Please use this identifier to cite or link to this item:

http://hdl.handle.net/10609/109802
Title: A Practical Implementation Attack on Weak Pseudorandom Number Generator Designs for EPC Gen2 Tags
Author: Melià Seguí, Joan Antoni  
García Alfaro, Joaquín
Herrera Joancomartí, Jordi
Others: Internet Interdisciplinary Institute
Keywords: RFID
EPC Gen2
PRNG
Security
Eavesdropping
Attack
Implementation
Issue Date: 2-Jul-2011
Publisher: Wireless Personal Communications
Citation: Melià Seguí, J., García Alfaro, J. & Herrera-Joancomartí, J. (2011). A Practical Implementation Attack on Weak Pseudorandom Number Generator Designs for EPC Gen2 Tags. Wireless Personal Communications, 59(1), 27-42. doi: 10.1007/s11277-010-0187-1
Also see: https://link.springer.com/article/10.1007/s11277-010-0187-1
Abstract: The Electronic Product Code Generation 2 (EPC Gen2) is an international standard that proposes the use of Radio Frequency Identification (RFID) in the supply chain. It is designed to balance cost and functionality. As a consequence, security on board of EPC Gen2 tags is often minimal. It is, indeed, mainly based on the use of on board pseudorandomness, used to obscure the communication between readers and tags; and to acknowledge the proper execution of password-protected operations. In this paper, we present a practical implementation attack on a weak pseudorandom number generator (PRNG) designed specifically for EPC Gen2 tags. We show that it is feasible to eavesdrop a small amount of pseudorandom values by using standard EPC commands and using them to determine the PRNG configuration that allows to predict the complete output sequence.
Language: English
URI: http://hdl.handle.net/10609/109802
ISSN: 0929-6212MIAR
Appears in Collections:Articles
Articles

Share:
Export:
Files in This Item:
File SizeFormat 
Melia_Garcia_Herrera_WPC_2010_post.pdf217.37 kBAdobe PDFView/Open

Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.