Anti-counterfeiting ISO 15693 RFID Solutions
Transcription
Anti-counterfeiting ISO 15693 RFID Solutions
11th International Conference on DEVELOPMENT AND APPLICATION SYSTEMS, Suceava, Romania, May 17-19, 2012 Anti-counterfeiting ISO 15693 RFID Solutions Involving Authentication and Traceability Using Symmetric and Asymmetric Cryptography Marius CERLINCĂ, Cristina TURCU, Tudor CERLINCĂ, Remus PRODAN, Valentin POPA Stefan cel Mare University of Suceava, 720229, Romania mariusc@eed.usv.ro Abstract — When dealing with subjects as anticounterfeiting of goods using authentication and traceability it seems that RFID technology has all the advantages over traditional barcode technology. While in shops and supermarkets it seems that the barcode technology is still a winner and hard to replace due to it’s current spread and low cost advantages, the RFID solutions seems to be more adequate for supply-chain management specific issues. Current RFID solutions for supply-chain management are using the new EPC Gen2 RFID standard that uses UHF and is not available to ISO15693 or any other RFID standard. In this paper we will describe how an anti-counterfeiting solution can be implemented using the ISO15693 standard and symmetric/asymmetric cryptography. Index Terms — RFID, anti-counterfeiting, authentication, traceability, cryptography. I. INTRODUCTION “Current batch recall practice is expensive and difficult, since many supply chain partners need to combine the data from their ERP systems. Radio Frequency Identification (RFID) can be used to efficiently implement batch recalls, e.g. by storing batch numbers from the parts/ingredients used in all manufacturing steps. But this raises concerns on industrial privacy, since competitors could use this information to gain insight into the whole supply chain.“ [1] The anti-counterfeiting solution we will describe was a result of our attempt to meet the specifications of a research project called ATPROD. Ensuring the authenticity and determining the route followed by a product can be done by implementing a production management system using RFID technology and extending its use to the place of trading. There are currently many flow management systems in manufacturing and transport of goods, but the chain is not complete because usually the points of sale and service are missing from the logical chain and from the databases attached. This paper presents a reliable and low cost anticounterfeiting solution based on RFID technology both for goods authentication and traceability while ensuring a database for distribution control (Fig. 1). Moreover, to eliminate doubts regarding the transport or storage of products in poor conditions, the system is providing solutions for monitoring ambient parameters like temperature, information obtained throughout the transport or storage of goods, and storing them in memory of active RFID tags. Adequate traceability of product information will be read and write at each distribution point or retail store. Thus, the final consumer will get a product with an RFID tag attached that contains all essential information regarding the product as well as all traceability information including the final retail store and service points. Customers can check all this information using a portable RFID reader or a smartphone. The system allows clients to register as the owner of the labeled products. Thus, a product can be authenticated by three means quickly accessible to every user: authentication at the level of product label (using a hologram or other traditional authentication elements); authentication at the level of electronic RFID chip accompanying the product, which contains information on traceability and source of the product; authentication using the web site the system provides, based on unique product ID code, in order to compare the information from the producer database with the one inside the electronic RFID chip. Fig. 1. General architecture of a supply chain This way the system ensures maximum safety, drastic reduction of opportunities for products piracying, increasing the client safety regarding the origins of purchased goods and providing a modern management and tracking system of goods. II. BIDIRECTIONAL INFORMATION FLOW SCENARIO Bidirectional information flow between manufacturer, distributor and retailers is (shown in Fig. 2) contains the following steps to ensure traceability: 1. Product labeling at the manufacturer level and writing the RFID label with initial data. Introducing products in RFID labeled packages, writing the initial data related to current package. Package ID is associated with the product codes in the package. The updating of producer’s database will be made using the package unique ID until the retail sale of products inside. The product information is stored in 175 11th International Conference on DEVELOPMENT AND APPLICATION SYSTEMS, Suceava, Romania, May 17-19, 2012 the transponder memory and also in the goods database of the manufacturer. 2. Upon delivery from the manufacturer’s warehouse of finished products, current date and warehouse’s ID will be written into RFID tag memory. Information is transmitted via the Internet to the manufacturer’s database server. 3. When entering the warehouse, information from package’s label will be read and will be sent to the manufacturer’s server. Data about entering current warehouse will be written into the RFID tags of the package and products inside it. When exiting from the warehouse, information regarding the package will be read from attached tag and will be sent to the manufacturer database server. Information about exiting the current warehouse will be written into package and products RFID tags. 4. If there are more distributors in the chain, all steps presented previously will be repeated for each storehouse. 