1. Home
  2. Embedded Programming
  3. Authentication Algorithm for embedded RFID device

Authentication Algorithm for embedded RFID device

Hi All,

I need to write algorithm (to code later in C) for an embedded RFID device. I have a reader and a tag and I want to authenticate that the tag is an original one ( there is no need to authenticate the reader for the tag).

To do so the tags will have a secret number that is know in advance to the reader. The secret number will be put in manufacturing.

The authentication will be as follow:

  1. The reader will send a random number to the tag.
  2. The tag will do a certain algorithm with his secret number and the random number and will send the result to the reader.
  3. The reader will authenticate the return number and will send an ACK.
  4. The tag will then send is ID number, (The ID number is not the secret number, the secret number is never transmitted between the tag and the reader)

I need to fine a good and simple algorithm (for 8 bit microcontroller with low power) to do the work as describe in stage 2.

Any suggestion? Any useful links? Source code? BTW if you have a better scenario to achieve the authentication I'll be happy to read about.

Thanks in Advance Roy

Reply to
freewind
Loading thread data ...

AES can be implemented in an 8-bit micro and may provide enough security for you. Look at the Linux CryptoAPI sources.

Reply to
larwe

Lookup "asymmetric key exchange". A standard procedure in the internet. Perhaps "SSL" could also be looked up.

Rene

--
Ing.Buero R.Tschaggelar - http://www.ibrtses.com
& commercial newsgroups - http://www.talkto.net
Reply to
Rene Tschaggelar

A related idea is one which has been used many times to do exactly what you want using Two linear feedback shift registers,the first LFSR is seeded with the remote tags serial number and the reader can verify the authenticity of the tag using a simple challenge/response algo the lfsr can be thought of as producing a destinct sequence for each challenge from the reader.This is basically the algo used in car alarm key fobs.I cannot remember the name of the company which has patented the basic technique at the moment sorry.

Reply to
Jezwold

A modern and strong algorithm for an 8 bit processor is AES (Advanced Encryption Standard) ,see

formatting link
It may be an advantage to load all the subkeys, in stead of having a key scheduler. RC5 may also be a suitable candidate.

There seems to be a flaw in the protocol, because after the reader sends the ack, a rogue tag may answer, because the steps in the protocol are not linked. A solution may be: reader sends random challenge to the tag , tag aswers with: encrypted(challenge concatenated with serial number) reader (this may also satisfy groups worried about privacy ;-) reader decrypts response and if the returned challenge is the same, the reader accepts the serial number

See the work of Burrows Needham and Abadi e.g.

formatting link
for the design of authentication protocols

See the work of Ross Anderson

formatting link
for technical papers and juicy stories of protocol failures

Success, Wim Ton

Reply to
Wim Ton

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.