ConferenceSoftCOM2010 Author Deepak Tagra Musfiq Rahman and Srinivas Sampalli Present 102062595 侯宗佑 Outline Introduction Security Issues Gossamer Protocol Desynchronization Attack ID: 297648
Download Presentation The PPT/PDF document "Technieue for Preventing DoS Attacks on ..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Technieue for Preventing DoS Attacks on RFID System
Conference:SoftCOM(2010)
Author: Deepak Tagra, Musfiq, Rahman and Srinivas Sampalli
Present:
102062595
侯宗佑Slide2
Outline
Introduction
Security Issues
Gossamer ProtocolDe-synchronization AttackExtensionConclusion
1/17Slide3
Introduction
2
/17Slide4
Security Issues
Vulnerable to Evasdropping.
Traffic analysis
Confidential data
Personal privacy
Spoofing
SQL injection
Data integerty
Replay attack
De-synchronization
3
/17Slide5
Security Issues
Deny of service
Kill command attack
Jamming
De-synchronization attack
Tag data modification
Data encryption and authentication is required.
4
/17Slide6
Security Issues
Difficulties
No power supply.
Cost must be low.
Limited hardware scale.
Only able to do bitwise operation.
Classic encryption/authentication techniques cannot be implemented.
AES,DES,SHA-1,md5....
Protocol must be low-cost and light-weighted.
5
/17Slide7
Gossamer Protocol
UMAP family
Tag anoymity
Data encryption
Mutual authentication
Only bitwise logical operation.
Enhancement of SASI protocol.
Using non-triangular function for encryption.
6
/17Slide8
Gossamer Protocol
Tag identication
Reader
Tag
Hello
IDS
7
/17Slide9
Gossamer Protocol
Mutual Authentication
Reader
Tag
PRNG
: (n
1,
n
2
)
Keys
: (IDS,K1
,K
2
)
Keys
: (IDS,K
1
,K
2
)
A = f(
IDS,K
1
,K
2
,n
1
,Const)
B
= f(
IDS,K
1
,K
2
,n
1
,Const)
C
= f(
IDS,K1’,K2’,n3,Const)
A||B||C
n
3 = MIXBITS(n1,n2)
8
/17Slide10
Gossamer Protocol
Mutual authentication
Reader
Tag
Keys
: (IDS,K
1
,K
2
)
Extract n
1, n2 from A,B
Compute C’, If C’ == C
D =
(
IDS,K
1
’,K
2
’,n
1
’,Const)
D
Compute D’, If D’ == D
SUCCESS
n
1
’ = MIXBITS(n
3
,n
2
)
n
1
’ = MIXBITS(n
3
,n
2
)
9
/17Slide11
Gossamer Protocol
Key updating
Tag
Reader
New Keys(IDS
new
,K1
new
,K2
new
)
= f(IDS,K1,K2,n
1
,n
2
,n
3
)
New Keys(IDS
new
,K1
new
,K2
new
)
= f(IDS,K
1
,K
2
,n
1
,n
2
,n
3
)
Old Keys(IDS
old
,K1old,K2old)
= (IDS, K1,K2) )10/17Slide12
De-synchroniztion Attack
Prevented
Tag
Reader
Attacker
D(Blocked)
C(Blocked)
New Keys(IDS
new
,K1
new
,K2
new
)
= f(IDS,K
1
,K
2
,n
1
,n
2
,n
3
)
Old Keys(IDS
old
,K1
old
,K2
old
)
= (IDS,
K
1
,K
2)
)
Old Keys(IDSold,K1old,K2old
) = (IDS,
K1,K
2) )11/17Slide13
De-synchronization Attack
Not prevented
Tag
Reader
Attacker
A||B||C(Copied)
D(Blocked)
Old Keys(IDS
old
,K1
old
,K2
old
)
= (IDS,
K
1
,K
2)
)
New Keys(IDS
new
,K1
new
,K2
new
)
= f(IDS,K
1
,K
2
,n
1
,n
2
,n
3
)
Old Keys(IDSold,K1old,K2
old) = (IDS,
K1,K
2) )12/17Slide14
Reader
Tag
Reader
Attacker
D’
A’||B’||C’
New Keys(IDS’
new
,K1’
new
,K2’
new
)
Old Keys(IDS
old
,K1
old
,K2
old
)
= (IDS,
K
1
,K
2)
)
New Keys(IDS’
new
,K1’
new
,K2’
new
)
De-synchronization Attack
13/17Slide15
Attacker
Tag
D
A||B||C
New Keys(IDS
new
,K1
new
,K2
new
)
= f(IDS,K
1
,K
2
,n
1
,n
2
,n
3
)
Old Keys(IDS
old
,K1
old
,K2
old
)
= (IDS,
K
1
,K
2)
)
De-synchronization Attack
14/17Slide16
Reader
Tag
Reader
Attacker
IDS or
IDS
new
Hello
New Keys(IDS’
new
,K1’
new
,K2’
new
)
Old Keys(IDS
old
,K1
old
,K2
old
)
= (IDS,
K
1
,K
2)
)
New Keys(IDS
new
,K1
new
,K2
new
)
De-synchronization Attack
15/17Slide17
Extension
Reader
Tag
Reader
Attack
IDS or
IDS
new
Hello
New Keys(IDS’
new
,K1’
new
,K2’
new
)
Old Keys(IDS
old
,K1
old
,K2
old
)
= (IDS,
K
1
,K
2)
)
New Keys(IDS
new
,K1
new
,K2
new
)
Old Keys(IDS
old,K1old,K2old
) = (IDS,
K1,K
2) )16/17Slide18
Conclusion
Classified DoS attack on RFID.
Point out the vulerbility of Gossamer protocol.
Propose a simple extension to solve the problem.
17/17