5. When entering the retailer’s warehouse information from the package’s RFID tag will be read and sent to the manufacturer’s database server. Data about entering the retailer’s warehouse will be written in package and products tags. Products will be unpacked and the package label will be destroyed and the database server of the manufacturer will be informed. 6. When selling the products authentication will be performed using an application that can run both on PC’s and PDA’s that have attached an RFID reader. After selling the product the database server of the manufacturer will be informed again. Trying to sell a product with the same ID or cloned RFID tag will trigger a message at the manufacturer level. Moreover, the failed authentication process will inform the manufacturer that a counterfeit product was introduced in the chain. 7. For certain products such as foods and drugs, an active temperature RFID tag can be used for packages. Data about ambient conditions will be sent also to the manufacturer’s database server. Temperature RFID tags can be reused. Fig. 2. Bidirectional information flow between manufacturer, distributor and retailers III. THE PROBLEM(S) While trying to research and develop a safe anticounterfeiting solution that involves both authentication and traceability we encountered a multitude of problems such as: low memory space available on RFID labels; authenticating the RFID tags; privacy issues while trying to keep some information public and some private; tag cloning as a threat to uniqueness; encryption and hash functions algorithms inappropriate for RFID technology (with respect to point 1 above); reading all tags within a package. 176 P1. Low memory space available on RFID labels: current affordable RFID tags have maximum memory size around 8 kbit. Taking into consideration the proposed solution (see section V) we had to minimize the amount of data written on labels. P2. Authenticating the RFID tags (see also [2] and [3]): in order to be sure that a product is genuine we had to identify a solution for authenticate the RFID tags. Using just the unique ID of the RFID tag isn’t enough due to cloning issues (see point 4). Using of current modern hash functions is not a solution due to large size of the result (see points 1 and 5). P3. Privacy issues while trying to keep some information public and some private: while traceability requires some information to be made public this will always raises concerns on industrial privacy, since 11th International Conference on DEVELOPMENT AND APPLICATION SYSTEMS, Suceava, Romania, May 17-19, 2012 competitors could use this information to gain insight into the whole supply chain. [1] P4. Tag cloning: “Cloning of RFID tags can lead to financial losses in many commercial RFID applications. There are two general strategies to provide security: prevention and detection. [4]” Our proposed solution (see section V) is taking into consideration both prevention and detection by means of asymmetric cryptography and not only. P5. Encryption and hash functions algorithms inappropriate for RFID technology (Table 1): current standard symmetric encryption algorithms are using 64 (DES) or 128 (AES) bits while current ISO 15693 block data is 32 bits; current standard asymmetric encryption algorithm (RSA) has 512 bits as minimum size of RSA key, also not acceptable from our point of view. (see [5]) ; current hash algorithms are using 128 (MD5) or at least 160 (SHA series) bits outputs. 2. 3. 4. written. When exiting the manufacturer site, some information about the date (and not only) should be written. Each time a package with products inside enters a warehouse the tag should be authenticated and some new information about entering into the facility and the current date should be written. When entering the retail store the package and all its products should be authenticated and some information should be written. The package’s RFID tag should be destroyed. Taking into consideration the process described above we proposed a tag structure like the one below (Fig. 3): TABLE I. CRYPTOGRAPHIC ALGORITHMS FACTS Algorithm Min. key size Output Type (bits) (bits) DES 64 (56) 64 Symmetric AES 128 128 Symmetric RSA (.NET) 512 512 Asymmetric MD5 128 Hash function SHA-1 160 Hash function SHA-2 224 Hash function P6. Reading all tags within a package: due to current technological limitations of RFID technology there are some problems in being sure whether or not all tags inside a cardboard package were read. We proposed a simple solution that should solve the problem (see section V). IV. OTHER SOLUTIONS One solution that already uses advanced encryption algorithms is RFID tags that are using EPC Gen2 protocol [6]. Due to high costs of such an implementation and the RFID protocol imposed (ISO 15693), EPC Gen 2 UHF cannot be used a solution for problems listed on section IV. Some authors proposed some alternative solutions that may be used in RFID cryptography. One very good solution seems to be described by Leonardo Weiss Ferreira Chaves and Florian Kerschbaum in “Industrial Privacy in RFIDbased Batch Recalls”[1], but there is not much about authentication and/or traceability in their solution, but much about the encryption itself. Another solution that is based on Florian Hess algorithm is described in “Implementation of ID-Based Signature in RFID System” [7] but their solution is