Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Article type: Research Article
Authors: Väisänen, Teemu | Ritamäki, Matti | Scholliers, Johan | Toivonen, Sirra
Affiliations: VTT Technical Research Centre of Finland, Oulu, Finland | Confidex, Tampere, Finland | VTT Technical Research Centre of Finland, Tampere, Finland
Note: [] Corresponding author: Teemu Väisänen, VTT Technical Research Centre of Finland, Oulu, Finland. E-mails: [email protected]; [email protected] (M. Ritamäki); [email protected] (J. Scholliers); [email protected] (S. Toivonen).
Abstract: BACKGROUND: In logistic processes, radio frequency identification (RFID) technology provides possibilities for improving the integrity of shipments, the performance of supply chains and for enabling leaner processes. RFID tags are used in logistics to identify and authenticate users, products or shipments. Especially cheap, passive long-range low-cost RFID tags are of interest, but these provide security-related challenges. In new implementations of this RFID technology the threats and risks must be carefully considered as they can result in system malfunctioning, revenue losses and illegal activities. Hence, there is a need for cryptography techniques for low-cost RFID tags. Various lightweight security mechanisms that take into account the limitations of the tags have been designed. The potentiality of using asymmetric cryptography and digital signatures in tags is one such mechanism that enables more secure tag authentication. RESULTS: This paper explores how asymmetric digital signatures have been used for RFID tag authentication. The paper provides a literature overview of the methods used in both research and in commercial products, and provides knowledge about gained and missing protection in such use cases. A method based on asymmetric Elliptic Curve Digital Signature Algorithm (ECDSA) digital signatures has been developed for the authentication of low-cost RFID tags. In addition to this, the paper categorizes RFID threats to categories as presented in IETF RFC 4949 and analyzes how using asymmetric cryptography-based digital signatures protects against described threats and attacks suitable for low-cost RFID tags that do not use additional security mechanisms. CONCLUSIONS: This paper finds that asymmetric cryptography and digital signatures are suitable for low-cost RFID tags and that usage of them gives additional security, especially against physical data modification and impersonation attacks. The research underlines that IETF RFC 4949 is suitable for categorization of threats and attacks towards RFID technology. In addition to this, systematic threat and attack categorization and analysis enables the specification of further threats.
Keywords: RFID, digital signature, low-cost, ECDSA, threat categorization
DOI: 10.3233/RFT-140058
Journal: International Journal of RF Technologies, vol. 6, no. 1, pp. 31-49, 2014
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
[email protected]
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office [email protected]
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
如果您在出版方面需要帮助或有任何建, 件至: [email protected]