Radio Frequency IDentification (RFID) is used in many applications such as access control, transport, ticketing and contactless payment. The full-fledged High Frequency (HF) tags are the most popular RFID tags for these applications that require relatively high cost security operations. However, these HF tags are threatened by many passive attacks such as eavesdropping, desynchronization and ElectroMagnetic (EM) Side Channel Attacks (SCA). In this article, we propose the implementation and the validation of a full-fledged HF tag architecture using an enhanced mutual authentication protocol. This is achieved using a FPGA platform. Security analysis against Electromagnetic Attack (EMA) and desynchronization attacks on the original protocol are presented. Then enhancements at the protocol level are proposed to overcome these attacks. The implementation of these security enhancements shows a low overhead (+22 LUTs) compared to previous existing security hardware solutions (+598 LUTs).
This is a preview of subscription content, access via your institution.
Buy single article
Instant access to the full article PDF.
Tax calculation will be finalised during checkout.
Brier E, Clavier C, Olivier F (2004) Correlation power analysis with a leakage model. In: Proceeding of Internetional Conference of Cryptographic Hardware and Embedded Systems, CHES04, Lecture Notes in Computer Science, vol. 3156, p. 135–152, Springer
Chien H.-Y. (2006) Secure access control schemes for RFID systems with anonymity. Proc. 2006 Int’l workshop future mobile and ubiquitous information technologies (FMUIT ‘06)
Chien H-Y (2007) SASI: a new ultra lightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Trans Dependable Secure Comput 4(4):337–340
Chien H-Y, Chen C-H (2007) Mutual authentication protocol for RFID conforming to EPC class 1 generation 2 standards. Computers Standards & Interfaces 29(2):254–259
Chou J-S, Chen Y, Wu C-L, Lin C-F (2011) An efficient RFID mutual authentication scheme based on ECC. IACR Cryptology ePrint Archive 2011:418
Common criteria recognition arrangement for components up to EAL 4 (2011) Certification report BSI-DSZ-CC-0712-2011 for NXP Mifare DESFire EV1 MF3ICD81 from NXP semiconductors Germany GmbH. In: Federal office for information security
Das R, Harrop P, RFID forecasts, players and opportunities 2009–2019, IdTechEx report, 2009
Doiron TJ, Dreon ST Digital radio transceiver with encrypted key storage. United States Patent. Jan 2, 1996
Finkenzeller K (2010) RFID handbook fundamentals and applications in contactless smart cards, radio frequency identification and near-field communication, 2010 third edition
Fritzke AW, Second Lieutenant, USAF, B.S.E.E. Master Thesis: Obfuscating Against Side-Channel Power Analysis Using Hiding Techniques for AES. Air Force Institute of Technology USA. Graduate School of Engineering and Management (AFIT/EN) son Way WPAFB OH 45433–7765. 22/03/2012
Garcia FD, de Koning Gans G, Muijrers R, van Rossum P, Verdult R, Schreur RW, Jacobs B. Dismantling MIFARE Classic. ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer security. Pages 97 – 114. Málaga, Spain — October 06–08, 2008
Garcia FD, de Koning Gans G, Verdult R (2012) Tutorial: proxmark, the swiss army knife for RFID security research. 8th workshop on RFID security and privacy (RFIDSec 2012)
Hutter M, Mangard S, Feldhofer M. Power and EM attacks on passive 13.56MHz RFID Devices. Cryptographic Hardware and Embedded Systems CHES 2007. 9th International Workshop, Vienna, Austria, September 10–13, 2007. Proceedings.
