Analysis and improvement of a pseudorandom number generator for EPC Gen2 tags

J. Melia-Segui*, J. Garcia-Alfaro, J. Herrera-Joancomarti

*Corresponding author for this work

Research output: Contribution to journalArticleResearchpeer-review

34 Citations (Scopus)


The EPC Gen2 is an international standard that proposes the use of Radio Frequency Identification (RFID) in the supply chain. It is designed to balance cost and functionality. The development of Gen2 tags faces, in fact, several challenging constraints such as cost, compatibility regulations, power consumption, and performance requirements. As a consequence, security on board of Gen2 tags is often minimal. It is, indeed, mainly based on the use of on board pseudorandomness. This pseudorandomness is used to blind the communication between readers and tags; and to acknowledge the proper execution of password-protected operations. Gen2 manufacturers are often reluctant to show the design of their pseudorandom generators. Security through obscurity has always been ineffective. Some open designs have also been proposed. Most of them fail, however, to prove their correctness. We analyze a recent proposal presented in the literature and demonstrate that it is, in fact, insecure. We propose an alternative mechanism that fits the Gen2 constraints and satisfies the security requirements.

Original languageAmerican English
Pages (from-to)34-46
Number of pages13
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Publication statusPublished - 2010


Dive into the research topics of 'Analysis and improvement of a pseudorandom number generator for EPC Gen2 tags'. Together they form a unique fingerprint.

Cite this