Anti-counterfeiting ISO 15693 RFID Solutions

11th International Conference on DEVELOPMENT AND APPLICATION SYSTEMS, Suceava, Romania, May 17-19, 2012
Anti-counterfeiting ISO 15693 RFID Solutions
Involving Authentication and Traceability Using
Symmetric and Asymmetric Cryptography
Marius CERLINCĂ, Cristina TURCU, Tudor CERLINCĂ, Remus PRODAN, Valentin POPA
Stefan cel Mare University of Suceava, 720229, Romania
[email protected]
Abstract — When dealing with subjects as anticounterfeiting of goods using authentication and traceability it
seems that RFID technology has all the advantages over
traditional barcode technology. While in shops and
supermarkets it seems that the barcode technology is still a
winner and hard to replace due to it’s current spread and low
cost advantages, the RFID solutions seems to be more adequate
for supply-chain management specific issues. Current RFID
solutions for supply-chain management are using the new EPC
Gen2 RFID standard that uses UHF and is not available to
ISO15693 or any other RFID standard. In this paper we will
describe how an anti-counterfeiting solution can be
implemented
using
the
ISO15693
standard
and
symmetric/asymmetric cryptography.
Index Terms — RFID, anti-counterfeiting, authentication,
traceability, cryptography.
I. INTRODUCTION
“Current batch recall practice is expensive and difficult,
since many supply chain partners need to combine the data
from their ERP systems. Radio Frequency Identification
(RFID) can be used to efficiently implement batch recalls,
e.g. by storing batch numbers from the parts/ingredients
used in all manufacturing steps. But this raises concerns on
industrial privacy, since competitors could use this
information to gain insight into the whole supply chain.“ [1]
The anti-counterfeiting solution we will describe was a
result of our attempt to meet the specifications of a research
project called ATPROD.
Ensuring the authenticity and determining the route
followed by a product can be done by implementing a
production management system using RFID technology and
extending its use to the place of trading.
There are currently many flow management systems in
manufacturing and transport of goods, but the chain is not
complete because usually the points of sale and service are
missing from the logical chain and from the databases
attached.
This paper presents a reliable and low cost anticounterfeiting solution based on RFID technology both for
goods authentication and traceability while ensuring a
database for distribution control (Fig. 1).
Moreover, to eliminate doubts regarding the transport or
storage of products in poor conditions, the system is
providing solutions for monitoring ambient parameters like
temperature, information obtained throughout the transport
or storage of goods, and storing them in memory of active
RFID tags.
Adequate traceability of product information will be read
and write at each distribution point or retail store. Thus, the
final consumer will get a product with an RFID tag attached
that contains all essential information regarding the product
as well as all traceability information including the final
retail store and service points. Customers can check all this
information using a portable RFID reader or a smartphone.
The system allows clients to register as the owner of the
labeled products. Thus, a product can be authenticated by
three means quickly accessible to every user:
 authentication at the level of product label (using a
hologram or other traditional authentication
elements);
 authentication at the level of electronic RFID chip
accompanying the product, which contains
information on traceability and source of the product;
 authentication using the web site the system provides,
based on unique product ID code, in order to
compare the information from the producer database
with the one inside the electronic RFID chip.
Fig. 1. General architecture of a supply chain
This way the system ensures maximum safety, drastic
reduction of opportunities for products piracying, increasing
the client safety regarding the origins of purchased goods
and providing a modern management and tracking system of
goods.
II. BIDIRECTIONAL INFORMATION FLOW SCENARIO
Bidirectional information flow between manufacturer,
distributor and retailers is (shown in Fig. 2) contains the
following steps to ensure traceability:
1. Product labeling at the manufacturer level and writing
the RFID label with initial data. Introducing products in
RFID labeled packages, writing the initial data related to
current package. Package ID is associated with the product
codes in the package. The updating of producer’s database
will be made using the package unique ID until the retail
sale of products inside. The product information is stored in
175
11th International Conference on DEVELOPMENT AND APPLICATION SYSTEMS, Suceava, Romania, May 17-19, 2012
the transponder memory and also in the goods database of
the manufacturer.
2. Upon delivery from the manufacturer’s warehouse of
finished products, current date and warehouse’s ID will be
written into RFID tag memory. Information is transmitted
via the Internet to the manufacturer’s database server.
3. When entering the warehouse, information from
package’s label will be read and will be sent to the
manufacturer’s server. Data about entering current
warehouse will be written into the RFID tags of the package
and products inside it. When exiting from the warehouse,
information regarding the package will be read from
attached tag and will be sent to the manufacturer database
server. Information about exiting the current warehouse will
be written into package and products RFID tags.
4. If there are more distributors in the chain, all steps
presented previously will be repeated for each storehouse.
5. When entering the retailer’s warehouse information
from the package’s RFID tag will be read and sent to the
manufacturer’s database server. Data about entering the
retailer’s warehouse will be written in package and products
tags. Products will be unpacked and the package label will
be destroyed and the database server of the manufacturer
will be informed.