Hutter M, Schmidt J-M, Plos T (2008) RFID and its vulnerability to faults. Cryptographic Hardware and Embedded Systems. CHES
Hutter M, Schmidt J-M, Plos T (August 2009) Contact-based fault injections and power analysis on RFID tags. European Conference on Circuit Theory and Design:23–27
International Standard (1999) ISO/IEC 9798-2: information technology - security techniques - entity authentication. Part 2: mechanisms using symmetric encipherment algorithms. In: Second edition
International standard ISO/IEC 14443. Identification cards, contactless integrated circuit(s) cards, Proximity cards, Part 2: Radio frequency power and signal interface, First edition, 2001-07-01. Part 3: Initialization and anti-collision, First edition, 2001-02-01. Part 4: Transmission protocol, 2007-06-13
Juvekar CS, Lee H-M, Kwong J, Chandrakasan AP. A Keccak-based wireless authentication tag with per-query key update and power-glitch attack countermeasures. 2016 I.E. International Solid-State Circuits Conference (ISSCC)
Kasper T, Oswald D, Paar C (2009) EM side-channel attacks on commercial contactless smart cards using low-cost equipment. In Youm, Heung Youl and Yung, editors. Information security applications: 10th international workshop, WISA 2009, Busan, Korea, August 25–27
Kasper T, von Maurich I, Oswald D, Paar C (2010) Cloning cryptographic RFID cards for 25$. Presented at the 5th Benelux Workshop on Information and System Security, WisSec 2010, November 29–30, 2010, Nijmegen, The Netherlands
Kasper T, Oswald D, Paar C (2011) Side-channel analysis of cryptographic RFIDs with analog demodulation. RFIDSec'11 Proceedings of the 7th international conference on RFID security and privacy. Pages 61-77. Amherst, MA-June 26–28
Lei H, Xin-mei L, Song-he J, Zeng-yu C (2010) A one-way Hash based low-cost authentication protocol with forward security in RFID system
Munilla J, Peinado A (2007) HB-MP: a further step in the HB-family of lightweight authentication protocols. Comput Netw 51:2262–2267. https://doi.org/10.1016/j.comnet.2007.01.011
Naija Y, Beroulle V, Hely D, Machhout M (2016) Implementation of a secured digital ultralight 14443-type A RFID tag with an FPGA platform. 2016 11th International Conference on Design & Technology of Integrated Systems in Nanoscale Era, Istanbul Turkey
Naija Y, Beroulle V, Machhout M (2017) Low cost countermeasure at authentication protocol level against electromagnetic side channel attacks on RFID tags. Int J Adv Comput Sci Appl (IJACSA) 8(11)
Nassar M, Souissi Y, Guilley S, Danger J-L (2012) RSM: a small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs. Design, Automation & Test in Europe Conference & Exhibition (DATE)
NXP Semiconductors. MIFARE classic 1K - mainstream contactless smart card IC for fast and easy solution development. Product data sheet. Rev 3.1. 21 February 2011
Ouafi K, Phan R C.-W. (2008) Traceable privacy of recent provably secure RFID protocols, in: The proceedings of ACNS 2008, LNCS, 5037, Springer-Verlag, pp. 479–489
Peris-Lopez P, Hernandez JC & Estevez-Tapiador JM & Ribagorda A (2006) EMAP: an efficient mutual authentication protocol for low-cost RFID tags”, In Proc. of IS’06, springer-Verlag, vol 4277 of LNCS, pp 352–361
Peris-Lopez P, Hernandez JC, Estevez-Tapiador JM, Arturo R (2009) Advances in ultra lightweight cryptography for low-cost RFID tags: Gossamer protocol. J Inf Sci Eng 25(1):33–57
Pham TA, Hasan MS, Yu H (2012) A RFID mutual authentication protocol based on AES algorithm. UKACC international conference on control 2012. Cardiff, UK, 3–5 September 2012
Texas Instruments (December 2014) MIFARE DESFire EV1 AES authentication with TRF7970A. In: Appli-cation report SLOA213
Toiruul B, Lee KO (2006) An advanced mutual-authentication algorithm using AES for RFID systems. IJCSNS Int J Comput Sci Netw Secur 9B:6
Yang J, Park J, Lee H, Ren K, Kim K (2005) Mutual authentication protocol for low-cost RFID. Proc, Ecrypt Workshop RFID and Lightweight Crypto
Zetter K (2006) Hackers clone E-passports:17.02.11 Available from: http://www.wired.com/science
Zhou YongBin, Feng DengGuo (2005) Side-channel attacks: ten years after its publication and the impacts on cryptographic module security testing. IACR Cryptology ePrint Archive, 2005- csrc.nist.gov.
Responsible Editor: M. Barragan and K. Huang
About this article
Cite this article
Naija, Y., Beroulle, V. & Machhout, M. Security Enhancements of a Mutual Authentication Protocol Used in a HF Full-Fledged RFID Tag. J Electron Test 34, 291–304 (2018). https://doi.org/10.1007/s10836-018-5725-x
- Mutual authentication protocol
- ISO/IEC 14443 type A
- Security enhancements