Pseudorandom number generation (PRNG) is the main security tool in low-cost passive radio-frequency identification (RFID) technologies, such as EPC Gen2. We present a lightweight PRNG design for low-cost passive RFID tags, named J3Gen. J3Gen is based on a linear feedback shift register (LFSR) configured with multiple feedback polynomials. The polynomials are alternated during the generation of sequences via a physical source of randomness. J3Gen successfully handles the inherent linearity of LFSR based PRNGs and satisfies the statistical requirements imposed by the EPC Gen2 standard. A hardware implementation of J3Gen is presented and evaluated with regard to different design parameters, defining the key-equivalence security and nonlinearity of the design. The results of a SPICE simulation confirm the power-consumption suitability of the proposal.
References
[1]
EPCglobal. EPC Radio-Frequency Identity Protocols Class-1 Generation-2 UHF RFID Protocol for Communications at 860-960 MHz. Available online: http://gs1.org/gsmp/kc/epcglobal/ (accessed on 20 January 2013).
[2]
Peris-Lopez, P.; Hernandez-Castro, J.; Estevez-Tapiador, J.; Ribagorda, A. LAMED a PRNG for EPC Class-1 Generation-2 RFID specification. Comput. Stand. Interfaces 2009, 31, 88–97.
[3]
Melià-Seguí, J.; Garcia-Alfaro, J.; Herrera-Joancomartí, J. On the similarity of commercial EPC Gen2 pseudorandom number generators. Trans. Emerg. Telecommun. Technol. 2012, doi:10.1002/ett.2600.
Melià-Seguí, J.; Garcia-Alfaro, J.; Herrera-Joancomartí, J. Multiple-Polynomial LFSR Based Pseudorandom Number Generator for EPC Gen2 RFID Tags. Proceedings of the IECON-37th Annual Conference on IEEE Industrial Electronics Society, Melbourne, Australia, 8 November 2011; pp. 3820–3825.
[6]
Linear Technologies-LTSpice IV. Available online: http://linear.com/designtools/software/ (accessed on 20 January 2013).
[7]
De Canniere, C.; Preneel, B. Trivium Specifications. Technical Report; ECRYPT Project, 2008. Available online: http://www.ecrypt.eu.org/stream/triviumpf.html (accessed on 20 January 2013).
[8]
Hell, M.; Johansson, T.; Meier, W. Grain: A stream cipher for constrained environments. Int. J. Wirel. Mobile Comput. 2007, 2, 86–93.
[9]
Lee, H.; Hong, D. The tag authentication scheme using self-shrinking generator on RFID system. Int. J. Appl. Sci. Eng. Technol. 2007, 3, 33–38.
[10]
Che, W.; Deng, H.; Tan, X.; Wang, J. Networked RFID Systems and Lightweight Cryptography. In A Random Number Generator for Application in RFID Tags; Springer: Berlin/Heidelberg, Germany, 2008. Chapter 16; pp. 279–287.
[11]
Coppersmith, D.; Krawczyk, H.; Mansour, Y. The Shrinking Generator. In Advances in Cryptology-Crypto'93; Springer: Berlin/Heidelberg, Germany, 1994; pp. 22–39.
[12]
Menezes, A.; Oorschot, P.V.; Vanstone, S. Handbook of Applied Cryptography; CRC Press: Boca Raton, FL, USA, 2001.
[13]
Meier, W.; Staffelbach, O. The self-shrinking generator. Lect. Notes Comput. Sci. 1995, 950, 205–214.
[14]
Melià-Seguí, J.; Garcia-Alfaro, J.; Herrera-Joancomartí, J. A practical implementation attack on weak pseudorandom number generator designs for EPC Gen2 Tags. Wirel. Pers. Commun. 2011, 59, 27–42.
[15]
Dolev, S.; Gilboa, N.; Kopeetsky, M.; Persiano, G.; Spirakis, P.G. Information security for sensors by overwhelming random sequences and permutations. Ad Hoc Netw. 2011. in press.
[16]
Garcia-Alfaro, J.; Barbeau, M.; Kranakis, E. Proactive threshold cryptosystem for EPC tags. Ad Hoc & Sens. Wirel. Netw. 2011, 12, 187–208.
[17]
Delgado-Mohatar, O.; Fúster-Sabater, A.; Sierra, J.M. A light-weight authentication scheme for wireless sensor networks. Ad Hoc Netw. 2011, 9, 727–735.
[18]
Liu, Z.; Peng, D. True Random Number Generator in RFID Systems Against Traceability. Proceedings of the 3rd IEEE Consumer Communications and Networking Conference, (CCNC 2006), Las Vegas, NV, USA, 8 January 2006. Volume 1; pp. 620–624.
[19]
Tounsi, W.; Cuppens-Boulahia, N.; Cuppens, F.; Garcia-Alfaro, J. Formal Verification of a Key Establishment Protocol for EPC Gen2 RFID Systems: Work in Progress. Proceedings of the 4th Canada-France MITACS Workshop on Foundations & Practice of Security (FPS 2011), Paris, France, 12 May 2011; pp. 242–252.
