believe that they are sharing secrets in case the communication channel is insecure.

includes the beliefs and possessions of the different parties at the beginning of each session of the protocol. Indeed, unlike most of the proposed security protocols in the literature, we assume that the server is not a trusted party. Thus, the information is not stored in clear, and only a genuine reader possesses the key to recover the encrypted data. The formalization of the initial assumptions for our scheme is listed as shown in Table 3. TABLE 3 INITIAL ASSUMPTION FOR PROOF 1: T H (X ) 2: T E KS (P) 3: T C 4: R E KS (P) 5: S EKR (D) 6: T 7: R # ( N R ) 8: R

# ( N T )

( EKS ( P))

4.1 Formalization of the Protocol Steps The conventional notations are not suitable for manipulation in logic. Thus, the first step in logic-based verification consists of avoiding ambiguity by specifying the protocol in a logical language, and expressing the messages of the protocol as a logical formula. In this section, we simplify the proposed protocol as a generic type. Then we formalize it for verification purposes as presented in Table 2.
TABLE 2 FORMALIZATION OF THE PROTOCOL STEPS

The first three rows state that the tag has a hash function and stores the encrypted pointer and a counter. While the assumption (4) states that the reader possesses the encrypted pointer. The next row states that the server stores only the encrypted data. Each principal believes in its nonce freshness in (6) and (7). Finally, the last row is about a recognizability assumption; the reader recognizes the encrypted pointer.

M1: M2: M3: M4: S1: S2: S3: S4:

R T : NR T R : N T , H ( N T , N R , E KS ( P)) R S : E KS ( P) S R : EKR ( D)
Formalized Protocol

Protocol Generic Type

4.3 Specification of the Protocol Goals The third step of logic-based formal verification concerns expressing in the language of logic the beliefs and possessions of the involved principals at the end of a successful protocol run. The goals of the proposed scheme are detailed in table 4.
TABLE 4 GOALS OF THE PROPOSED PROTOCOL G1: R # ( N T , H ( N T , N R , E KS ( P))) G2: R ( H ( NT , N R , E KS ( P))) G3: S R ~( E KS ( P))) G4: R S ~( E KS ( D))) G5: R D G6: S P The first row states that the reader believes that the received information is fresh. The goal G2 states that the reader is able to recognize the formula. The goals G3 and G4 are about authentication; each principal should believe that the received information was conveyed by its counterpart. The Goals in G5 and G6 concern the confidentiality of the information.

T NR R N T , H ( N T , N R , E KS ( P)) S E KS (P) R EKR (D)

In S1, the tag is told a random nonce NR from the reader, which is going to be included in the tag's response in order to enable the security check on the readers side. Indeed; in S2, the reader receives the tag's nonce NT along with H ( NT , NR, EkS ( P )) . After the reader has found a match for the received hash, the back-end server is told in S3, the encrypted pointer EkS (P) . In S4, the reader is told the encrypted data EkR (D ) stored in the server using the address contained in the recovered pointer P. The relevant GNY Logic notations are listed in the Appendix.

4.2 Specification of the Initial Assumptions The second step in the logic-based formal verification

19

4.4 Verification The final step of the logic-based formal verification involves establishing the beliefs and possessions of the protocol principals by applying the logical postulates (from Appendix). This analysis aims to confirm that the goals can result from the initial assumptions. The protocol is successfully verified if such derivation exists. If not, the verification fails. We follow the logical postulate of GNY Logic [3], and present the formal proof of our scheme based on the assumptions stated in Table 3:
S1. T N R : -- Applying T1 yields T NR . The tag possesses the reader's nonce. S2. R ( NT ,.H ( NT , NR, EkS ( P))) -- Applying T1 yields R NT ; thus, the reader possesses the tag's nonce. -Since R recognizes EkR (P ) , applying R1 yields R H ( NT , NR, EkR( P)) and satisfies the goal G2. -- Applying F1 yields R # ( NT ,.H ( NT , NR, Ekr ( P))) and satisfies the goal (G1). S3. S EkS (P) -- Applying T1 yields S EkS (P ) . The server possesses the encrypted pointer. -- Applying I4 yields S R ~ EkR ( P) and satisfies the goal (G3). -- Applying T3 yields S P and satisfies the goal (G6). S4. R EkR (D) -- Applying T1 yields R EkR (D) . The reader possesses the encrypted Data. -- Applying I4 yields R S ~ EkR ( D) and satisfies the goal (G4). -- Applying T3 yields R D and thus satisfies the goal (G5). The application of the logical postulates and the result of the verification are summarized in Table 5. After verifying the protocol using GNY Logic, it is established that all the proof goals are accomplished by verification steps (4) for G1, (3) for G2, (6) for G3, (9) for G4, (10) for G5, and (7) for G6. TABLE 5 VEERIFICATION RESULTS USING THE LOGICAL POSTULATES

