Authors: Seongsoo Park, Mun-Kyu Lee, Dong Kyue Kim, Kunsoo Park, Yousung Kang, Sokjoon Lee, Howon Kim, Kyoil Chung

Abstract:

Electronic seal is an electronic device to check the authenticity and integrity of freight containers at the point of arrival. While RFID-based eSeals are gaining more acceptances and there are also some standardization processes for these devices, a recent research revealed that the current RFID-based eSeals are vulnerable to various attacks. In this paper, we provide a feasible solution to enhance the security of active RFID-based eSeals. Our approach is to use an authentication and key agreement protocol between eSeal and reader device, enabling data encryption and integrity check. Our protocol is based on the use of block cipher AES, which is reasonable since a block cipher can also be used for many other security purposes including data encryption and pseudo-random number generation. Our protocol is very simple, and it is applicable to low-end active RFID eSeals.

Keywords: Authentication, Container Security, Electronic seal, RFID

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1055571

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1848

References:

[1] World Shipping Council, International Mass Retail Association, and National Industrial Transportation League, "In-Transit Container Security Enhancement", 2003.09.09
[2] John F. Frittelli, CRS Report for Congress "Port and Maritime Security: Background and Issues for Congress", 2005.03.10.
[3] ISO/PAS 17712, "Freight containers - Mechanical seals", 2003.10.01
[4] Michael Wolfe, North River Consulting Group, "Electronic Cargo Seals: Context, Technologies, And Marketplace", 2002.07.12
[5] ISO/DIS 18185-1, "Freight containers - Electronic seals - Part 1:Communication protocol", 2005.04.28
[6] ISO 18185-2, "Freight containers - Electronic seals - Part 2:Application requirements", 2005.04.28
[7] ISO 18185-3, "Freight containers - Electronic seals - Part 3:Environmental characteristic", 2005.04.28
[8] ISO 18185-4, "Freight containers - Electronic seals - Part 4:Data Protection", 2005.08.31
[9] ISO/DIS 18185-7, "Freight containers - Electronic seals - Part 7:Physical layer", 2005.04.28
[10] National Institute of Standards and Technology, FIPS PUB 197, "Advanced Encryption Standard (AES)", November 2001
[11] Motorola, Inc., "Second report of detailed container use cases and deficiencies in the ISO 18185-1, ISO 18185-7, and ISO 18000 standard", 2005.07.17
[12] National Institute of Standards and Technology, FIPS PUB 113, "Standard on Computer Data Authentication", May 1985.
[13] J. Arkko and H. Haverinen, "Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA)", 2004.12.21