Analysis and Improvement of a Pseudorandom Number Generator for EPC Gen2 Tags

  • J. Melia-Segui
  • J. Garcia-Alfaro
  • J. Herrera-Joancomarti
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6054)


The EPC Gen2 is an international standard that proposes the use of Radio Frequency Identification (RFID) in the supply chain. It is designed to balance cost and functionality. The development of Gen2 tags faces, in fact, several challenging constraints such as cost, compatibility regulations, power consumption, and performance requirements. As a consequence, security on board of Gen2 tags is often minimal. It is, indeed, mainly based on the use of on board pseudorandomness. This pseudorandomness is used to blind the communication between readers and tags; and to acknowledge the proper execution of password-protected operations. Gen2 manufacturers are often reluctant to show the design of their pseudorandom generators. Security through obscurity has always been ineffective. Some open designs have also been proposed. Most of them fail, however, to prove their correctness. We analyze a recent proposal presented in the literature and demonstrate that it is, in fact, insecure. We propose an alternative mechanism that fits the Gen2 constraints and satisfies the security requirements.


Receive Signal Strength Indicator Pseudorandom Number Generator Linear Feedback Shift Register Pseudorandom Generator Cyclic Redundancy Check 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Balachandran, G., Barnett, R.: A 440nA true random number generator for passive RFID tags. IEEE Transactions on Circuits and Systems I: Regular Papers 55(11), 3723–3732 (2008)CrossRefGoogle Scholar
  2. 2.
    Che, W., Deng, H., Tan, X., Wang, J.: A Random Number Generator for Application in RFID Tags. In: Networked RFID Systems and Lightweight Cryptography, ch. 16, pp. 279–287. Springer, Heidelberg (2008)Google Scholar
  3. 3.
    Chen, C.L.: Linear Dependencies in Linear Feedback Shift Registers. IEEE Transactions on Computers C-35(12), 1086–1088 (1986)Google Scholar
  4. 4.
    EPCglobal. EPC radio-frequency identity protocols class-1 generation-2 UHF RFID protocol for communications at 860-960 MHz. Tech. report (2007),
  5. 5.
    Garcia, F., Koning, G., Muijrers, R., van Rossum, P., Verdult, R., Wichers, R., Jacobs, B.: Dismantling MIFARE Classic. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 97–114. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  6. 6.
    Haahr, M.: True random number service,
  7. 7.
    Hell, M., Johansson, T., Meier, W.: Grain: a stream cipher for constrained environments. International Journal of Wireless and Mobile Computing 2(1), 86–93 (2007)CrossRefGoogle Scholar
  8. 8.
    Hellebrand, S., Rajski, J., Tarnick, S., Venkataraman, S., Courtois, B.: Built-in test for circuits with scan based on reseeding of multiple-polynomial linear feedback shift registers. IEEE Transactions on Computers 44(2), 223–233 (1995)zbMATHCrossRefGoogle Scholar
  9. 9.
    Herlestam, T.: On Functions of Linear Shift Register Sequences. In: Pichler, F. (ed.) EUROCRYPT 1985. LNCS, vol. 219, pp. 119–129. Springer, Heidelberg (1986), doi:10.1007/3-540-39805-8Google Scholar
  10. 10.
    Holcomb, D., Burleson, W., Fu, K.: Initial SRAM state as a fingerprint and source of true random numbers for RFID tags. In: Proceedings of the Conference on RFID Security (July 2007)Google Scholar
  11. 11.
    Klimov, A., Shamir, A.: A New Class of Invertible Mappings. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 470–483. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  12. 12.
    Lehtonen, M., Staake, T., Michahelles, F., Fleisch, E.: From Identification to Authentication - A Review of RFID Product Authentication Techniques. In: Networked RFID Systems and Lightweight Cryptography, ch. 9, pp. 169–187. Springer, Heidelberg (November 2007)Google Scholar
  13. 13.
    Motorola. XR Series RFID Readers. Product Guide (2008),
  14. 14.
    Peris-Lopez, P., Hernandez-Castro, J., Estevez-Tapiador, J., Ribagorda, A.: LAMED A PRNG for EPC Class-1 Generation-2 RFID specification. Computer Standards & Interfaces (2008)Google Scholar
  15. 15.
    Peris-Lopez, P.: Lightweight Cryptography in Radio Frequency Identification (RFID) Systems. PhD Thesis (2008)Google Scholar
  16. 16.
    Ranasinghe, D., Cole, P.: An Evaluation Framework. In: Networked RFID Systems and Lightweight Cryptography, ch. 8, pp. 157–167. Springer, Heidelberg (November 2007)Google Scholar
  17. 17.
    Rosinger, P., Al-Hashimi, B.M., Nicolici, N.: Dual multiple-polynomial LFSR for low-power mixed-mode BIST. IEE Proceedings on Computers and Digital Techniques 150(4), 209–217 (2003)CrossRefGoogle Scholar
  18. 18.
    Strüker, J., Wonnemann, C., Kähmer, M., Gille, D.: Managing the Deactivation Process of EPC Class-1 Generation-2 Tags in Retail Industry. University of Freiburg, Germany (2007), Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • J. Melia-Segui
    • 1
  • J. Garcia-Alfaro
    • 1
    • 3
  • J. Herrera-Joancomarti
    • 2
  1. 1.Universitat Oberta de CatalunyaBarcelonaSpain
  2. 2.Universitat Autònoma de BarcelonaBellaterraSpain
  3. 3.Institut Telecom, Telecom BretagneCesson-SevigneFrance

Personalised recommendations