TY - GEN
T1 - Weak-Unforgeable Tags for Secure Supply Chain Management
AU - van Dijk, M.
AU - Jin, C.
AU - Maleki, H.
AU - Ha Nguyen, P.
AU - Rahaeimehr, R.
PY - 2018
Y1 - 2018
N2 - © International Financial Cryptography Association 2018.Given the value of imported counterfeit and pirated goods, the need for secure supply chain management is pertinent. Maleki et al. (HOST 2017) propose a new management scheme based on RFID tags (with 2–3K bits NVM) which, if compared to other schemes, is competitive on several performance and security metrics. Its main idea is to have each RFID tag stores its reader events in its own NVM while moving through the supply chain. In order to bind a tag’s identity to each event such that an adversary is not able to impersonate the tag’s identity on another duplicate tag, a function with a weak form of unforgeability is needed. In this paper, we formally define this security property, present three constructions (MULTIPLY-ADD, ADD-XOR, and S-Box-CBC) having this security property, and show how to bound the probability of successful impersonation in concrete parameter settings. Finally, we compare our constructions with the light-weight hash function PHOTON used by Maleki et al. in terms of security and circuit area needed. We conclude that our ADD-XOR and S-Box-CBC constructions have approximately $$1/4-1/3$$ of PHOTON’s total circuit area (this also includes the control circuitry besides PHOTON) while maintaining an appropriate security level which takes care of economically motivated adversaries.
AB - © International Financial Cryptography Association 2018.Given the value of imported counterfeit and pirated goods, the need for secure supply chain management is pertinent. Maleki et al. (HOST 2017) propose a new management scheme based on RFID tags (with 2–3K bits NVM) which, if compared to other schemes, is competitive on several performance and security metrics. Its main idea is to have each RFID tag stores its reader events in its own NVM while moving through the supply chain. In order to bind a tag’s identity to each event such that an adversary is not able to impersonate the tag’s identity on another duplicate tag, a function with a weak form of unforgeability is needed. In this paper, we formally define this security property, present three constructions (MULTIPLY-ADD, ADD-XOR, and S-Box-CBC) having this security property, and show how to bound the probability of successful impersonation in concrete parameter settings. Finally, we compare our constructions with the light-weight hash function PHOTON used by Maleki et al. in terms of security and circuit area needed. We conclude that our ADD-XOR and S-Box-CBC constructions have approximately $$1/4-1/3$$ of PHOTON’s total circuit area (this also includes the control circuitry besides PHOTON) while maintaining an appropriate security level which takes care of economically motivated adversaries.
UR - https://www.scopus.com/pages/publications/85072849787
UR - https://www.scopus.com/pages/publications/85072849787#tab=citedBy
U2 - 10.1007/978-3-662-58387-6_5
DO - 10.1007/978-3-662-58387-6_5
M3 - Conference contribution
SN - 9783662583869
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 80
EP - 98
BT - Financial Cryptography and Data Security - 22nd International Conference, FC 2018, Revised Selected Papers
A2 - Meiklejohn, S.
A2 - Sako, K.
PB - Springer Verlag
T2 - 22nd International Conference on Financial Cryptography and Data Security, 2018
Y2 - 26 February 2018 through 2 March 2018
ER -