Paper 2017/1221

Weak-Unforgeable Tags for Secure Supply Chain Management

Marten van Dijk, Chenglu Jin, Hoda Maleki, Phuong Ha Nguyen, and Reza Rahaeimehr


Given the value of imported counterfeit and pirated goods, the need for secure supply chain management is pertinent. Maleki et al. (HOST 2017) propose a new management scheme based on RFID tags (with 2-3K bits NVM) which, if compared to other schemes, is competitive on several performance and security metrics. Its main idea is to have each RFID tag stores its reader events in its own NVM while moving through the supply chain. In order to bind a tag's identity to each event such that an adversary is not able to impersonate the tag's identity on another duplicate tag, a function with a weak form of unforgeability is needed. In this paper, we formally dene this security property, present three constructions (MULTIPLY-ADD, ADD-XOR, and S-Box-CBC) having this security property, and show how to bound the probability of successful impersonation in concrete parameter settings. Finally, we compare our constructions with the light-weight hash function PHOTON used by Maleki et al. in terms of security and circuit area needed. We conclude that our ADD-XOR and S-Box-CBC constructions have approximately 1/4 - 1/3 of PHOTON's total circuit area (this also includes the control circuitry besides PHOTON) while maintaining an appropriate security level which takes care of economically motivated adversaries.

Available format(s)
Publication info
Published elsewhere. Minor revision. HOST 2018
light-weight cryptographyunforgeabilityOne-time Hash functionsecure supply chain management
Contact author(s)
reza rahaeimehr @ uconn edu
2017-12-22: received
Short URL
Creative Commons Attribution


      author = {Marten van Dijk and Chenglu Jin and Hoda Maleki and Phuong Ha Nguyen and Reza Rahaeimehr},
      title = {Weak-Unforgeable Tags for Secure Supply Chain Management},
      howpublished = {Cryptology ePrint Archive, Paper 2017/1221},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.