The Journal of Korean Institute of Communications and Information Sciences (한국통신학회논문지)

The Korean Institute of Commucations and Information Sciences (한국통신학회)
권호 표지
DOI QR코드

DOI QR Code

Design of PUF-Based Encryption Processor and Mutual Authentication Protocol for Low-Cost RFID Authentication

저비용 RFID 인증을 위한 PUF 기반 암호화 프로세서와 상호 인증 프로토콜 설계

  • Che, Wonseok (School of Computer Science and Engineering, Kyungpook National University) ;
  • Kim, Sungsoo (Department of Mobile Engineering, Kyungwoon University) ;
  • Kim, Yonghwan (Department of Computer Engineering, Kyungwoon University) ;
  • Yun, Taejin (Department of Mobile Engineering, Kyungwoon University) ;
  • Ahn, Kwangseon (School of Computer Science and Engineering, Kyungpook National University) ;
  • Han, Kijun (School of Computer Science and Engineering, Kyungpook National University)
  • Received : 2014.04.07
  • Accepted : 2014.12.08
  • Published : 2014.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

The attacker can access the RFID systems illegally because authentication operation on the RFID systems are performed in wireless communication. Authentication methods based on the PUF were presented to defend attacks. Because of Hash and AES, the cost is expensive for the low-cost RFID tag. In this paper, the PUF-based encryption processor and the mutual authentication protocol are proposed for low-cost RFID authentication. The challenge-response pairs (PUF's input and output) are utilized as the authentication key and encrypted by the PUF's characteristics. The encryption method is changed each session and XOR operation with random number is utilized. Therefore, it is difficult for the attacker to analyze challenge-response pairs and attack the systems. In addition, the proposed method with PUF is strong against physical attacks. And the method protects the tag cloning attack by physical attacks because there is no authentication data in the tag. Proposed processor is implemented at low cost with small footprint and low power.

RFID 시스템은 무선 통신을 이용하여 운용되기 때문에 외부의 불법적인 공격에 노출되어 있으며 이에 대한 시스템 침해의 위험성이 높다. 이러한 공격들에 대한 보안 기법들 중 PUF 기반의 인증 기법이 존재한다. 그러나 기존의 PUF 기반 기법들은 해쉬나 AES 알고리즘을 함께 이용하기 때문에, 비용 및 성능적인 측면에서 저비용 RFID 태그에 적합하지 않다. 본 논문에서는, 저비용 RFID 인증을 위하여 PUF 기반 암호화 프로세서와 이를 이용한 상호 인증 프로토콜을 제안한다. PUF의 challenge-response 쌍들을 인증키로 활용하고, 이를 PUF의 특성을 이용하여 암호화함으로써 해쉬 및 AES 등의 알고리즘 사용을 배제하였다. 매 세션마다 변경되는 암호화 방법과 일회성 난수를 이용한 XOR 연산 기법을 활용함으로써 공격자의 challenge-response 쌍에 대한 분석을 차단하여 시스템 공격을 무력화 시킨다. 또한, PUF 특성으로 인하여 물리적 공격에 강하고 태그에 저장된 인증 데이터가 존재하지 않기 때문에 물리적 공격에 의한 태그 복제 위험을 방지한다. 제안된 PUF 기반의 암호화 프로세서는 저비용으로 구현되며 저면적 및 저전력의 특징을 갖는다.

