Securing RFID with Ultra-wideband Modulation Pengyuan Yu, Patrick - - PowerPoint PPT Presentation

securing rfid with ultra wideband modulation
SMART_READER_LITE
LIVE PREVIEW

Securing RFID with Ultra-wideband Modulation Pengyuan Yu, Patrick - - PowerPoint PPT Presentation

Oct 06, 2022 191 likes •386 views

Securing RFID with Ultra-wideband Modulation Pengyuan Yu, Patrick Schaumont and Dong Ha Presented By: Eric Simpson Summary Traditional Secure Communications Securing the physical layer with UWB TH-PPM RFID digital baseband

slide-1
SLIDE 1

Securing RFID with Ultra-wideband Modulation

Pengyuan Yu, Patrick Schaumont and Dong Ha Presented By: Eric Simpson

slide-2
SLIDE 2

Summary

Traditional Secure Communications Securing the physical layer with UWB TH-PPM RFID digital baseband implementation

slide-3
SLIDE 3

Traditional Encrypted Channel

Assumption: Eve can intercept and store transmitted data

slide-4
SLIDE 4

Insecure Physical Layer with Narrowband Signals

Requires c

computationally

  • mputationally secure

cryptography

Still must meet area, power and latency

constraints of an RFID tag

Use of light-weight protocols

slide-5
SLIDE 5

Our Approach – Secure Physical Layer

Goal: Secure data by making interception of

the data infeasible.

Slot 1 Slot 2 Slot 3 Slot “N” Slot 65,536

Which Slot? . . .

slide-6
SLIDE 6

Benefits of UWB TH-PPM

Can use simple ciphers

16-bit secret modulation code requires high-end

communications equipment

Low Latency UWB is more robust to interference than

narrowband

Allow multiple concurrent transmissions

in same band

slide-7
SLIDE 7

TH-PPM

(a) (b) (c)

slot = 1 slot = 4 bit-value = 0 bit-value = 1 Time

slot = 2

slide-8
SLIDE 8

UWB RFID Tag Frame Format

preamble (32 bit) ID (128 bit) 10 ms = RFID window 62.5 µs = bit window pulse-window = 1 out of 2 16 954ps = pulse window 100ps

ID-level bit-level pulse-level

'0' bit '1' bit

slide-9
SLIDE 9

TH-PPM

CSPRNG determines time-hopping code

Need to sample all possible time slots if without

modulation code

To eavesdrop:

100 G samples / second

168 M samples / 8 ms

slide-10
SLIDE 10

RFID Tag Architecture

Tag Reader UWB RF xmit PPM CSPRNG N Tag Memory XTEA ID Key narrowband receiver control & power

128 128 16 edge data 64

slide-11
SLIDE 11

CSPRNG

Block Cipher running Output-Feedback

Mode

No need for strong encryption primitive

such as AES.

XTEA is chosen for its low area cost

and low cycle overhead

~3000 gates with counter registers Only need 64 cycles One round determines four UWB pulse

positions

slide-12
SLIDE 12

CSPRNG

<<4 <<5

k0-k3 y z

CTL

start done D dout dout dout

N

counter 64 16 CSPRNG

  • ut
slide-13
SLIDE 13

Pulse Position Modulator

Communicate location of pulses to UWB

front-end

Simple Counter implementation infeasible:

whole counter running at 1GHz consumes too much power

Delay-Chained based implementation used:

Most power is consumed at high-frequency

clock divider logic.

slide-14
SLIDE 14

Pulse Position Modulator

clk_in clk_out edge_in edge_out s 256 KHz XTEA clock s[0..15] 1.048GHz Eo Ei

slide-15
SLIDE 15

RFID Tag Architecture

Tag Reader UWB RF xmit PPM modulator CSPRNG N Tag Memory XTEA ID Key narrowband receiver control & power

128 128 16 edge data 64

slide-16
SLIDE 16

Implementation Complexity

4636 100.00% 718.0

Overall:

990 5.70% 41.2

Control

382 92.20% 662.0

Delay Chain

3264 2.10% 14.8

CSPRNG Gate Count Relative Absolute (uW)

Power*

*TSMC 0.18um CMOS Vdd = 1.8v

slide-17
SLIDE 17

Risk Analysis

Active Attacks

Interference / Jamming

Passive Attacks

Eavesdropping

slide-18
SLIDE 18

UWB RF xmit PPM modulator CSPRNG N Tag Memory XTEA ID Key narrowband receiver control & power

128 128

Tag Reader

15 edge data 64 1

System Architecture

slide-19
SLIDE 19

Conclusion

Focus on physical layer security Results show that the system is technically

feasible

Currently working on:

Key distribution UWB front-end Clock generation Investigating multi-access properties of system