draft-irtf-hiprg-rfid-01 HIP support for RFIDs - - PowerPoint PPT Presentation

draft irtf hiprg rfid 01
SMART_READER_LITE
LIVE PREVIEW

draft-irtf-hiprg-rfid-01 HIP support for RFIDs - - PowerPoint PPT Presentation

Apr 23, 2023 247 likes •374 views

draft-irtf-hiprg-rfid-01 HIP support for RFIDs Pascal.Urien@telecom-paristech.fr http://perso.telecom-paristech.fr/~urien/hiprfid/ http://www.telecom-paristech.fr 1 /11 Pascal URIEN, IETF 79 th , Tuesday 9 th November 2010, Beijing, China What

slide-1
SLIDE 1

draft-irtf-hiprg-rfid-01

HIP support for RFIDs Pascal.Urien@telecom-paristech.fr http://perso.telecom-paristech.fr/~urien/hiprfid/

1 /11 Pascal URIEN, IETF 79th, Tuesday 9th November 2010, Beijing, China

http://www.telecom-paristech.fr

slide-2
SLIDE 2

What is new in version 01

Editorial issues Replace the word TAG (inherited from the previous draft HIP-TAG) by RFID HIP TAG) by RFID The Signature-T attribute is renamed MAC-T The HAT (HIP Address Translation) protocol is renamed HEP (HIP Encapsulation Protocol) HEP (HIP Encapsulation Protocol) Keys-Tree improvement Simulations of various scenarios show that a tree of depth ith ** l t ( hild d d ) i n, with p**n elements (p child nodes per node) is

  • ptimized for p a big integer (106, …) and n small integer

(<10)

RFID have small computing resources RFID have small computing resources PORTAL have powerful computing resources

Paper to be published E i t l l tf Experimental platforms Tests were performed with smart phone equipped with the NFC technology and SIM (java) cards b bl h d

2 /11 Pascal URIEN, IETF 79th, Tuesday 9th November 2010, Beijing, China

Paper to be published

slide-3
SLIDE 3

Keys-Tree

A Keys-Tree manages a maximum

  • f pn RFIDs, with np keys

Each RFID stores n keys RFID-Index = Function(EPC-Code)

K1,1 K2 1

an pn-1 + an-1 pn-2 +… + a1 Each term ai is associated with a

Tree depth=n K2,1 K3 4

key Ki,j 1≤ i ≤ n

depth n p child nodes

3,4

K

0≤ j ≤ p-1 j= ai

K4,2

f(r1,r2,EPC-Code)= H1|H2 |…|Hn Hi = HMAC(r1|r2, Ki,j)

3 /11 Pascal URIEN, IETF 79th, Tuesday 9th November 2010, Beijing, China

slide-4
SLIDE 4

HIP-RFID for NFC Smart phone

SIM CARD NFC ENABLE SMART PHONE HIP RFID PORTAL JAVA 1.6 PC/SC NFC READER NFC MODEM USB CCID

4 /11 Pascal URIEN, IETF 79th, Tuesday 9th November 2010, Beijing, China

slide-5
SLIDE 5

Conclusion: To be done

HIT structure for pseudo-random coding Secure Channel establishment Secure Channel establishment To be specify by an other draft HEP (HIP Encapsulation Protocol) HEP (HIP Encapsulation Protocol) To be specify by an other draft Open code for Keys-Tree Open code for Keys Tree Other ?

5 /11 Pascal URIEN, IETF 79th, Tuesday 9th November 2010, Beijing, China

slide-6
SLIDE 6

HIP-RFID in a Nutshell

6 /11 Pascal URIEN, IETF 79th, Tuesday 9th November 2010, Beijing, China

slide-7
SLIDE 7

About RFIDs

What is an RFID ? An RFID is an electronic device that delivers an identity (ID) thanks to radio means (ID) thanks to radio means. Link with the Internet Of Things (IoT) A Thing is associated with a RFID h l d RFID have limited computing resources Electronic chip, whose area ranges from 1mm2 to 25mm2 RFIDs are usually powered by readers. RFIDs are usually powered by readers. Very low power consumption. Objective of this draft D fi i t l f RFID tibl ith th IP Defining a protocol for RFIDs, compatible with the IP ecosystem. Enforcing strong privacy, i.e. no information leakage for unauthorized ears unauthorized ears. Managing secure channel with RFIDs (Optional) Crypto Agility: cryptographic procedures adapted to RFIDs ti

