Computer ScienceComputer ScienceDepartment ofDepartment of
University of VirginiaUniversity of Virginia
Voltage on a tag
Radio Frequency Identification SystemsRadio Frequency Identification SystemsNew Ideas and AlgorithmsNew Ideas and Algorithms
Introduction to Radio Frequency Identification (RFID) Systems Introduction to Radio Frequency Identification (RFID) Systems
Multi-Tag RFID SystemsMulti-Tag RFID Systems
Randomized PRF Tree Walking AlgorithmRandomized PRF Tree Walking AlgorithmRandomized Tree Walking Algorithm Randomized Tree Walking Algorithm
[email protected], [email protected] School of Engineering & Applied ScienceSchool of Engineering & Applied Science
Attach more than one tag to an objectRedundant TagsDual-Tags
Private memory onlyShared memory onlyShared and private memory
n-Tags
Dual-Tags Coordinated Reply
Reader-Tag CommunicationRFID PrimerThree types of RFID tags
Passive Active Semi-Active
Operational Frequencies 125KHz - 5.8GHz
Operational Range 5mm - 15m
Standardization Bodies International Organization for
Standardization EPCglobal, Inc
EPC System Architecture
Tag ID
Applications
Traverse(i, count) := Read random bit if collision on detected: Suspend all tags with == 1 Each suspended tag stores Traverse(i+
i
i
i
b ib
bi
1, 0) Wake up tags suspended on bit Traverse(i+1, 0) else if no collision on detected: if(count > threshold) Tree-Walk rem
i
i
b
aining tags else Traverse(i+1, count+1) Secure Binary Tree-Walking
i. Each tag generates a random numberii. Reader performs a tree-walkiii. Selected tag transmits its real ID
Major questions:How to deal with collisions on the tags’ real-IDs?How to choose the optimal length for random numbers?How to select the threshold?
Optimal Random Number LengthUse average n over many traverse runs
Goal: Efficiently solve reader-tag authentication problem in the presence of many tags
Traverse(i, count) := Read random bit if collision on detected: Suspend all tags with == 1 Each suspended tag stores Traverse(i+
i
i
i
b ib
bi
1, 0) Wake up tags suspended on bit Traverse(i+1, 0) else if no collision on detected: if(count > threshold) Proceed to st
i
i
b
1ep 2 with ,..., Tree-Walk remaining tags else Traverse(i+1, count+1)
ir b b
Applications of Multi-Tags Supply chain management
to increase chances of object detection Luggage tracking
regulations require different algorithms Preventing illegal deforestation
tagging of trees to prevent illegal logging
Binary No Effect No EffectBinary Variant No Effect No EffectRandomized Doubles Time** No Effect*STAC Causes DOS No Effect*Slotted Aloha Doubles Time** No Effect** If Dual-Tags communicate to form a single response** Assuming an object is tagged with two tags
Effect on Singulation AlgorithmsAlgorithm Redundant Tags Dual-Tags
Reliability and DependabilityObject’s detection is more likelyFailure of a redundant tag
