Clone resistant mutual authentication for low-cost RFID and contactless credit cards
EPC, RFID, cloning, mutual authentication, stream cipher, electronic payments
With Radio Frequency Identification (RFID) tags being used to secure contactless credit cards, great benefits but also serious security and information privacy issues have arisen. Recently many attempts have been made to resolve these issues. In particular, attempts have been made to provide a means for authentication between tag and reader. However, none have yet have been able to provide resistance to cloning attacks. Furthermore, authentication on lowest range of low-cost RFID tags, also remains a challenge. We propose a clone resistant, mutual authentication scheme that requires only 32 bits of read write memory, 90 bits of read only memory and can be deployed using as few as 300 logic gates. We also propose a stream cipher with the same memory constraints and magnitude of logic gates. These systems may also be scaled to provide a high level of security, using relatively little computational resources, on larger hardware platforms.
Stephane Lemieux and Adrian Tang. Clone Resistant Mutual Authentication for Low-Cost RFID and Contactless Credit Cards. Cryptology ePrint Archive, Paper 2007/170, 2007. https://eprint.iacr.org/2007/170
Attribution (CC BY)