Need UMl diagrams and documentaion...

Thanks in advance...



Regards,

Sathya.K
Chennai

please send the uml diagram for a GEN2 based rfid authentication protocol

please send the uml diagram for a gen2 based RFID authentication protocol

pls anyone help me by providing the project implementation of Gen-2 based RFID authentication protocol for security and privacy

UML diagrams for RFID authentication protocol

[attachment=9880]
A Gen2-Based RFID Authentication Protocol for Security and Privacy
Introduction
 Radio frequency identification
 A Gen2-Based RFID
 Authentication Protocol
 Advantages
Radio Frequency Identification
 “RFID” could be applied to systems in use for more than sixty years.
 RFID transponders, or tags, carry object identifying data. This data may include the
manufacturer, brand, model and a unique serial number.
 The first radio identification technology was the “Identify Friend or Foe” system used in Allied aircraft.
 RFID tags consist of a small microchip attached to an antennae or other coupling element.The tag communicates via radio frequencies (RF) with a transceiver, or tag reader.
A Gen2-Based RFID
 Gen-2 RFID tag is passive, meaning that it receives power supply from readers.
 Gen-2 RFID tag communicates with RFID readers in UHF band (800-960 MHz) and its communication range can be up to 2 ~ 10m.
 Gen-2 RFID tag supports on-chip Pseudo-Random Number Generator (PRNG) and Cyclic Redundancy Code (CRC) computation.
 Gen-2 RFID 's privacy protection mechanism is to make the tag permanently unusable once it receives the kill command with a valid 32-bit kill PIN
Authentication Protocol
Pseudo-random Number Generator:
 Gen-2 standard requires only 16-bit pseudo-random number, the security margin of a security protocol using such PRNG is usually bounded by 2-16.
 We suggest that Gen-2 standard should support 32-bit PRNG to take full advantage of 32-bit PIN currently supported by Gen-2 specification. Otherwise, XORing two halfs of a 32-bit PIN with the same 16-bit PIN.
CRC Checksum:
 In EPC global Class-2 Gen-2 specification, a 16-bit CRC checksum is used to detect error in transmitted data and the corresponding CRC polynomial of degree 16.
 If CRC is setup properly, we can expect that the probability of collision on n-bit CRC checksum.
Advantages
 Accountability and Access Control: The approach enables easy accountability and access control because the backend server is in charge of looking up object information so it can decide who can get which information as well as some statistics.
 Reader-to-Tag Authentication: It is obvious that tag querying will happen most frequent. And because reader needs to contact the backend server in order to learn useful information about an object, there is no need for Reader-to-Tag authentication in this case. Instead, we can require reader to authenticate to the backend server before sending a meta-ID.
CONCLUSION
 We proposed a lightweight authentication protocol based on Gen2 to resist various attacks.
 The proposed tag uses no cryptographic function, and hence, is suitable for low-cost RFIDs. Without changing the protocol flow of Gen2, the existing reader can read both Gen2 tags and Gen2þ tags.
 Gen2þ provides sufficient security level for real-world settings. We analyzed the number of rounds required and the period of key update for practical deployment

[attachment=14706]
Abstract
EPCglobal Class-1 Generation-2 specification (Gen2 in brief) has been approved as ISO18000-6C for global use, but the
identity of tag (TID) is transmitted in plaintext which makes the tag traceable and clonable. Several solutions have been proposed
based on traditional encryption methods, such as symmetric or asymmetric ciphers, but they are not suitable for low-cost RFID tags.
Recently, some lightweight authentication protocols conforming to Gen2 have been proposed. However, the message flow of these
protocols is different from Gen2. Existing readers may fail to read new tags. In this paper, we propose a novel authentication protocol
based on Gen2, called Gen2þ, for low-cost RFID tags. Our protocol follows every message flow in Gen2 to provide backward
compatibility. Gen2þ is a multiple round protocol using shared pseudonyms and Cyclic Redundancy Check (CRC) to achieve readerto-
tag authentication. Conversely, Gen2þ uses the memory read command defined in Gen2 to achieve tag-to-reader authentication.
We show that Gen2þ is more secure under tracing and cloning attacks.
Index Terms—Protocol design and analysis, security, privacy.
1 INTRODUCTION
RADIO Frequency Identification (RFID) tags for the
function of next-generation electronic product code
(EPC) will become one of the most widely used devices
in the near future [1]. An RFID application contains three
basic roles:
1. tag,
2. reader, and
3. back-end database.
Each tag contains a unique identification, often called
the tag identification (TID). The reader is used to query the
tag’s TID and forward it to the back-end database. Once the
tag is found valid, the back-end database will look up its
product information for further processing. RFID tags are
classified into three types: active, semipassive, and passive.
Active tags contain batteries so that they can actively
communicate with the reader. Semipassive tags also contain
batteries but they wait for the reader’s query. As for passive
tags, the power comes from the reader. The class of a tag
represents the effective reading range. The reading range of
a class-0 tag is 5-10 cm, and that of a class-1 tag is up to
several meters.
EPCglobal class-1 generation-2 (Gen2 in brief) [2] was
approved as ISO18000-6C in July 2006. It is widely believed
that Gen2 tags will be the mainstream when developing
RFID applications because the effective reading range is
larger. However, the Gen2 specification has the vulnerability
that the TID is transmitted without any guard. Thus,
in this paper, we focus on the protection of class-1 passive
tags from being accessed by malicious readers.
1.1 Security Threats
Previous studies [1], [3], [4], [5], [6], [7] addressed several
threats to RFID applications:
. Eavesdropping: An adversary listens to all the communications
through Radio Frequency (RF) and
dumps them for later cracking.
. Hotlisting: This attack, similar to eavesdropping,
focuses on matching specific values with his chosen
keywords to understand one’s personal interests,
like his favorite books or his reading behavior.
. Replay attack: An attacker repeats the same messages
logged from eavesdropping to spoof a reader or tag.
. Cloning: Since RFID tags are usually placed in open
environments such as hospitals, schools, and offices,
they may be exposed under all kinds of malicious
tools. An adversary can read the tag and then clone
the tag by writing all the obtained data into a
blank tag.
. Tag tracing: Readers and tags have different abilities
of sending data. Attackers can either identify the
same tag from passively logged messages or interact
actively with the tag to understand its location.
. Invading privacy: Customers may not want eavesdroppers
to know what items they have bought from
the store, which may indicate their interests.
. Data forging: Once RFID technology becomes the
mainstream of retailing, a tag may store extra data
such as date, price, and the place of production for
convenience. However, this also attracts attackers to
modify the price and cause great loss.
. Denial of service: It is an effective attack against some
RFID systems, which utilize locking or killing
approach as their protection. Even though this is
the weakest test when designing secure protocols,