inappropriate for our problems due to large number of bits needed to be written on the RFID tags each time: about 170 bits long. V. OUR SOLUTION Before presenting the solution we propose, let’s take a look at the RFID tag writing and reading process: 1. First, when the logical tag is created at manufacturer level, some authentication information should be Fig. 3. Simplified view of RFID tag structure Our practical solutions that are covering all problems described in section III involves: S1. Use of a simplified digital signature computed from unique ID of RFID tag and unique ID of the manufacturer (4/8 bits) described also in [2] and [3]. This will cover the authentication issue (P2), low 177 11th International Conference on DEVELOPMENT AND APPLICATION SYSTEMS, Suceava, Romania, May 17-19, 2012 memory issue (P1), 4 byte writing/reading issue(P5) and tag cloning issues (P4); S2. All information related to manufacturer and warehouses will be encrypted only using a symmetric encryption algorithm like SKIP32 or Blowfish-32. This way at least some concerns related to industrial privacy should be covered (P3) and also low space and ISO 15693 reading/writing issue (P5); S3. All information related to current / entering / exiting date and time will be encrypted using RSA 32 asymmetric encryption algorithm. We had to develop so called RSA 32 in order to cover the reading/writing issue (P5). The key management algorithm for the symmetric and asymmetric algorithms is like follows: all public keys of warehouses and final retail store will be known by the manufacturer; each warehouse will know only the public key of the next warehouse in the chain; each manufacturer / warehouse / retail store will keep secret his private symmetric key and his private asymmetric key. Using the encryption algorithms and keys as described above will solve the problems related to privacy issues (P3) and tag cloning issues (P4). S4. In order to solve the RFID reading issue (P6) we are proposing the use of a simple linked circular list (see Fig. 4) that involves additional data to be written on RFID tag’s memory (no more than 1 byte). If the RFID reader does not read all tags at first, then the package that contains the product should be rotated / moved until all tags had be read and the logical circular list has been completed. somebody wants to insert a fake package / product in the chain. There are only two possibilities to do it: at warehouses level: this will be detected immediately when exiting the warehouse’s gates because all information here are sent to the manufacturer database; at transportation level: this will be detected immediately as a package / product enters next warehouse / retail store; moreover, the detection will take place at the manufacturer’s database level also. Our solution is covering the most important issues related to RFID technology when dealing with industrial chains (see section III): low memory space available on RFID labels: covered by using 32 bit digital signature mechanism and encryption algorithms: RSA 32 for asymmetric encryption and SKIP32 / Blowfish-32 for symmetric encryption; authenticating the RFID tags: use of the simplified digital signature; privacy issues: use of symmetric encryption when desired; tag cloning: see anti-counterfeiting coverage; encryption and hash functions algorithms inappropriate for RFID technology and reading all tags within a package issues: use of 32 bit authentication / encryption algorithms. ACKNOWLEDGMENTS This work was supported in part by the Romanian Ministry of Education and Research under Grant named “ATPROD – Integrated System for Authenticity Control and Verification of Products” 12-082/ 01.10.2008. REFERENCES [1] [2] [3] Fig. 4. Simple linked circular list using RFID tags. [4] [5] VI. CONCLUSIONS As a result of our researches we are proposing some simple and practical solutions for the issues related to authentication, anti-counterfeiting and traceability issues when dealing with an industrial / commercial chain. Authentication is covered using a simplified digital signature (S1). Traceability is provided by the manufacturer database and the entering / exiting tag writing system. Anti-counterfeiting is covered both by authentication and traceability means and not only. Let’s suppose that [6] [7] 178 Industrial Privacy in RFID-based Batch Recalls, Leonardo Weiss Ferreira Chaves, SAP Research, Karlsruhe, Germany, leonardo.weiss.f.chaves@sap.com, Florian Kerschbaum, SAP Research, Karlsruhe, Germany, florian.kerschbaum@sap.com. HL7 Messaging Engine with Customizable Translation System, Advances in Electrical and Computer Engineering, Volume 10, Issue 2, Year 2010, On page(s): 98 - 101, ISSN: 1582-7445, e-ISSN: 18447600 Marius CERLINCA, Cristina TURCU, Tudor CERLINCA, Remus PRODAN. The Real Potential of an RFID_B2B Integrated Application, Development and Application Systems, 22-24 May, 2008, SUCEAVA, Romania, Pages: 253-260, Marius CERLINCA, Cornel TURCU, Tudor CERLINCA, Remus PRODAN, Felicia GIZA, Alexandru GOLOCA. Securing RFID systems by detecting tag cloning, Mikko Lehtonen, Daniel Ostojic, Alexander Ilic and Florian Michahelles. Current State of Cryptography and Design of an Online Storage System, December 14, 2009, Master’s Thesis in Computing Science, Tommy Jonsson The security of EPC Gen2 compliant RFID protocols, Mike Burmester (Department of Computer Science, Florida State University, Tallahassee) and Breno de Medeiros (Information Security Consultant, Santa Clara) Implementation of ID-Based Signature in RFID System, Piseth Ith, Yoshihito Oyama, Atsuo Inomata and Eiji Okamoto