Design of an Authentication Protocol for Secure Electronic Seals
Electronic seal is an electronic device to check the
authenticity and integrity of freight containers at the point of arrival.
While RFID-based eSeals are gaining more acceptances and there are
also some standardization processes for these devices, a recent
research revealed that the current RFID-based eSeals are vulnerable to
various attacks. In this paper, we provide a feasible solution to
enhance the security of active RFID-based eSeals. Our approach is to
use an authentication and key agreement protocol between eSeal and
reader device, enabling data encryption and integrity check. Our
protocol is based on the use of block cipher AES, which is reasonable
since a block cipher can also be used for many other security purposes
including data encryption and pseudo-random number generation. Our
protocol is very simple, and it is applicable to low-end active RFID
eSeals.
[1] World Shipping Council, International Mass Retail Association, and
National Industrial Transportation League, "In-Transit Container Security
Enhancement", 2003.09.09
[2] John F. Frittelli, CRS Report for Congress "Port and Maritime Security:
Background and Issues for Congress", 2005.03.10.
[3] ISO/PAS 17712, "Freight containers - Mechanical seals", 2003.10.01
[4] Michael Wolfe, North River Consulting Group, "Electronic Cargo Seals:
Context, Technologies, And Marketplace", 2002.07.12
[5] ISO/DIS 18185-1, "Freight containers - Electronic seals - Part
1:Communication protocol", 2005.04.28
[6] ISO 18185-2, "Freight containers - Electronic seals - Part 2:Application
requirements", 2005.04.28
[7] ISO 18185-3, "Freight containers - Electronic seals - Part
3:Environmental characteristic", 2005.04.28
[8] ISO 18185-4, "Freight containers - Electronic seals - Part 4:Data
Protection", 2005.08.31
[9] ISO/DIS 18185-7, "Freight containers - Electronic seals - Part 7:Physical
layer", 2005.04.28
[10] National Institute of Standards and Technology, FIPS PUB 197,
"Advanced Encryption Standard (AES)", November 2001
[11] Motorola, Inc., "Second report of detailed container use cases and
deficiencies in the ISO 18185-1, ISO 18185-7, and ISO 18000 standard",
2005.07.17
[12] National Institute of Standards and Technology, FIPS PUB 113,
"Standard on Computer Data Authentication", May 1985.
[13] J. Arkko and H. Haverinen, "Extensible Authentication Protocol Method
for 3rd Generation Authentication and Key Agreement (EAP-AKA)",
2004.12.21
[1] World Shipping Council, International Mass Retail Association, and
National Industrial Transportation League, "In-Transit Container Security
Enhancement", 2003.09.09
[2] John F. Frittelli, CRS Report for Congress "Port and Maritime Security:
Background and Issues for Congress", 2005.03.10.
[3] ISO/PAS 17712, "Freight containers - Mechanical seals", 2003.10.01
[4] Michael Wolfe, North River Consulting Group, "Electronic Cargo Seals:
Context, Technologies, And Marketplace", 2002.07.12
[5] ISO/DIS 18185-1, "Freight containers - Electronic seals - Part
1:Communication protocol", 2005.04.28
[6] ISO 18185-2, "Freight containers - Electronic seals - Part 2:Application
requirements", 2005.04.28
[7] ISO 18185-3, "Freight containers - Electronic seals - Part
3:Environmental characteristic", 2005.04.28
[8] ISO 18185-4, "Freight containers - Electronic seals - Part 4:Data
Protection", 2005.08.31
[9] ISO/DIS 18185-7, "Freight containers - Electronic seals - Part 7:Physical
layer", 2005.04.28
[10] National Institute of Standards and Technology, FIPS PUB 197,
"Advanced Encryption Standard (AES)", November 2001
[11] Motorola, Inc., "Second report of detailed container use cases and
deficiencies in the ISO 18185-1, ISO 18185-7, and ISO 18000 standard",
2005.07.17
[12] National Institute of Standards and Technology, FIPS PUB 113,
"Standard on Computer Data Authentication", May 1985.
[13] J. Arkko and H. Haverinen, "Extensible Authentication Protocol Method
for 3rd Generation Authentication and Key Agreement (EAP-AKA)",
2004.12.21
@article{"International Journal of Electrical, Electronic and Communication Sciences:50777", author = "Seongsoo Park and Mun-Kyu Lee and Dong Kyue Kim and Kunsoo Park and Yousung Kang and Sokjoon Lee and Howon Kim and Kyoil Chung", title = "Design of an Authentication Protocol for Secure Electronic Seals", abstract = "Electronic seal is an electronic device to check the
authenticity and integrity of freight containers at the point of arrival.
While RFID-based eSeals are gaining more acceptances and there are
also some standardization processes for these devices, a recent
research revealed that the current RFID-based eSeals are vulnerable to
various attacks. In this paper, we provide a feasible solution to
enhance the security of active RFID-based eSeals. Our approach is to
use an authentication and key agreement protocol between eSeal and
reader device, enabling data encryption and integrity check. Our
protocol is based on the use of block cipher AES, which is reasonable
since a block cipher can also be used for many other security purposes
including data encryption and pseudo-random number generation. Our
protocol is very simple, and it is applicable to low-end active RFID
eSeals.", keywords = "Authentication, Container Security, Electronic seal,RFID", volume = "1", number = "10", pages = "1431-5", }