[20]
Holcomb, D.; Burleson, W.; Fu, K. Initial SRAM State as a Fingerprint and Source of True Random Numbers for RFID Tags. Proceedings of the Conference on RFID Security, Málaga, Spain, 11 July 2007.
[21]
Lee, J.W.; Vo, D.H.T.; Huynh, Q.H.; Hong, S.H. A fully integrated HF-band passive RFID tag IC using 0.18-μm CMOS technology for low-cost security applications. IEEE Trans. Ind. Electron. 2011, 58, 2531–2540.
[22]
Aguilar-Angulo, J.; Kussener, E.; Barthelemy, H.; Duval, B. A new Oscillator-Based Random Number Generator. Proceedings of the 2012 IEEE Faible Tension Faible Consommation, (FTFC), Paris, France, 20 June 2012; pp. 1–4.
Wang, C.; Daneshmand, M.; Sohraby, K.; Li, B. Performance analysis of RFID generation-2 protocol. IEEE Trans. Wirel. Commun. 2009, 8, 2592–2601.
[25]
Mohsenian-Rad, A.H.; Shah-Mansouri, V.; Wong, V.; Schober, R. Distributed channel selection and randomized interrogation algorithms for large-scale and dense RFID systems. IEEE Trans. Wirel. Commun. 2010, 9, 1402–1413.
[26]
Balachandran, G.; Barnett, R. A 440nA true random number generator for passive RFID tags. IEEE Trans. Circ. Syst. I Regul. Pap. 2008, 55, 3723–3732.
[27]
Hellebrand, S.; Rajskia, J.; Tarnick, S.; Venkataraman, S.; Courtois, B. Built-in test for circuits with scan based on reseeding of multiple-polynomial linear feedback shift registers. IEEE Trans. Comput. 1995, 44, 223–233.
[28]
Rosinger, P.; Al-Hashimi, B.; Nicolici, N. Dual multiple-polynomial LFSR for low-power mixed-mode BIST. IEEE Proc. Comput. Digital Tech. 2003, 150, 209–217.
[29]
Juels, A. RFID security and privacy: A research survey. IEEE J. Sel. Areas Commun. 2006, 24, 381–394.
[30]
Weis, S.; Sarma, S.; Rivest, R.; Engels, D. Security and privacy aspects of low-cost radio frequency identification systems. Lect. Note. Comput. Sci. 2003, 2802, 454–469.
[31]
Ranasinghe, D.C.; Cole, P.H. Networked RFID Systems and Lightweight Cryptography. In An Evaluation Framework; Springer: Berlin/Heidelberg, Germany, 2008. Chapter 8; pp. 157–167.
[32]
Baker, R. CMOS: Circuit Design, Layout, and Simulation; Wiley-IEEE Press: Weinheim, Germany, 2007.
[33]
Paar, C.; Poschmann, A.; Robshaw, M. New Designs in Lightweight Symmetric Encryption. In RFID Security; Kitsos, P., Zhang, Y., Eds.; Springer: New York, NY, USA, 2009; pp. 349–371.
[34]
Petrie, C.; Connelly, J. Modeling and Simulation of Oscillator-Based Random Number Generators. Proceedings of the IEEE International Symposium on Circuits and Systems, Atlanta, GA, USA, 12 May 1996. Volume 4; pp. 324–327.
[35]
Zhou, S.; Zhang, W.; Wu, N. An ultra-low power CMOS random number generator. Solid-State Electron. J. 2008, 52, 233–238.
[36]
Bogdanov, A.; Knudsen, L.; Leander, G.; Paar, C.; Poschmann, A.; Robshaw, M.; Seurin, Y.; Vikkelsoe, C. PRESENT: An ultra-lightweight block cipher. Lect Note. Comput. Sci. 2007, 4727, 450–466.
[37]
Massey, J. Shift-register synthesis and BCH decoding. IEEE Trans. Inf. Theory 1969, 15, 122–127.
[38]
Haahr, M. True random number service. Available online: http://random.org (accessed on 20 January 2013).
[39]
Feldhofer, M.; Wolkerstorfer, J. Hardware Implementation of Symmetric Algorithms for RFID Security. In RFID Security; Kitsos, P., Zhang, Y., Eds.; Springer: New York, NY, USA, 2009; pp. 373–415.
[40]
EECS-UC Berkeley SPICE Website. Available online: http://bwrc.eecs.berkeley.edu/classes/icbook/spice/ (accessed on 20 January 2013).
[41]
Kang, S. Accurate simulation of power dissipation in VLSI circuits. IEEE J. Solid-State Circ. 1986, 21, 889–897.
[42]
Predictie Technology Model-Arizona State University. Available online: http://ptm.asu.edu (accessed on 20 January 2013).