EVALUATION

Message 1: T N R 1. T N R Message 2: R N T , H ( N T , N R , E KS ( P)) 2. R NT /*By T1*/ 3. R ( H ( NT , N R , E KS ( P))) /*By R1*/ 4. R # ( N T , H ( N T , N R , E KS ( P))) /*By F1*/ Message 3: S E KS (P) 5. S E KS (P) /*By T1*/ 6. S R ~( E KS ( P)) /*By I4*/ 7. S P /*By T3*/ Message 4: R EKR (D) 8. R EKR (D) /*By T1*/ 9. R S ~( E KR ( D)) /*By I4*/ 10. R D /*By T3*/

5.1 Security Analysis We evaluate the proposed scheme in the security requirements viewpoint. Firstly, in our protocol, the server is not considered as a trusted third party; thus, the information to be stored on S is encrypted and the server doesn't have the key to retrieve the real information. Secondly, the channel between the reader and the server is also considered insecure; therefore, we use asymmetric encryption to exchange data between R and S. Our scheme has also the following security properties: Data Secrecy: The information transmitted between the RFID system components should not be understandable to the attacker. Usually the tag stores the unique identifier that is used by the reader for identification purposes. However if this identifier is exposed, it could be used by an attacker to identify the tag's carrier items or disclose the user's private information profile. In our protocol, the tag stores the encrypted version of a pointer, thus even if the encrypted pointer is exposed, the attack would fail; because only the server can retrieve the real pointer using its secret key. Moreover, the pointer holds the address of encrypted data, and again only the reader can retrieve the real information. Data Anonymity: The user should be able to use a service or resource without disclosing his identity. In this case, the transmitted data between all the RFID system components should not be distinguishable to an attacker. Although the exchanged messages are not comprehensible for the attacker, it is possible to link a message to a tag. Thus, tracing an object enables an attacker to trace the tag's carrier. In our protocol, the tag's response is randomized and different for each session to protect the users anonymity. Therefore, our scheme provides user's privacy protection because an attacker cannot identify or trace a tag. Resist replay attacks: Our scheme is designed to counter replay attacks. Indeed, in each session, different random numbers are included into the exchanged messages between the reader and the tag to prevent this type of vulnerabilities. For example, an eavesdropper could try to impersonate a tag and replay the tag's response, however the message would not be validated by the reader, because the reader's random number contained in the message is not fresh, and would not match the reader's information; thus, it will not pass verification and the attack would fail. Therefore, our protocol resists replay attacks. 5.2 Performance Analysis In addition to providing many security properties against several possible attacks in RFID systems, our scheme has low computational cost, and fits low-cost RFID tags communication and storage requirements. Computation cost: Standard cryptographic algorithms have a very high computational cost, and need large memory space. Therefore these kinds of methods are not suitable for very constrained devises such us low-cost RFID tags. The protocol we have proposed requires only a hash function to be implemented. We assume that the

20

reader and the server have enough computational power to handle cryptographic operations based on asymmetric key cryptosystem. Communication Cost: Our scheme is accomplished with only two rounds between the reader and the tag. In general, previous protocols require a minimum of three and up to six rounds. Therefore, the proposed scheme is practical and feasible in the sense of communication overheads. Storage requirement: Each tag needs only to store two records in ROM, in addition to the implementation of a hash function. The encrypted pointer EkS (P) is considered to have 96-bit length, which is compliant with all encoding schemes (i.e. GID, SGTIN, SSCC) defined by EPCGlobal standard. Moreover, a hash function can be implemented with only about 1.7 K-gate [11], and is considered as a proper solution in the aspect of security requirements and hardware implementation for low-cost RFID tags. Thus, the proposed protocol is lightweight and practical.

[7] [8] [9] [10]

[11] [12]

[13]

[14]

CONCLUSION AND FUTURE WORK

[15]

Our protocol guarantees data anonymity for the tag's owner, in the sense of supporting the searching functionality without any loss of confidentiality. Also, the user privacy is strongly protected; indeed, we use a new fresh random nonce in each session; thus tag anonymity is guaranteed and the location privacy of the tag carrier is not disclosed either. The formal proof of correctness for our scheme was based on GNY Logic. In future, we plan to extend our protocol to decrease the computation and the search time on the readers side.

2010. B. Song. RFID Authentication Protocols using Symmetric Cryptography. PhD thesis, PhD thesis, December, 2009. B. Song and C.J. Mitchell. Scalable r_d security protocols supporting tag ownership transfer. Computer Communications, 34(4):556-566, 2011. T. Van Deursen and S. Radomirovic. Attacks on r_d protocols. IACR eprint Archive, 310, 2008. S. Weis, S. Sarma, R. Rivest, and D. Engels. Security and privacy aspects of lowcost radio frequency identi_cation systems. Security in pervasive computing, pages 50-59, 2004. K. Y uksel. Universal hashing for ultra-low-power cryptographic hardware applications. PhD thesis, Citeseer, 2004. V.D. Gligor, R. Kailar, S. Stubblebine, and L. Gong. Logics for cryptographic protocols-virtues and limitations. In Computer Security Foundations Workshop IV, 1991. Proceedings, pages 219-226. IEEE, 1991. A. Mathuria, R. Safavi-Naini, and P. Nickolas. Some remarks on the logic of gong, needham and yahalom. In Proceedings of the International Computer Symposium, volume 1, pages 303-308. Citeseer, 1994. M. Burrows, M. Abadi, and R.M. Needham. A logic of authentication. Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences, 426(1871):233-271, 1989. G. Avoine, X. Carpent, and B. Martin. Privacy-friendly synchronized ultralightweight authentication protocols in the storm. Journal of Network and Computer Applications, 2011.

