Radio frequency identification (RFID) consists of a tag and reader. The RFID system is used in various places, such as finding the location of devices and toll payment. In computer security, CIA (confidentiality, integrity, authentication) is the primary concern for RFID security. In existing scenario, there are various threats present in the RFID system such as de-synchronization attack, disclosure attack, tracking attack and so on. There are various threats that RFID systems are vulnerable to such as a de-synchronization attack, disclosure attack, dos attack, and tracking attack. This chapter discusses various attacks on the RFID system in terms of confidentiality, integrity, and availability as these devices contain a limited amount of memory and low power battery. Therefore, these devices need a lightweight solution for the RFID system. Hence, this chapter additionally discusses various authentication schemes such as lightweight scheme and ultra-lightweight scheme for RFID systems.
TopIntroduction
Internet of things (IoT) consists of various heterogeneous devices, i.e., sensor, tag, reader, barcode, smart card. These devices connect the network without human interaction. These devices contain an inadequate amount of memory and a smaller power battery. In 2017, 8.4 billion “things” are connected to the internet, and it will increase 20.4 billion in 2020. Thus, these huge devices create a large amount of power and communication data in the network. Hence, there are various lightweight protocols like low power personal area networks over IPv6 (6LowPAN), ZigBee. that are employed. IEEE 802.15.4 standard used by most of the sensors networks, which provide low power and low rate communication over the network.
Barcode labels can be used to identify the system. However, it contains low storage capacity and also not reprogrammable. RFID is used to identify an object in the network. In 2018, 76,644 million RFID tags sold in various industries like health care, retail. However, there are twenty-five billion NFC/HF RFID tags sold in 2018. The RFID system comprises two components tag and reader. The reader reads information from the tag and also processes this information. The reader stores various pieces of information like tag identification, security key. An RFID tag consists of two components, such as microchip and antenna. The RFID tags consist of four types of memory: reserved memory, electronic product code (EPC) memory, TID memory, and user memory.
There are three types of tags used in the RFID system, namely active tag, semi-passive tag, and passive tag. An active tag contains a battery that is used to communicate with the reader. These types of tags are costly than passive tags. Passive tags cannot contain a power battery. It receives power from the reader. Mainly, the passive tag can operate on three frequencies like low frequency, high frequency, and ultra-high frequency. The low frequency (LF) passive tag operates on 125 kHz to 134 kHz. It can operate from 1 cm to 10 cm and has a longer wavelength. High frequency (HF) passive tag can operate on 13.56 MHz frequency and sense up to 1 meter. Ultra-high frequency (UHF) tag can operate on 865 MHz to 960 MHz and also ranging from more than 1 meter. The passive tag use in the passport, electronic tolls, supply chains. Semi-passive tags contain a small power battery. When the semi-passive tags are not in the range of the reader, its usage its power. However, when the tags come in a range of the reader. Then, it receives power from the reader through an electric or magnetic field as similar to the passive tag (Finkenzeller, 2010). Fig. 1 describes various types of tags communicating to the RFID system.
There are various security issues in the IoT application, such as authentication, authorization, and privacy. There are various types of cryptography schemes uses in IoT security, such as public-key cryptography and symmetric-key cryptography. As, public-key cryptography schemes include RSA, Diffie-Hellman key exchange. However, these schemes require lots of bandwidth and power consumption. Due to this, the elliptic curve is introduced, which provides fewer communication steps than RSA, Diffie-Hellman. Symmetric key cryptographic schemes use simple bit-wise operation (XOR, OR, AND, Rotate), cyclic redundancy checksum, and symmetric encryption. Symmetric-key cryptography schemes require less power and communication steps than public-key cryptography.
Figure 1. Various types of RFID tag communicating on RFID system
This chapter consists of six sections. The first section describes the introduction of the RFID system. This section describes various types of RFID tags like active tags, passive tags, semi-passive tags. The second section presents analyses of various attacks possible on RFID systems such as eavesdropping, de-synchronization attack, disclosure attack, tracking attack, replay attack, denial of service attack. The fourth section presents an analysis of various security schemes like lightweight schemes (Liao et al., Zhao et al., Chen et al. etc.) and ultra-lightweight schemes (SASI, Gossamer, LMAP, SLAP, KMAP) for RFID system. These schemes provide mutual authentication and cryptographic algorithm for the RFID system. Section five contains the future scope for the RFID system. Section six presents the conclusion of the paper. The last section describes the overall conclusion of the entire paper.