http://swrc.ontoware.org/ontology#TechnicalReport
Secret Sharing-based Key Distribution with Dummy Tags in RFID-enabled Supply Chains
en
暗号
Department of Information and Computer Science, Keio University
Department of Information and Computer Science, Keio University
Kentaroh Toyoda
Iwao Sasase
In the RFID-enabled supply chains, it is crucial to securely convey products between parties to avoid counterfeits from being distributed. Recently, many schemes has been proposed to realize this by encrypting EPCs (Electronic Product Code) and distributing a secret key with a secret sharing scheme. However, we point out that two problems exist. The first one is that an attacker might recover the legitimate key by collecting sufficient secret shares when products are carried in the public transportation. The second one is that simply encrypting EPCs with a symmetric cipher scheme does not ensure that an encrypted EPC fits into EPC memory bank. In this paper, we first propose a secure secret key distribution scheme to solve the first problem by introducing sufficient number of dummy tags which possess a bogus secret share. Since an attacker cannot see the tags themselves from the outside of the carrying vehicle, he/she cannot distinguish between the legitimate tags and dummy tags and thus, he/she has to find out the correct key by iteratively trying each combination of secret shares. On the other hand, the party who receives products can distinguish dummy tags since they are not attached to any product. We also propose to introduce an FPE (Format Preserving Encryption) to solve the second problem. We prove that our construction is secure in both the privacy and robustness aspect. We confirm that our scheme is easily implemented with the off-the-shelf RFID reader and tags.
In the RFID-enabled supply chains, it is crucial to securely convey products between parties to avoid counterfeits from being distributed. Recently, many schemes has been proposed to realize this by encrypting EPCs (Electronic Product Code) and distributing a secret key with a secret sharing scheme. However, we point out that two problems exist. The first one is that an attacker might recover the legitimate key by collecting sufficient secret shares when products are carried in the public transportation. The second one is that simply encrypting EPCs with a symmetric cipher scheme does not ensure that an encrypted EPC fits into EPC memory bank. In this paper, we first propose a secure secret key distribution scheme to solve the first problem by introducing sufficient number of dummy tags which possess a bogus secret share. Since an attacker cannot see the tags themselves from the outside of the carrying vehicle, he/she cannot distinguish between the legitimate tags and dummy tags and thus, he/she has to find out the correct key by iteratively trying each combination of secret shares. On the other hand, the party who receives products can distinguish dummy tags since they are not attached to any product. We also propose to introduce an FPE (Format Preserving Encryption) to solve the second problem. We prove that our construction is secure in both the privacy and robustness aspect. We confirm that our scheme is easily implemented with the off-the-shelf RFID reader and tags.
AA11235941
研究報告コンピュータセキュリティ（CSEC）
2015-CSEC-69
9
1-8
2015-05-14
2188-8655