Illegal interrogation detectable products distribution scheme in RFID-enabled supply chains

Kentaro Toyoda, Iwao Sasase

Research output: Contribution to journalArticle

Abstract

In RFID-enabled supply chains, it is necessary to protect the contents of EPCs (Electronic Product Code) since an EPC contains sensitive information such as the product code and serial number and could be used for counterfeits. Although many protection schemes have been proposed, no scheme can limit the number of illegal attempts for discovering EPCs or notice whether an attacker exists. In this paper, we propose an illegal interrogation detectable products distribution scheme for RFID-enabled supply chains. The idea is to detect the attacker by forcing him/her to access an authentication server. Our scheme masks EPCs with random sequences. Masked EPCs are written into genuine tags on products while random sequences are placed on an authentication server with an access code. An access code is divided into shares with a secret sharing scheme and they are written into genuine tags. We also write bogus shares into extra offtheshelf tags that are not attached to any products. Since an attacker who wants to know genuine EPCs may obtain a large number of access code candidates and must try each on the authentication server, the server can detect the attacker.

Original languageEnglish
Pages (from-to)820-829
Number of pages10
JournalIEICE Transactions on Communications
VolumeE99B
Issue number4
DOIs
Publication statusPublished - 2016 Apr 1

Fingerprint

Radio frequency identification (RFID)
Supply chains
Servers
Authentication
Masks

Keywords

  • Honeypot
  • RFID-enabled supply chains
  • Security

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Computer Networks and Communications
  • Software

Cite this

Illegal interrogation detectable products distribution scheme in RFID-enabled supply chains. / Toyoda, Kentaro; Sasase, Iwao.

In: IEICE Transactions on Communications, Vol. E99B, No. 4, 01.04.2016, p. 820-829.

Research output: Contribution to journalArticle

@article{d05af6ad29f647469690d60a50415749,
title = "Illegal interrogation detectable products distribution scheme in RFID-enabled supply chains",
abstract = "In RFID-enabled supply chains, it is necessary to protect the contents of EPCs (Electronic Product Code) since an EPC contains sensitive information such as the product code and serial number and could be used for counterfeits. Although many protection schemes have been proposed, no scheme can limit the number of illegal attempts for discovering EPCs or notice whether an attacker exists. In this paper, we propose an illegal interrogation detectable products distribution scheme for RFID-enabled supply chains. The idea is to detect the attacker by forcing him/her to access an authentication server. Our scheme masks EPCs with random sequences. Masked EPCs are written into genuine tags on products while random sequences are placed on an authentication server with an access code. An access code is divided into shares with a secret sharing scheme and they are written into genuine tags. We also write bogus shares into extra offtheshelf tags that are not attached to any products. Since an attacker who wants to know genuine EPCs may obtain a large number of access code candidates and must try each on the authentication server, the server can detect the attacker.",
keywords = "Honeypot, RFID-enabled supply chains, Security",
author = "Kentaro Toyoda and Iwao Sasase",
year = "2016",
month = "4",
day = "1",
doi = "10.1587/transcom.2015ADP0008",
language = "English",
volume = "E99B",
pages = "820--829",
journal = "IEICE Transactions on Communications",
issn = "0916-8516",
publisher = "Maruzen Co., Ltd/Maruzen Kabushikikaisha",
number = "4",

}

TY - JOUR

T1 - Illegal interrogation detectable products distribution scheme in RFID-enabled supply chains

AU - Toyoda, Kentaro

AU - Sasase, Iwao

PY - 2016/4/1

Y1 - 2016/4/1

N2 - In RFID-enabled supply chains, it is necessary to protect the contents of EPCs (Electronic Product Code) since an EPC contains sensitive information such as the product code and serial number and could be used for counterfeits. Although many protection schemes have been proposed, no scheme can limit the number of illegal attempts for discovering EPCs or notice whether an attacker exists. In this paper, we propose an illegal interrogation detectable products distribution scheme for RFID-enabled supply chains. The idea is to detect the attacker by forcing him/her to access an authentication server. Our scheme masks EPCs with random sequences. Masked EPCs are written into genuine tags on products while random sequences are placed on an authentication server with an access code. An access code is divided into shares with a secret sharing scheme and they are written into genuine tags. We also write bogus shares into extra offtheshelf tags that are not attached to any products. Since an attacker who wants to know genuine EPCs may obtain a large number of access code candidates and must try each on the authentication server, the server can detect the attacker.

AB - In RFID-enabled supply chains, it is necessary to protect the contents of EPCs (Electronic Product Code) since an EPC contains sensitive information such as the product code and serial number and could be used for counterfeits. Although many protection schemes have been proposed, no scheme can limit the number of illegal attempts for discovering EPCs or notice whether an attacker exists. In this paper, we propose an illegal interrogation detectable products distribution scheme for RFID-enabled supply chains. The idea is to detect the attacker by forcing him/her to access an authentication server. Our scheme masks EPCs with random sequences. Masked EPCs are written into genuine tags on products while random sequences are placed on an authentication server with an access code. An access code is divided into shares with a secret sharing scheme and they are written into genuine tags. We also write bogus shares into extra offtheshelf tags that are not attached to any products. Since an attacker who wants to know genuine EPCs may obtain a large number of access code candidates and must try each on the authentication server, the server can detect the attacker.

KW - Honeypot

KW - RFID-enabled supply chains

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=84963998000&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84963998000&partnerID=8YFLogxK

U2 - 10.1587/transcom.2015ADP0008

DO - 10.1587/transcom.2015ADP0008

M3 - Article

AN - SCOPUS:84963998000

VL - E99B

SP - 820

EP - 829

JO - IEICE Transactions on Communications

JF - IEICE Transactions on Communications

SN - 0916-8516

IS - 4

ER -