6. When selling the products authentication will be
performed using an application that can run both on PC’s
and PDA’s that have attached an RFID reader. After selling
the product the database server of the manufacturer will be
informed again. Trying to sell a product with the same ID or
cloned RFID tag will trigger a message at the manufacturer
level. Moreover, the failed authentication process will
inform the manufacturer that a counterfeit product was
introduced in the chain.
7. For certain products such as foods and drugs, an active
temperature RFID tag can be used for packages. Data about
ambient conditions will be sent also to the manufacturer’s
database server. Temperature RFID tags can be reused.
Fig. 2. Bidirectional information flow between manufacturer, distributor and retailers
III. THE PROBLEM(S)
While trying to research and develop a safe anticounterfeiting solution that involves both authentication and
traceability we encountered a multitude of problems such as:
 low memory space available on RFID labels;
 authenticating the RFID tags;
 privacy issues while trying to keep some information
public and some private;
 tag cloning as a threat to uniqueness;
 encryption
and
hash
functions
algorithms
inappropriate for RFID technology (with respect to
point 1 above);
 reading all tags within a package.
176
P1. Low memory space available on RFID labels: current
affordable RFID tags have maximum memory size
around 8 kbit. Taking into consideration the proposed
solution (see section V) we had to minimize the
amount of data written on labels.
P2. Authenticating the RFID tags (see also [2] and [3]):
in order to be sure that a product is genuine we had to
identify a solution for authenticate the RFID tags.
Using just the unique ID of the RFID tag isn’t
enough due to cloning issues (see point 4). Using of
current modern hash functions is not a solution due to
large size of the result (see points 1 and 5).
P3. Privacy issues while trying to keep some information
public and some private: while traceability requires
some information to be made public this will always
raises concerns on industrial privacy, since
11th International Conference on DEVELOPMENT AND APPLICATION SYSTEMS, Suceava, Romania, May 17-19, 2012
competitors could use this information to gain insight
into the whole supply chain. [1]
P4. Tag cloning: “Cloning of RFID tags can lead to
financial losses in many commercial RFID
applications. There are two general strategies to
provide security: prevention and detection. [4]” Our
proposed solution (see section V) is taking into
consideration both prevention and detection by
means of asymmetric cryptography and not only.
P5. Encryption and hash functions algorithms
inappropriate for RFID technology (Table 1):
 current
standard
symmetric
encryption
algorithms are using 64 (DES) or 128 (AES) bits
while current ISO 15693 block data is 32 bits;
 current
standard
asymmetric
encryption
algorithm (RSA) has 512 bits as minimum size
of RSA key, also not acceptable from our point
of view. (see [5]) ;
 current hash algorithms are using 128 (MD5) or
at least 160 (SHA series) bits outputs.
2.
3.
4.
written.
When exiting the manufacturer site, some
information about the date (and not only) should be
written.
Each time a package with products inside enters a
warehouse the tag should be authenticated and some
new information about entering into the facility and
the current date should be written.
When entering the retail store the package and all its
products should be authenticated and some
information should be written. The package’s RFID
tag should be destroyed.
Taking into consideration the process described above we
proposed a tag structure like the one below (Fig. 3):
TABLE I. CRYPTOGRAPHIC ALGORITHMS FACTS
Algorithm
Min. key size
Output
Type
(bits)
(bits)
DES
64 (56)
64
Symmetric
AES
128
128
Symmetric
RSA (.NET)
512
512
Asymmetric
MD5
128
Hash function
SHA-1
160
Hash function
SHA-2
224
Hash function
P6. Reading all tags within a package: due to current
technological limitations of RFID technology there
are some problems in being sure whether or not all
tags inside a cardboard package were read. We
proposed a simple solution that should solve the
problem (see section V).
IV. OTHER SOLUTIONS
One solution that already uses advanced encryption
algorithms is RFID tags that are using EPC Gen2 protocol
[6]. Due to high costs of such an implementation and the
RFID protocol imposed (ISO 15693), EPC Gen 2 UHF
cannot be used a solution for problems listed on section IV.
Some authors proposed some alternative solutions that
may be used in RFID cryptography. One very good solution
seems to be described by Leonardo Weiss Ferreira Chaves
and Florian Kerschbaum in “Industrial Privacy in RFIDbased Batch Recalls”[1], but there is not much about
authentication and/or traceability in their solution, but much
about the encryption itself.
Another solution that is based on Florian Hess algorithm
is described in “Implementation of ID-Based Signature in
RFID System” [7] but their solution is inappropriate for our
problems due to large number of bits needed to be written
on the RFID tags each time: about 170 bits long.
V. OUR SOLUTION
Before presenting the solution we propose, let’s take a
look at the RFID tag writing and reading process:
1. First, when the logical tag is created at manufacturer
level, some authentication information should be
Fig. 3. Simplified view of RFID tag structure
Our practical solutions that are covering all problems
described in section III involves:
S1. Use of a simplified digital signature computed from
unique ID of RFID tag and unique ID of the
manufacturer (4/8 bits) described also in [2] and [3].
