EDP Topic GK02:
Authentication and Secure Data Exchange for Smart RF (Tag/Card) System

Faculty Lab Coordinator

G. Khan

Faculty Advisor

Same as FLC

Topic Category

uP/Instrumentation, Networking, Software

Preamble

The project explores the possibility of wireless data communication using WIFI, RFID or NFC (Near Field). The wireless communication is between a smart tag/card (such as e-health card) and a server. The data communication process between the smart card and server will include an initial authentication step to provide authorization to begin the transmission of personal data that is located at a smart card or tag. The project will assess the security exposures of the process to minimize the intercepting and hacking of data during data exchange. This includes but not limited to looking into ISO/IEC 15693 and 18000 standards as well as smart card technology (ISO/IEC 7816 and ISO/IEC 14443) to find the optimal and secure way for wireless private data transfer containing personal and/or medical information. A prototype will be built to confirm and demonstrate the findings related to authentication and data security.

Objective

This project focuses on wireless data communication using RFID/WIFI from personal devices to wireless infrastructures and/or between personal wireless devices which includes devices with and without a power source. The data communication process will have an authentication step to begin authorization of the transmission of data located on a device. This project will address the security concerns of RF data communication and different types of wireless and other technologies such as cryptographic functions.

Partial Specifications

1. Investigation of state of the art authentication techniques.
2. Purpose and implement secure data transfer methodology over unsecure RF channels.
3. Design and implement a prototype RF wireless system consisting of various
devices such as, smart card or RFIS tag, RF reader or server and adversary
wireless devices.
4. Implement a suitable mutual authentication technique for data transfer.
5. Demonstrate a secure data transfer in the presence of malicious third part
devices.

Suggested Approach

1. Investigate and study mutual authentication techniques
2. Study some candidate cryptographic functions and investigate their usage in terms of software and hardware implementations.
3. Study RFID systems for its suitability in this application.
4. Identify light-weight authentication techniques for RFID or similar wireless systems.
5. Study various types of third party attacks during authentication and secure data exchange
5. Establish a prototype RF (wireless system) to implement some candidate authentication methods.
6. Implement your authentication methodologies and verify their viability.
7. Test the system security by exposing it to various types of malicious attacks.

Group Responsibilities

1. Investigate and study mutual authentication techniques, cryptographic functions and smart RF systems suitable for the application.
2. Study various types of third party attacks during authentication and secure data exchange
3. Select some light-weight authentication techniques for RFID or similar wireless systems for implementation.
4. Develop a prototype RF (wireless system) by using various off-the-shelf wireless devices such as RFID readers, Zigbee devices, etc.
5. Implement some promising authentication methodologies and verify their viability for the application.
6. Test the system security by exposing it to various types of malicious attacks.

Student A Responsibilities

1. Investigate and study mutual authentication techniques and smart RF systems suitable for the application.
2. Study various types of third party attacks during authentication and secure data exchange
3. Select some light-weight authentication techniques for smart card wireless systems.
4. Develop a prototype RF (wireless system) by using off-the-shelf RFID devices.
5. Implement a promising authentication methodology on an RFID system and verify its viability for the application.
6. Test the system security by exposing it to various third part attacks.

Student B Responsibilities

1. Investigate and study various ciphers or cryptographic functions such as hash functions, XTEA, etc that are suitable for the application.
2. Study secure data exchange methodologies over an unsecure channel.
3. Select some light-weight authentication techniques for a suitable RFID system implementation.
4. Develop a prototype RF (wireless system) by using various off-the-shelf Zigbee wireless devices.
5. Implement a promising authentication methodology on the Zigbee systems and verify its viability for the application.
6. Test the system security by exposing it to various unsecure conditions.

Student C Responsibilities

1. Combine the investigation results from student A and B to indentify the best mutual authentication technique and cipher for implementation.
2. Identify the best secure data exchange methodology over an unsecure channel.
3. Identify a light-weight authentication protocol for RFID systems and Zigbee type implementation.
4. Test the prototyped RF (wireless system) by using various system testing methods.
5. Implement the authentication protocol and verify its suitability.
6. Test the system security by exposing it to various malicious 3rd party attacks.
7. Setup a demo system with the help of student A and B.

Course Co-requisites

COE768, COE718