TY - GEN
T1 - Weak-Unforgeable Tags for Secure Supply Chain Management
AU - van Dijk, Marten
AU - Jin, Chenglu
AU - Maleki, Hoda
AU - Ha Nguyen, Phuong
AU - Rahaeimehr, Reza
N1 - Publisher Copyright:
© International Financial Cryptography Association 2018.
PY - 2018
Y1 - 2018
N2 - Given the value of imported counterfeit and pirated goods, the need for secure supply chain management is pertinent. Maleki et al. (HOST 2017) propose a new management scheme based on RFID tags (with 2–3K bits NVM) which, if compared to other schemes, is competitive on several performance and security metrics. Its main idea is to have each RFID tag stores its reader events in its own NVM while moving through the supply chain. In order to bind a tag’s identity to each event such that an adversary is not able to impersonate the tag’s identity on another duplicate tag, a function with a weak form of unforgeability is needed. In this paper, we formally define this security property, present three constructions (MULTIPLY-ADD, ADD-XOR, and S-Box-CBC) having this security property, and show how to bound the probability of successful impersonation in concrete parameter settings. Finally, we compare our constructions with the light-weight hash function PHOTON used by Maleki et al. in terms of security and circuit area needed. We conclude that our ADD-XOR and S-Box-CBC constructions have approximately $$1/4-1/3$$ of PHOTON’s total circuit area (this also includes the control circuitry besides PHOTON) while maintaining an appropriate security level which takes care of economically motivated adversaries.
AB - Given the value of imported counterfeit and pirated goods, the need for secure supply chain management is pertinent. Maleki et al. (HOST 2017) propose a new management scheme based on RFID tags (with 2–3K bits NVM) which, if compared to other schemes, is competitive on several performance and security metrics. Its main idea is to have each RFID tag stores its reader events in its own NVM while moving through the supply chain. In order to bind a tag’s identity to each event such that an adversary is not able to impersonate the tag’s identity on another duplicate tag, a function with a weak form of unforgeability is needed. In this paper, we formally define this security property, present three constructions (MULTIPLY-ADD, ADD-XOR, and S-Box-CBC) having this security property, and show how to bound the probability of successful impersonation in concrete parameter settings. Finally, we compare our constructions with the light-weight hash function PHOTON used by Maleki et al. in terms of security and circuit area needed. We conclude that our ADD-XOR and S-Box-CBC constructions have approximately $$1/4-1/3$$ of PHOTON’s total circuit area (this also includes the control circuitry besides PHOTON) while maintaining an appropriate security level which takes care of economically motivated adversaries.
KW - Light-weight cryptography
KW - One-time hash function
KW - Secure supply chain management
KW - Unforgeability
UR - http://www.scopus.com/inward/record.url?scp=85072849787&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85072849787&partnerID=8YFLogxK
U2 - 10.1007/978-3-662-58387-6_5
DO - 10.1007/978-3-662-58387-6_5
M3 - Conference contribution
AN - SCOPUS:85072849787
SN - 9783662583869
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 80
EP - 98
BT - Financial Cryptography and Data Security - 22nd International Conference, FC 2018, Revised Selected Papers
A2 - Meiklejohn, Sarah
A2 - Sako, Kazue
PB - Springer Verlag
T2 - 22nd International Conference on Financial Cryptography and Data Security, 2018
Y2 - 26 February 2018 through 2 March 2018
ER -