Wissam Razouk received her B.Sc and M.Sc degree from Hassan II Universiy, Casablanca, Morocco. She is currently a PhD student in the mathematics and computer science department, in the same university. Her primary research interests are RFID security protocols, and formal verifications. Ferucio Laurentiu iplea received his Ph.D. degree in Computer Science from Al. I. Cuza University of Iasi, Romania, in 1993. He joined the Department of Computer Science of the aforementioned university in 1990, where he is currently Professor of Computer Science. Tipleas research interests lie in the area of theories and tools for high-level modeling, design, and analysis of systems (including Petri nets and formal verification), computability and complexity, cryptography and computer security, and algebraic foundations of computer science. Abderrahim Sekkaki received his D.Sc. in Network Management domain from the Paul Sabatier University, France, 1991. He received a Dr. of State Degree from Hassan II University, Morocco in 2002 and is presently a computer science professor at the same university. His research interests include distributed systems, policies based network management and security. Cosmin Vrlan received his B.S. degree in Mathematics, Al. I. Cuza University of Iasi, Romania, in 2002. He joined the Department of Mathematics as a teaching assistant in 2002 and the Department of Computer Science of the aforementioned university in 2004. He is currently working towards his Ph.D. degree with a focus on anonymity-related properties in security protocols.

ACKNOWLEDGMENT
This work was supported by a grant provided by the European Commission under the framework of ERASMUS MUNDUS - Al IDRISSI project.

REFERENCES
[1] [2] G. Avoine and P. Oechslin. R_d traceability: A multilayer problem. Financial Cryptography and Data Security, pages 577-577, 2005. M. Burmester and B. De Medeiros. R_d security: attacks, countermeasures and challenges. Computer Science Department, Florida State University, 2007. L. Gong, R. Needham, and R. Yahalom. Reasoning about belief in cryptographic protocols. In Research in Security and Privacy, 1990. Proceedings, 1990 IEEE Computer Society Symposium on, pages 234-248. IEEE, 1990. D. Henrici and P. Muller. Hash-based enhancement of location privacy for radiofrequency identi_cation devices using varying identi_ers. In Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second IEEE Annual Conference on, pages 149-153. IEEE, 2004. A. Karygicmnis, T. Phillips, and A. Tsibertzopoulos. R_d security: A taxonomy of risk. In Communications and Networking in China, 2006. ChinaCom'06. First International Conference on, pages 1-8. IEEE, 2006. A. Mitrokotsa, M.R. Rieback, and A.S. Tanenbaum. Classifying r_d attacks and defenses. Information Systems Frontiers, 12(5):491-505,

[3]

[4]

APPENDIX
We list below the notations followed by the logical postulates of GNY Logic [3] used in this paper:

[5]

[6]

21

(X,Y) #(X)

(X ) P X
PX

Concatenation of two formulae The formula X is fresh. X has not been sent in a message at any time before the current run of the protocol The formula X is recognizable P has a received a message containing X and P can read and repeat X, possibly after performing some decryption P possesses or is capable of possessing formula X P conveyed X P believes X. That is, the principal P acts as if X is true

is recognizable that either X or K+ is fresh. Then, P believes that Q once conveyed the message X, and that Q once conveyed the message X encrypted under Qs private key (K-).

P ~X P X

T1 :

P *X P X

If a principal is told a formula is marked with a notoriginated-here asterisk, then the principal is told that formula.

T3:

P { X }K , P K P X

If a principal is told that he possesses a formula encrypted with a key, then he is considered to have been told the decrypted contents of that formula.

F1 :

P # ( X ) P # ( X , Y ), P # ( F ( X ))

If a principal believes that a formula X is fresh, then it is believed that any formula of which X is a component is fresh and that a computationally feasible one-to-one function, F, of X is fresh.

R1 :

P ( X ) P ( X , Y ), P ( F ( X ))

If a principal believes that a formula X is recognizable, then it is believed that any formula of which X is a component is recognizable and that a computationally feasible one-to-one function, F, of X is recognizable.

I4:

P { X }K , P K +, P K + Q, P ( X ), P # ( X , K +) P Q ~ X , P Q ~ { X }K

If, for principal P, the following conditions hold: P receives a formula X encrypted under private key (K-), P possesses the corresponding public key (K+), believes the public key belongs to Q, and P believes that the formula X
2013 JICT www.jict.co.uk