Duy-Thinh Tran, Sung Je Hong

Show more
Department of Computer Science and Engineering Pohang University of Science and Technology (POSTECH), Pohang, Republic of Korea.
Show less

Abstract: Counterfeiting is one of the most serious problems in the consumer market. One promising approach for anti-counterfeiting is to attach a low-cost Radio-frequency Identification (RFID) tag to the product authentication. In this paper, we propose an RFID system for detecting counterfeiting products. This RFID system consists of the tag authentication protocol and the database correction protocol. We use the tag authentication protocol for authenticating tags without revealing their sensitive information. This protocol also allows the customer to freely inquire the tag. To prevent the widespread of the counterfeit products, we use the tag status information along with tag identity information. Meanwhile, the database correction protocol guarantees the correctness of the tag status. Our anti-counterfeiting system is the first work considering the seller who plays an important role in the consumer product supply chain. Finally, we show that anti-counterfeiting system is quite secure against counterfeiting and the tag authentication protocol is lightweight enough to be implemented in RFID-based applications.

Keywords: Secure RFID System, Authentication, Identification, Cryptographic One-Way Function, Counterfeiting, Anti-Counterfeiting, Lightweight

Cite this paper: Tran, D. and Hong, S. (2015) RFID Anti-Counterfeiting for Retailing Systems. Journal of Applied Mathematics and Physics, 3, 1-9. doi: 10.4236/jamp.2015.31001.

References

[1]   International Chamber of Commerce (ICC) (2011) Estimating the Global Economic and Social Impacts of Counterfeiting and Piracy. http://www.iccwbo.org/data/documents/bascap/global-impacts-study|full-report/

[2]   Ohkubo, M., Suzuki, K. and Kinoshita, S. (2003) Cryptographic Approach to “Privacy-Friendly” Tags. Proceeding of RFID Privacy Workshop, 2003.

[3]   Feldhofer, M., Dominikus, S. and Wolkerstorfer, J. (2004) Strong Authentication for RFID Systems Using the AES Algorithm. Proceeding of Cryptographic Hardware and Embedded Systems—CHES 2004, Vol. 3156, LNCS, 357-370.

[4]   Kulseng, L., Yu, Z., Wei, Y. and Guan, Y. (2010) Lightweight Mutual Authentication and Ownership Transfer for RFID Systems. Proceedings of the 29th INFOCOM, NJ, USA, 251-255.

[5]   Peris-Lopez, P., Hernandez-Castro, J.C., Tapiador, J.M.E. and Ribagorda, A. (2009) Advances in Ultralightweight Cryptography for Low-Cost RFID Tags: Gossamer Protocol. Proceeding of Workshop of Information Security Applications, LNCS, Vol. 5379, Springer, 56-68.

[6]   Godor, G. and Imre, S. (2012) Hash-Based Mutual Authentication Protocol for Low-Cost RFID Systems. Proceeding of Information and Communication Technologies, LNCS, Vol. 7479, Springer, 76-87.

[7]   Lee, Y.S., Kim, T.Y. and Lee, H.J. (2012) Mutual Authentication Protocol for Enhanced RFID Security and Anti- counterfeiting. Proceeding of 26th Advanced Information Networking and Applications Workshops (WAINA), 2012, 558-563.

[8]   Cole, P.H. and Ranasinghe, D.C. (2008) Networked RFID Systems and Lightweight Cryptography: Raising Barriers to Product Counterfeiting. 1st Edition.

[9]   Niu, B., Zhu, X. and Li, H. (2013) An Ultralightweight and Privacy-Preserving Authentication Protocol for Mobile RFID Systems. Proceeding of IEEE Wireless Communications and Networking Conference (WCNC), 2013.

[10]   Chen, M., Chen, S. and Xiao, Q. (2014) Pandaka: A Lightweight Cipher for RFID Systems. Proceeding of INFOCOM 2014.

[11]   Tian, Y., Chen, G. and Li, J. (2012) A New Ultralightweight RFID Authentication Protocol with Permutation. IEEE Communications Letters, 16, 702-705. http://dx.doi.org/10.1109/LCOMM.2012.031212.120237

[12]   Morshed, M.M., Atkins, A. and Yu, H. (2011) An Efficient and Secure Authentication Protocol for RFID Systems. Proceeding of 17th International Conference on Automation and Computing (ICAC), 2011, 51-56.