Keywords

References

  1. B. Gassend, D. Clarke, M. V. Dijk, and S. Devadas, "Silicon physical random functions," in Proc. 9th ACM Conf. Comput. Commun. Security, pp. 148-160, USA, Nov. 2002.
  2. G. E. Suh and S. Devadas, "Physical unclonable functions for device authentication and secret key generation," in Proc. 44th Annu. ACM IEEE Design Automation Conf., pp. 9-14, USA, Jun. 2007.
  3. G. E. Suh, C. W. O'Donnell, and S. Devadas, "Aegis: A single-chip secure processor," IEEE Design & Test of Computers, vol. 24, no. 6, pp. 570-580, Nov.-Dec. 2007. https://doi.org/10.1109/MDT.2007.179
  4. S. E. Sarma, S. A. Weis, and D. W. Engels, "Radio-frequency identification: Security risks and challenges," RSA Laboratories Cryptobytes, vol. 6, no. 1, 2003.
  5. K. Finkenzeller, RFID Handbook: Fundamentals and Application in Contactless Smart Cards and Identification, 2nd Ed, NY: Wiley, 2003.
  6. B. Gassend, D. Clarke, M. V. Dijk, and S. Devadas, "Delay-based circuit authentications and applications," in Proc. 2003 ACM Symp. Appl. Comput., pp. 294-301, 2003.
  7. E. Ozturk, G. Hammouri, and B. Sunar, "Towards robust low cost authentication for pervasive devices," 6th Annu. IEEE Int. Conf. Pervasive Comput. Commun., pp. 170-178, Mar. 2008.
  8. D. Naccache and P. Fremanteau, "Unforgeable identification device, identification device reader and method of identification," U.S. Patent, no. 5,434,917, Jul. 1995.
  9. S. Mangard, M. Aigner, and S. Dominikus, "A highly regular and scalable AES hardware architecture," IEEE Trans. Computers, vol. 52, no. 4, Apr. 2003.
  10. M. Majzoobi, F. Koushanfar, and M. Potkonjak, "Lightweight secure PUFs," IEEE/ACM Int. Conf. Computer-Aided Design, pp. 670-673, Nov. 2008.
  11. D. Lim, J. W. Lee, B. Gassend, G. E. Suh, M. V. Dijk, and S. Devadas, "Extracting secret keys from integrated circuits," IEEE Trans. Very Large Scale Integration (VLSI) Syst., vol. 13, pp. 1200-1205, Oct. 2005. https://doi.org/10.1109/TVLSI.2005.859470
  12. P. Peris-Lopez, J. C. Hernandez-Castro, J. M. Estevez-Tapiador, and A. Ribagorda, "A minimalist mutual-authentication protocol for low-cost RFID tags," Ubiquitous Intelligence and Computing, vol. 4159, pp. 912-923, 2006.
  13. M. Feldhofer and C. Rechberger, "A case against currently used hash functions in RFID protocols," OTM Workshops 2006, vol. 4277, pp. 372-381, 2006.
  14. Y. K. Lee, K. Sakiyama, L. Batina, and I. Verbauwhede, "Elliptic-curve-based Security Processor for RFID," IEEE Trans. Computers, vol. 57, no. 11, Nov. 2008.
  15. M. Stamp, Information Security Textbook (Principles And Practice), 1st Ed., NY: John Willey & Sons Inc., 2005.
  16. S. Oh, K. Chung, T. Yun, and K. Ahn, "An RFID mutual authentication protocol using one-time random number," J. KICS, vol. 36, no. 7, pp. 858-867, 2011. https://doi.org/10.7840/KICS.2011.36B.7.858
  17. J. Shin, S. Oh, C. Jeong, K. Chung, and K. Ahn, "Improved an RFID mutual authentication protocol based on hash function," J. KICS, vol. 37C, no. 3, 2012. https://doi.org/10.7840/KICS.2012.37C.3.241
  18. J. Lee, S. Oh, T. Yun, K. Chung, and K. Ahn, "An ultra-lightweight RFID authentication protocol using index," J. KICS, vol. 37C, no. 1, 2012. https://doi.org/10.7840/KICS.2012.37C.1.24
  19. W. Choi, S. Kim, Y. Kim, Y. Park, and K. Ahn, "PUF-based encryption processor for the RFID systems," 2010 IEEE 10th Int. Conf. Comput. Inf. Technol(CIT)., pp. 2323-2328, Bradford, Jun.-Jul. 2010.