leaves the system functional is detectable in some systems
1. Each tag generates a random number, and the reader performs a tree-walk on these numbers
2. Once a tag is selected, the reader and the tag engage in a tree-waking private authentication protocol
3. The reader moves the tag to a different position in a tree.
( )O n (log )O n ( )treeO depth ( )treeo depth (1)O
Time and Space Complexityn is the total number of tags in the system
Steps of the algorithm
Security Enhancement n-Tags send “chaff” hiding the real IDsRecycled IDs are good “chaff” source“Chaffing and winnowing” has a cost
extra tag functionalityoverhead to create and filter “chaff”
Optimal Tag Positioning
Benefits of Multi-tagsIncreased expected voltage on a tagIncreased expected communication rangeIncreased memoryIncreased reliabilityIncreased durability
Major Research IssuesReducing the cost of tagsProviding security and privacyStandardizing the technology
1 3 42
tag tag
antenna antenna
signal
Inductive Coupling
Far-Field Propagation
signal
Threshold SelectionStart the threshold at 2Increase threshold by 1 if a collision occursDecrease threshold by 1 if no collisions occur for entire traversal
: represents our improvement as shown: represents our improvement with some modifications
: represents related work improvement
Tag
B-field
Inductive Coupling:Far-Field Propagation:
Future WorkField testing of Multi-tagsIdentifying new applications of Multi-tagsImproving hardware complexity of the algorithmDeveloping new efficient authentication algorithms
sin(90 )Voltage 2sin (90 )Voltage
0 0
2
0
2 cos
where: = frequency of the arrival signal = number of turns of coil in the loop
area in the loop in meters ( )= strength of the arrival signal
= angle of the arrival signal
V fNSB
fN
S mB
32.7
47.98
58.11
61.86
30
35
40
45
50
55
60
65
1 2 3 4
Number of Tags
Angl
e (in
Deg
rees
)
4 2
40[ (2 cos ) ( ) (2 cos ) ] /
2x x dx x x dx
2
0[ (2 cos ) ] /(2 )x x dx
Expected Absolute Voltage Increase Factor
1
1.9
2.482.66
1
1.631.571.37
1
1.5
2
2.5
3
1 2 3 4
Number of TagsIn
crea
se F
acto
r
Far-Field Propagation
Inductive Coupling
Expected Factor of Distance Increase
1
1.37
1.571.63
11.06 1.08 1.09
1
1.1
1.2
1.3
1.4
1.5
1.6
1.7
1 2 3 4
Number of Tags
Incr
ease
Fac
tor
Far-Field Propagation
Inductive Coupling
Reader Tag Eavesdropper
Backward Range
Forward Range
ONS ServerInfrastructure
ObjectServer
Server IP
Tag ID
ID Info
Tag IDTag ID
ONS Server
TagsReaderLocal Server
Random Number Generation Hardware
The voltage signal is amplified, disturbed, stretched, and sampled, resulting in random bits.
Properties Allows tags addition and removal from the systemProvides security against active eavesdroppersOffers security against active readersEnables dynamic tradeoff between security, privacy,
and singulation timeEffective against active attacks:
stealing a tag tracking and hotlisting
1 2 n
1, 2, ,, , ..., {0,1}kb b k bs s s
n1 {0,1}i
Rr 1ir
,,2 1 2, (0, , )i bii i i
i s ir b f r r
,*
1 2(1, , )i bii i
s if r r
n2 {0,1}i
Rr
Hello, rt
for 1 to i k
, 1 2(0, , )i bii i
s if r r check that
,*
1 2(1, , )i bii i
s if r r check that
Reader Tag
1r
0 1
1 1 2 1
1
(0,0, )(0,1, ) ', (0,2, ) ',(0, , ) 2, 3 secrets 2
k
k k
k
s
s s
i s i
ID f rf r t f r bf i r s i
1 1
2 1
1
(0,1, )(0,2, )(0, , )
k
k
k
s
s
i i s
t f rb f rs f i r
compute
Reader Tag
0 1(0,0, )ksf r ID check that
Tag1
Reader Tag1, Tag2
Tag2
Request
Data1, Power1
Tag2 Tag1Data2, Power2
Tag1: if(Data1 == Data2) { if(Power1 >= Power2) { Reader
Data1
}else { Reader
Data1, Error}
Tag2: Same procedure as Tag1(note: probability that the Power1 == Power2 is tiny)
}
Expected Relative Voltage Increase Factor
1.9
1.31
1.071.37
1.15 1.040.9
11.11.21.31.41.51.61.71.81.9
2
1 2 3
Number of Tags
Incr
ease
Fac
tor
Far-Field Propagation
Inductive Coupling
V
Random Bits
NoConnect
Expected Largest Angle of Incidence
www.cs.virginia.edu/robins
Leonid Bolotnyy and Gabriel RobinsLeonid Bolotnyy and Gabriel Robins
1 21, 2, ,, ,..., shared secrets family of pseudo-random functions
random number tree identifier tag's position in a tree
kb b k bs s sfrtb