• “So the threat to cryptography is well understood due to work by Peter Shor and others. A symmetric algorithm like AES or others standard crypto processes is cut (of) key-size in half, which is a dramatic reduction. ... For key management purposes, against the RSA and the Diffie-Hellman and stuff, they flat-line under a quantum computer.

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), Public Key Cryptography 30th Anniversary Conference, Dec 2006

    Read more...

  • "Given their power to intercept and disrupt secret communications, it is not surprising that quantum computers have the attention of various U.S. government agencies.  The National Security Agency, which supports research in quantum computing, candidly declares that given its interest in keeping U.S. government communications secure, it is loath to see quantum computers built. On the other hand, if they can be built, then it wants to have the first one.”

    Prof Seth Lloyd of MIT, MIT Review 2008

    Read more...

  • “Briefly and simply, assurance work makes a user or a creditor more confident that the system works as intended without flaws, without surprises, even in the presence of malice.” … “The major shortfall is absence of assurance or safety mechanisms in software.  If my car crashed as often as my computer does, I’d be dead by now.”

    Brian Snow, Former Technical Director of the US National Security Agency (NSA), "We need Assurance", AusCERT 2008

    Read more...
Home Resources Synaptic website articles Technologies: Semiconductor protection article: Synaptic offers most efficient solutions for RFID applications
article: Synaptic offers most efficient solutions for RFID applications
Synaptic website articles - Technologies: Semiconductor protection

The use of RFID devices has expanded into many applications but is severely hindered by low levels of consumer trust because:

  • there are no published, tested and cryptographically accepted standards for RFID security;
  • existing de facto standards for most commercially viable products offer very low security with only 40-64 bit key lengths. This is considered far below an acceptable standard - it is easily compromised by classical computers;
  • existing de facto standards are kept secret, arguably because they are insecure;
  • low security levels prevent development of global RFID applications which require better security; and
  • the current devices indiscriminately identify themselves.


Cryptographically secure passive RFID tag devices place extreme demands on current cryptographic and manufacturing technologies. Secured RFID technologies must:

  • be extremely compact in terms of chip area;
  • have very low power requirements;
  • deliver robust authentication technology.


Collision-resistant hash technologies are one of the slowest running symmetric cryptographic operations because they must protect against a wider range of attacks than block ciphers or stream ciphers.

Many security solutions have been proposed to solve the problem of RFID security. To date it has been impossible to design a commercially affordable, flexible, full-strength technology in a way that satisfies the demanding limitations of small RFID devices.  Most marginally secure, low circuit area attempts are broken very quickly.

Synaptic offers two alternative solutions for RFID security.

The VEST-4 solution

VEST has one of the highest security margins of any cipher claiming suitability for RFID, while maintaining a highly competitive footprint. VEST-4 (160-bit key, 160-bit collision-resistant hash, full 80-bit security) is specifically designed to satisfy the demands of RFID:

  • performs cryptographic authentication operations;
  • low in chip circuit area;
  • massive logic parallelism;
  • robust security margins; and
  • very low power.


VEST is one of the best available cryptographic solution for RFID and is without serious competition:

  • was the only (software or hardware) submission to ECRYPT eSTREAM competition that satisfies the full range of extreme design limitations of RFID;
  • supports unique per-chip cipher logic (family keying);
  • is globally published for world-wide cryptanalysis;
  • no security concerns against the phase 2.1 specifications and
  • delivers the internationally accepted 80-bit post quantum security (160-bit key/hash) minimum required for cryptographic systems.

The PQSDES solution

Many existing RFID devices have 8-bit micro controller units and hardware DES available. In these applications PQSDES offers a software upgrade path to achieve high speed collision resistant hash functions for authentication operations and support for digital signature algorithms without the need for an RSA or Elliptic Curve Cryptography coprocessor.

PQSDES is ideal in power constrained RFID environments because the micro controller and DES hardware engine have already been designed for operation in this environment. PQSDES is extremely power efficient because it performs all the complex cryptographic operations on the hardware power efficient DES circuit instead of performing all operations on the 8-bit CPU. This makes the device more responsive than when using software algorithms such as SHA which have been optimsed for excellent performance on 32-bit general purpose desktop environments. PQSDES is lower cost than SHA in hardware because it reuses the SRAM already available in the smart card processor. Because PQSDES takes advantage of the software processor a wide range of security strengths can be chosen from without modification of the smart card circuitry.

 
Last Updated on Tuesday, 06 January 2009 21:43