7 /11 Pascal URIEN, IETF 79th, Tuesday 9th November 2010, Beijing, China

computing resources.

slide-8
SLIDE 8

Privacy issues for RFIDs

ID MUST be protected HIP-RFID: ID is a solution of f(r1 r2 ID) HIP RFID: ID is a solution of f(r1,r2,ID)

r1

Reader RFID

ID

r2 , f(r1,r2, ID)

Example Many proposal in the scientific literature Many proposal in the scientific literature

Example: f(r1,r2, ID) = hash (r1 | r2 | ID)

  • S. Weis, S. Sarma, R. Rivest and D. Engels. "Security and privacy aspects of low-cost radio

frequency identification systems." In D. Hutter, G. Muller, W. Stephan and M. Ullman, editors, International Conference on Security in Pervasive Computing - SPC 2003, volume 2802 of Lecture Notes in computer Science pages 454- 469 Springer-Verlag 2003

8 /11 Pascal URIEN, IETF 79th, Tuesday 9th November 2010, Beijing, China

Notes in computer Science, pages 454- 469. Springer-Verlag, 2003.

slide-9
SLIDE 9

HIP -RFID Overview

Modified BEX exchange Negotiation of the security scheme (HIT-T-TRANSFORM attribute). Thi d d f th MAC d (t i ll ith HMAC Third and fourth message are MACed (typically with a HMAC function) Fourth message is optional, only mandatory when a secure ESP channel has been negotiated channel has been negotiated.

This is not yet detailed in this draft ESP MAY be used for read write operation.

Th HIT i d b The HIT is a random number RFIDs never expose their identity in clear text, but hide this value (typically an EPC-Code) by a particular equation (f) that can be only l d b d di t d tit f d th t l solved by a dedicated entity, referred as the portal. f(r1,r2, ID) f can be anything that works f y g An integrity key is computed from KI-AUTH-KEY = g(r1,r2,ID) HIP exchanges occurred between RFIDs and PORTALs; they are shuttled by IP packets, through the Internet cloud.

9 /11 Pascal URIEN, IETF 79th, Tuesday 9th November 2010, Beijing, China

shuttled by IP packets, through the Internet cloud.

slide-10
SLIDE 10

HIP-RFID Architecture

HIP Id tit HIP

HEP HEP

HIP Identity Solver

SPI-I IP IP MAC RFID MAC SPI-R ID MAC PHY MAC PHY RFID-MAC RFID-PHY RFID-MAC RFID-PHY ID

Portal RFID Reader Portal RFID Reader

HEP: HIP Encapsulation Protocol

10/11 Pascal URIEN, IETF 79th, Tuesday 9th November 2010, Beijing, China

HEP: HIP Encapsulation Protocol

slide-11
SLIDE 11

Protocol Overview

RFID READER PORTAL

  • -+--
  • -+--
  • --+---

! START ! ! !<---------------! ! ! ! !

Fix or NULL l

! ! ! ! I1-T ! ! HIT-I HIT-R ! ! ----------------------------------------------------> ! ! !

(partially ?) Random l NULL value Random value

! ! ! R1-T ! ! HIT-I HIT-R R-T(r1) HIP-T-Transforms ! ! [*ESP-Transforms] ! ! <---------------------------------------------------- !

Mandatory

value Random value

! < ! ! ! ! ! ! I2-T ! ! HIT-I HIT-R HIP-T-Transform [*ESP-Transform] R-T(r2) ! ! F T f( 1 2 ID) [* ESP I f ] MAC T !

Random value HMAC(KI, I2-T)

! F-T=f(r1, r2, ID) [* ESP-Info] MAC-T ! ! ----------------------------------------------------> ! ! ! ! ! ! R2-T !

HMAC(KI R2-T)

! HIT-I HIT-R [* ESP-Info] MAC-T ! ! <---------------------------------------------------- ! ! ! ! ! ! Optional ESP Dialog ! Optional

HMAC(KI, R2-T)

11/11 Pascal URIEN, IETF 79th, Tuesday 9th November 2010, Beijing, China

! Optional ESP Dialog ! ! <---------------------------------------------------> ! ! ! ! !

p