This will cover the authentication issue (P2), low
177
11th International Conference on DEVELOPMENT AND APPLICATION SYSTEMS, Suceava, Romania, May 17-19, 2012
memory issue (P1), 4 byte writing/reading issue(P5)
and tag cloning issues (P4);
S2. All information related to manufacturer and
warehouses will be encrypted only using a
symmetric encryption algorithm like SKIP32 or
Blowfish-32. This way at least some concerns
related to industrial privacy should be covered (P3)
and also low space and ISO 15693 reading/writing
issue (P5);
S3. All information related to current / entering / exiting
date and time will be encrypted using RSA 32
asymmetric encryption algorithm. We had to
develop so called RSA 32 in order to cover the
reading/writing issue (P5).
The key management algorithm for the symmetric
and asymmetric algorithms is like follows:
 all public keys of warehouses and final retail
store will be known by the manufacturer;
 each warehouse will know only the public key
of the next warehouse in the chain;
 each manufacturer / warehouse / retail store
will keep secret his private symmetric key and
his private asymmetric key.
Using the encryption algorithms and keys as
described above will solve the problems related to
privacy issues (P3) and tag cloning issues (P4).
S4. In order to solve the RFID reading issue (P6) we are
proposing the use of a simple linked circular list (see
Fig. 4) that involves additional data to be written on
RFID tag’s memory (no more than 1 byte). If the
RFID reader does not read all tags at first, then the
package that contains the product should be rotated /
moved until all tags had be read and the logical
circular list has been completed.
somebody wants to insert a fake package / product in the
chain. There are only two possibilities to do it:
 at warehouses level: this will be detected
immediately when exiting the warehouse’s gates
because all information here are sent to the
manufacturer database;
 at transportation level: this will be detected
immediately as a package / product enters next
warehouse / retail store; moreover, the detection will
take place at the manufacturer’s database level also.
Our solution is covering the most important issues related
to RFID technology when dealing with industrial chains (see
section III):
 low memory space available on RFID labels: covered
by using 32 bit digital signature mechanism and
encryption algorithms: RSA 32 for asymmetric
encryption and SKIP32 / Blowfish-32 for symmetric
encryption;
 authenticating the RFID tags: use of the simplified
digital signature;
 privacy issues: use of symmetric encryption when
desired;
 tag cloning: see anti-counterfeiting coverage;
 encryption
and
hash
functions
algorithms
inappropriate for RFID technology and reading all
tags within a package issues: use of 32 bit
authentication / encryption algorithms.
ACKNOWLEDGMENTS
This work was supported in part by the Romanian
Ministry of Education and Research under Grant named
“ATPROD – Integrated System for Authenticity Control and
Verification of Products” 12-082/ 01.10.2008.
REFERENCES
[1]
[2]
[3]
Fig. 4. Simple linked circular list using RFID tags.
[4]
[5]
VI. CONCLUSIONS
As a result of our researches we are proposing some
simple and practical solutions for the issues related to
authentication, anti-counterfeiting and traceability issues
when dealing with an industrial / commercial chain.
Authentication is covered using a simplified digital
signature (S1). Traceability is provided by the manufacturer
database and the entering / exiting tag writing system.
Anti-counterfeiting is covered both by authentication and
traceability means and not only. Let’s suppose that
[6]
[7]
178
Industrial Privacy in RFID-based Batch Recalls, Leonardo Weiss
Ferreira
Chaves,
SAP
Research,
Karlsruhe,
Germany,
[email protected], Florian Kerschbaum, SAP
Research, Karlsruhe, Germany, [email protected].
HL7 Messaging Engine with Customizable Translation System,
Advances in Electrical and Computer Engineering, Volume 10, Issue
2, Year 2010, On page(s): 98 - 101, ISSN: 1582-7445, e-ISSN: 18447600 Marius CERLINCA, Cristina TURCU, Tudor CERLINCA,
Remus PRODAN.
The Real Potential of an RFID_B2B Integrated Application,
Development and Application Systems, 22-24 May, 2008,
SUCEAVA, Romania, Pages: 253-260, Marius CERLINCA, Cornel
TURCU, Tudor CERLINCA, Remus PRODAN, Felicia GIZA,
Alexandru GOLOCA.
Securing RFID systems by detecting tag cloning, Mikko Lehtonen,
Daniel Ostojic, Alexander Ilic and Florian Michahelles.
Current State of Cryptography and Design of an Online Storage
System, December 14, 2009, Master’s Thesis in Computing Science,
Tommy Jonsson
The security of EPC Gen2 compliant RFID protocols, Mike
Burmester (Department of Computer Science, Florida State
University, Tallahassee) and Breno de Medeiros (Information
Security Consultant, Santa Clara)
Implementation of ID-Based Signature in RFID System, Piseth Ith,
Yoshihito Oyama, Atsuo Inomata and Eiji Okamoto