Paper 2009/149

Secure EPC Gen2 compliant Radio Frequency Identification

Mike Burmester, Breno de Medeiros, Jorge Munilla, and Alberto Peinado

Abstract

The increased functionality of EPC Class1 Gen2 (EPCGen2) is making this standard a de facto specification for inexpensive tags in the RFID industry. Recently three EPCGen2 compliant protocols that address security issues were proposed in the literature. In this paper we analyze these protocols and show that they are not secure and subject to replay/impersonation and statistical analysis attacks. We then propose an EPCGen2 compliant RFID protocol that uses the numbers drawn from synchronized pseudorandom number generators (RNG) to provide secure tag identification and session unlinkability. This protocol is optimistic and its security reduces to the (cryptographic) pseudorandomness of the RNGs supported by EPCGen2.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. not published or accepted for publication
Keywords
EPCGen2 compliancesecurityidentificationunlinkability
Contact author(s)
burmester @ cs fsu edu
History
2009-05-14: last of 4 revisions
2009-04-01: received
See all versions
Short URL
https://ia.cr/2009/149
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/149,
      author = {Mike Burmester and Breno de Medeiros and Jorge Munilla and Alberto Peinado},
      title = {Secure {EPC} Gen2 compliant Radio Frequency Identification},
      howpublished = {Cryptology {ePrint} Archive, Paper 2009/149},
      year = {2009},
      url = {https://eprint.iacr.org/2009/149}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.