An RFID-enabled supply-chain management system can be used by geographically distributed stakeholders to automatically track and identify items in real time, and to share business information. Ultrahigh-frequency RFID tags based on EPCglobal’s Gen 2 standard (ISO 18000-6C) are most commonly used for tagging and tracking items through the supply chain, so the Auto-ID Lab Korea conducted a thorough security assessment of the Gen 2 protocol.
An EPC Gen 2 tag can be embedded with a 32-bit access password and a 32-bit kill password. After obtaining the tag’s Electronic Product Code, an interrogator issues an access command to the tag, which replies with two 16-bit challenges. The interrogator responds by obscuring the access password using the two challenges. Upon successfully verifying this response from the interrogator, the tag enters a secured state, in which the interrogator is allowed to carry out other commands, such as read, write and lock. Similarly, a kill command can permanently disable the tag.
|
But the access/kill command procedures achieve reader—not tag—authentication, and the two challenges from the tag are sent in an open, unobscured form. An eavesdropping adversary could capture the two challenges and reverse the operation in the interrogator’s responses, exposing the access/kill password. These weaknesses leave the EPC Gen 2 tag vulnerable to cloning and counterfeiting, and unauthorized access and data corruption.
To alleviate these weaknesses, we designed a lightweight challenge-response crypto algorithm, which uses a 96-bit password. It achieves tag-interrogator mutual authentication and is designed for low-cost tags, which can generate only 16-bit challenges and responses. It also encrypts the challenge and response data sent from the tag to the interrogator. Our crypto algorithm does not require any changes to the current EPC Gen 2 air-interface protocol. We are now working on the practical design and implementation of the crypto algorithm.
We realize that some supply-chain stakeholders are reluctant to use passwords in RFID tags because it could mean management overhead. But passwords could be encrypted and then written into the tags by the tag manufacturer or supplier before shipping, so they would not need to be managed or stored in a database by the end user. We are now in the process of formalizing this approach.
We are actively participating in the GS1 EPCglobal Hardware Action Group: UHF, Air Interface, 1 and 2. We submitted the lightweight crypto algorithm for consideration, and we are also contributing other ideas and solutions for enhancing the Gen 2 standard, such as customer privacy-protection options.
Kwangjo Kim is an associate director at the Auto-ID Lab Korea at the Korea Advanced Institute of Science and Technology (KAIST) and a professor of computer science at KAIST. Divyan M. Konidala is a research assistant at the Auto-ID Lab Korea and a doctoral candidate at KAIST.