[13]   Chang, Y.-F., Lin, S.-C. and Chang, P.-Y. (2011) A Location-Privacy-Protected RFID Authentication Scheme. Proceeding of IEEE International Conference on Communications (ICC), 2011, 1-4.

[14]   Doss, R., Sundaresan, S. and Zhou, W. (2013) A Practical Quadratic Residues Based Scheme for Authentication and Privacy in Mobile RFID Systems. AdHoc Networks, 1, 83-96.

[15]   Yeh, T.-C., Wang, Y.-J., Kuo, T.-C. and Wang, S.-S. (2010) Securing RFID Systems Conforming To EPCClass 1 Generation 2 Standard. Expert Systems with Applications, 37, 7678-7683. http://dx.doi.org/10.1016/j.eswa.2010.04.074

[16]   Ahmadian, Z., Salmasizadeh, M. and Aref, M.R. (2013) Desyn-chronization Attack on RAPP Ultralightweight Authentication Protocol. Information Processing Letters, 113, 205-209. http://dx.doi.org/10.1016/j.ipl.2013.01.003

[17]   Avoine, G. and Carpent, X. (2013) Yet Another Ultralightweight Authentication Protocol That Is Broken. Security and Privacy Issues, Vol. 7739 of LNCS.

[18]   Bagheri, N., Safkhani, M., Peris-Lopez, P. and Tapiador, J.E. (2014) Weaknesses in a New Ultralightweight RFID Authentication Protocol with Permutation RAPP. Security and Communication Networks, 7, 945-949.

[19]   Juels, A. and Weis, S.A. (2005) Authenticating Pervasive Devices with Human Protocols. Proceedings of the 25th Annual International Conference on Advances in Cryptology, CRYPTO, 293-308.

[20]   Batina, L., Mentens, N., Sakiyama, K., Preneel, B. and Verbauwhede, I. (2006) Low-Cost Elliptic Curve Cryptography for Wireless Sensor Networks. Security and Privacy in Ad-Hoc and Sensor Networks, 4357, 6-17. http://dx.doi.org/10.1007/11964254_3

[21]   Guo, J., Peyrin, T. and Poschmann, A. (2011) The PHOTON Family of Lightweight Hash Functions. Proceedings of the 31st Annual Conference on Advances in Cryptology, CRYPTO, 222-239.

[22]   Aumasson, J.-P., Henzen, L., Meier, W. and Naya-Plasencia, M. (2013) Quark: A Lightweight Hash. Cryptology, 26, 313-339. http://dx.doi.org/10.1007/s00145-012-9125-6

[23]   Bogdanov, A., Knezevic, M., Leander, G., Toz, D., Varici, K. and Verbauwhede, I. (2011) SPONGENT: A Light- weight Hash Function. Proceedings of the 13th CHES, 312-325.

[24]   (2011) SRI512 RFID Tag Datasheet. http://www.st.com/st-web-ui/static/active/en/resource/technical/document/datasheet/CD00152477.pdf

[25]   (2013) SL2S1412, SL2S1512, and SL2S1612 RFID Tag Datasheet. http://www.nxp.com/documents/data_sheet/SL2S1412_SL2S1512_SL2S1612.pdf

[26]   (2012) ECRYPT II Yearly Report on Algorithms and Keysizes. http://www.ecrypt.eu.org/documents/D.SPA.20.pdf

[27]   (2011) Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Lengths. http://dl.acm.org/citation.cfm?id=2206216

[28]   (2012) Recommendation for Key Management Part 1: General (Rev. 3). http://dl.acm.org/citation.cfm?id=2206273

[29]   Rogaway, P. and Shrimpton, T. (2004) Cryptographic Hash-Function Basics: Definitions, Implications, and Separations for Preimage Resistance, Second-Preimage Resistance, and Collision Resistance. Proceeding of Fast Software Encryption, FSE, Vol. 3017 of LNCS, 371-388.

[30]   Bursztein, E., Martin, M. and Mitchell, J. (2011) Text-Based Captcha Strengths and Weaknesses. Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS, New York, 2011, 125-138.