How to improve security and reduce hardware demands of the WIPR RFID protocol

Abstract

In this paper, we analyze and improve WIPR, an RFID identification scheme based on public key techniques with efficient hardware implementation. First we analyze the security and privacy features of WIPR. We show that a reduced version of WIPR is vulnerable to short padding attacks and WIPR needs a random number generator with certain properties to withstand reset attacks. We discuss countermeasures to avoid these attacks. Then we propose two variants of WIPR, namely WIPR-SAEP and WIPR-RNS, to improve its security and to further reduce its hardware cost. Using an additional hash function, WIPR-SAEP achieves provable security in the sense that violating the security properties leads to solving the integer factoring problem. WIPR-RNS uses a residue number system (RNS) for computation, and reduces the hardware costs of WIPR. WIPR-RNS provides a better security guarantee than WIPR in that it does not use a non-standard cryptographic primitive in WIPR. WIPR-SAEP and WIPR-RNS can be combined into one scheme.