Upload
alirezasargazizade
View
322
Download
1
Tags:
Embed Size (px)
DESCRIPTION
This powerpoint presents the design and implementation of a complete near-field communication (NFC) tag system that supports high-security features. The tag design contains all hardware modules required for a practical realization, which are: an analog 13.56-MHz radio-frequency identification (RFID) front-end, a digital part that includes a tiny (programmable) 8-b microcontroller, a framing logic for data transmission, a memory unit, and a crypto unit. All components have been highly optimized to meet the fierce requirements of passively powered RFID devices while providing a high level of flexibility and security. The tag is fully compliant with the NFC Forum Type-4 specification and supports the ISO/IEC14443A (layer 1–4) communication protocol as well as block ransmission according to ISO/IEC 7816. Its security features include support of encryption and decryption using the Advanced Encryption Standard (AES-128), the generation of digital signatures using the elliptic curve digital signature algorithm according to NIST P-192, and several countermeasures against common implementation attacks, such as side-channel attacks and fault analyses. The chip has been fabricated in a 0.35-µm CMOS process technology, and requires 49 999 GEs of chip area in total (including digital parts and analog front-end). Finally, we present a practical realization of our design that can be powered passively by a conventional NFC enabled mobile phone for realizing proof-of-origin applications to prevent counterfeiting of goods, or to provide location-aware services using RFID technology.
Citation preview
Security-Enabled Near-Field Communication Tag With Flexible
Architecture SupportingAsymmetric Cryptography
AliReza SargaziZadeGraduate University of Advanced Technology
IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS, VOL. 21, NO. 11, NOVEMBER 2013
Thomas Plos, Michael Hutter, Martin Feldhofer, Maksimiljan Stiglic, and Francesco Cavaliere
Introduction
CRYPYA Tag
Life Cycle of the Tag
Tag Architecture
Implementation Result
Conclusion
Introduction
• What is RFID ?
• Radio Frequency IDentification (RFID)
• Wireless communication and automatic
identification technology
ReaderPassive Tag3
4
• What is NFC ?
• Near Field Communication (NFC)
• Standards-based on RFID , short-range wireless
connectivity technology
Introduction
5
• Cryptographic Protected Tags for new RFID
Applications
• The security-enabled NFC tag supports strong
authentication Features :
• AES-128 symmetric cryptography
• Digital signing of data using the elliptic curve digital
signature algorithm (ECDSA) asymmetric cryptography
• Hashing of data using SHA-1
CRYPTA Tag
6
• Standard Compliance :
• Is compliant with NFC Forum Type-4 specification
• Uses the ISO/IEC 14443A protocol standard for communication
• Basic tag functionality
• Advanced tag functionality :
• Security and file-management features and is based on a
block-transmission protocol.
CRYPTA Tag
7
• 1- Tag Production
• 2- Personalization
• 3- User Application
Life Cycle of the CRYPTA Tag
8
• Tag Production :
• Writes A unique identifier(UID) & temporary AES
key to the EEPROM.
• The UID is fixed.
• The temporary AES key is sent together with the
Tag to the product manufacturer.
Life Cycle of the CRYPTA Tag
9
• Personalization :
• The temporary AES key is replaced with the one
selected by the product manufacturer.
• For ECDSA, a private key and a public-key
certificate are stored on the tag.
• finished by enabling a special lock bit.
Life Cycle of the CRYPTA Tag
10
• User Application :
• Download Application from the web page of the
manufacturer.
• The application verifies the validity of the public-
key certificate on the tag.
Life Cycle of the CRYPTA Tag
11
• Cryptographic Protected Tags for new
RFID Applications
CRYPTA Tag Architecture
12
• Framing logic
CRYPTA Tag Architecture
The FL is connected to the Analog front-end.
provides a byte interface for the microcontroller.
handles low-level commands.
13
• Framing Logic :
Tag Architecture
14
• Microcontroller
CRYPTA Tag Architecture
program stored in an Internal read-only memory(ROM)
communicates via an Advanced microcontroller bus architecture
(AMBA) bus with The FL and the memory unit.
15
• 8-bit Microcontroller :
• Low Chip area
• Low power consumption
• The microcontroller supports
31 instructions
Tag Architecture
16
• Memory unit
CRYPTA Tag Architecture
Volatile memory (RAM) for storing temporary results
Nonvolatile memory (EEPROM) for permanently storing data in files
Read Only Memory (ROM) for storing constants
17
• Cryptographic unit
CRYPTA Tag Architecture
Cryptographic operations :
signing of messages
encrypting of data
18
• Crypto Unit :
Tag Architecture
19
AES
20
• AREA OF CHIP COMPONENTS:• 21% : Analog front-end and the FL
• 19% : The microcontroller
• 15% : The CU
• 44% : The memory
Implementation Results
21
• DISTRIBUTION OF ROM CODE :• 38% : CU , 766 instruction
•Instructions :
• 60% : control operations
• 10% : data-flow oriented operations
Implementation Results
22
• In this paper :
• presented a flexible NFC-tag architecture that provides enhanced
security features using symmetric as well as asymmetric
cryptography.
• showed that significant resources can be saved by applying a
microcontroller-based architecture instead of using a finite-state
machine-based controlling.
Conclusion
23
• Thomas Plos, Michael Hutter, Martin Feldhofer, Maksimiljan Stiglic, and Francesco Cavaliere,
“Security-Enabled Near-Field Communication Tag With
Flexible Architecture Supporting Asymmetric Cryptography”in
IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS, VOL. 21, NO. 11, NOVEMBER 2013
• Feldhofer, M., Dominikus, S., Wolkerstorfer, J.: “Strong Authentication for RFID
Systems Using the AES Algorithm”In: Joye, M., Quisquater, J.-J. (eds.) CHES
2004. LNCS, vol. 3156, pp. 357–370. Springer, Heidelberg (2004), http://
springerlink.metapress.com/content/26tmfjfcju58upb2/fulltext.pdf , doi:10.1007/b99451
• M. Hutter, M. Feldhofer, and J. Wolkerstorfer, “A cryptographic processor for
low-resource devices: Canning ECDSA and AES like
sardines,”in Information Security Theory and Practice. Security and Privacy of Mobile Devices in Wireless
Communication, vol. 6633. New York: Springer-Verlag, 2011, pp. 144–159
References