One-Time Codes in RFID

Abstract

One time codes, originated from the works of Vernam (Vernam cipher (1917)), and Capt Joseph Maubourne around the same time. They have been used in military for the highest secret communications. One-time codes are the most secure means of encryption. They were proven to be ideal secret codes by Shannon (1949). When using one-time codes, both the sender and the receiver must use the same key sequence, which must be destroyed after the message is decrypted, and a new key sequence used for the next message. As the one-time code can only be used once, and the generation of the code must be truly random, it is not practically feasible to use one-time codes for heavy traffic applications. In such high traffic application a pseudo-random but cryptographically secure code sequence is used. In day to day operations such as internet banking and other applications where multiple users generate requests, one-time codes or any variant would not be scaleable due to the high volume of transacting sessions. Hence, in internet banking and other applications, public key cryptography is used where users mutually agree to some key exchange protocol and the public key decryption process is computationally intractable (to the intruder). Also in most circumstances such internet traffic is hard wired, and in some limited cases part wireless, employing well defined mobile, bluetooth wireless security protocols. Such systems, while lightweight, are not suitable for RFID, as they require greater computational power. In RFID systems, due to the publicly available wireless medium information, and shorter lifetime, one-time codes would be ideal for security. In RFID systems, one-time codes require simple xor operations for encryption and decryption. A perfect random code generator is practically infeasible, but a stream cipher such as RC4, which has a very long period time (101000) is a sound option. Stream ciphers use LFSR (Linear Feedback Shift Registers). Quantum cryptography based on quantum states of electrons, photons, and other subatomic particles, can generate random sequences and hence be used to generate one-time codes. Radio astronomy based noise from distant galaxies is another source of random codes, assuming that both the sender and receiver are very well synchronized. The receiver must be informed of the pattern, or perhaps obtain the pattern at the same time say from the same physical source. Another source of random codes is based on the Internet. Synchronization, to the specific one-time code by both sender and receiver is crucial. There is considerable scope for research in the generation, synchronization, recovery methods, of one-time codes.\r\nThis paper proposes a new RFID system that can be used in security and authentication applications, based on one-time codes. Many of the definitions in this document have come from Wikipedia (http://en.wikipedia.org/), and are licensed under the GNU Free Documentation License.