GJTE-Vol(2)-Issue(4)

April 2015

ISSN: 2393-9923

Global Journal of Trends in Engineering

Extended Security and Power Optimized NFC Tag with Flexible

Architecture
1

K.Durga Prasad , K.Miranji

PG Scholar, Dept of Electronics and Communication Engineering, SIR C R Reddy College of engineering, Eluru, India
Assistant Professor, Dept of Electronics and Communication Engineering SIR C R Reddy College of engineering, Eluru, India
E-mail Id: prasadkollu425@gmail.com, miranji.katta@gmail.com

ABSTRACT: This paper presents the design and implementation of a complete near-field communication (NFC) tag
system that supports high-security features. With recent advancement in Radio Frequency Identification (RFID)
technology, in addition to reduction in cost of each unit, security has emerged as a major concern. Since an RFID tag has
limited resources like memory, power and processing capabilities. All components have been highly optimized to meet
the fierce requirements of passively powered RFID devices. This paper investigates some relevant RFID encryption
algorithms and their possible implementations with respect to security, cost and performance. A survey and brief
comparison of the algorithms are performed and the Modified Tiny Encryption Algorithm (MTEA) is selected as a
feasible solution for encryption and decryption with an acceptable level of security. The variable key scheme (MTEA) is
proposed which uses for RFID tag to overcome the security weakness of AES (128) and ECDSA algorithm against
attacks. In this paper implementation of variable key scheme (MTEA) RFID Tag using VHDL. Simulations corroborate
the functionality of the protocols and the two techniques are compared in terms of timing, cost, security and performance.
Potential improvements to enhance the security and strengthen RF communication during authentication are explored.
Keywords: 8-b microcontroller, advanced encryption standard (AES), elliptic curve cryptography near-field
communication(NFC), radio-frequency identification (RFID), VLSI design, MTEA, Variable key scheme crypto unit .
I. INTRODUCTION
Radio Frequency Identification (RFID) is a rapidly developing field and technology that emerged in the last decade this
technology is employed by using implantable microchip devices also known as RFID tags. Applications such as electronic
passports, logistics, animal identification, and car immobilizers already make use of this technology. A widely-used datatransmission standard based on RFID Technology is near-field communication. One of the best ways to provide security and
privacy measures is through an authentication process. Authentication is an assurance of the identity of an entity at the other
end of communication channel. There are various authentication schemes or protocols such as password Protection which is
an example of a weak authentication and strong authentication schemes such as those based on a challenge and response
concept. Many RFID authentication protocols use cryptographic techniques to protect messages exchanged over a radio
frequency interface from eavesdropping.
An RFID tag has limited features which include minimal memory resources and power capabilities. Transponders are
attached to a small antenna to transmit and receive radio waves and are equipped to operate in a wide range of frequencies
from low frequency (120 KHz) to ultra high frequency (960 MHz). They are usually classified as active and passive tags,
depending on their available resources. Active tags possess a battery and higher processing abilities as opposed to passive tags
which have very limited resources and no battery. A passive tag derives its power from the radio waves generated by the
reader during interrogation. Due to their restricted capabilities passive tags warrant encryption algorithms with minimal
computational complexity. In addition to the tag and the reader, the entire system comprises a backend server that is
employed to store all vital information including details of all tags being used. In difference to other published platforms with
similar characteristics [1, 2, 3], the Demo Tags are available for research purposes without any restrictions. They completely
implement the mandatory functionality of the communication standard. Therefore, the Demo Tags allow more flexibility for
selection of the reader platform for prototyping. In this paper, we present the design and implementation of a security-enabled
NFC tag with flexible architecture The CRYPTA tag (Cryptographic Protected Tags for new RFID Applications) operates at
a carrier frequency of 13.56 MHz and works fully passively. We target a low-area design that requires as little resources as
possible such that the tag production does not exceed the practical limits of a possible commercial launch. In this paper
proposed new crypto unit. This Crypto unit is variable key scheme by using modified tiny encryption algorithm (MTEA).The
MTEA algorithm is lightweight consuming minimal resource. The proposed RFID tag security is extended by using variable
key scheme crypto unit.
The remainder of this paper is organized as follows. Section II provides an overview of the CRYPTA tag and describes the
supported functionality. Detailed information about the tag architecture is given in Section III, Detailed information about
proposed variable key scheme crypto unit is given in section IV. The simulation outputs are in section V. Conclusions are
drawn in Section VI.
60

GJTE-Vol(2)-Issue(4)

April 2015

ISSN: 2393-9923

Global Journal of Trends in Engineering

II. CRYPTA TAG
This section gives a brief overview of the CRYPTA tag and its main components. We describe the functionality that is
provided by the tag, explain which parts are realized in hardware and which in software, and outline the typical life cycle of
the tag. An overview of the architecture of the CRYPTA tag is given in Fig. 1. The tag mainly consists of an analog frontend
and a digital part. The analog front-end is connected to an antenna and is responsible for demodulating and modulating data,
extracting the power supply, and providing stable clock signal as well as a reset signal. Attached to the analog front-end is the
digital part, which processes the received (demodulated) data, performs the requested actions, and prepares the data for the tag
response. The digital part consists of: a low-resource 8-b microcontroller, a framing logic (FL), a crypto unit (CU), and a
memory unit. The central element is the microcontroller that steers all operations on the tag. The microcontroller has its
program stored in an internal read-only memory (ROM) and communicates via an advanced microcontroller bus architecture
(AMBA) bus with the FL and the memory unit. The FL is connected to the analog front-end and provides a byte interface for
the microcontroller. Moreover, the FL also handles low-level commands (basic tag functionality) that are time-critical. Highlevel commands (advanced tag functionality) that have increased control complexity are handled by the microcontroller.
Cryptographic operations, such as signing of messages or encrypting of data are processed within the Crypto unit that is
accessed by the microcontroller via micro-code patterns. Volatile memory (RAM) for storing temporary results, nonvolatile
memory (EEPROM) for permanently storing data in files, and memory for storing constants (ROM) are located in the
memory unit.
III. TAG ARCHITECTURE
In the following, we describe the individual hardware components of the CRYPTA-tag architecture in detail, shown in fig.1
which is: analog front-end, FL, 8-b microcontroller, and crypto unit. This section gives a brief overview of the CRYPTA tag
and its main components. We describe the functionality that is provided by the tag. An overview of the architecture of the
CRYPTA tag is given in Fig. 1.The tag mainly consists of crypto unit is provided security to NFC tag.
Analog Front-End
The analog front-end extracts the tags power supply from the RF field and provides an interface for the digital part (data,
clock, reset).

Fig.1: CRYPTA tag architecture

Main building blocks of the analog frontend, as shown in Fig. 2, are: a limiter, a rectifier, a storage capacitor CS, a regulator, a
power-on-reset (POR) circuit, a clock-extraction circuit, a demodulator, and a modulator. The analog front-end is connected
to a coil antenna that is receptive for the 13.56-MHz RF field emitted by the reader. In order to protect the input of the analog
front-end from too large voltages at the antenna, a limiter is used. The limiter starts drawing current when the antenna voltage
increases (similar to a shunt regulator). For extracting the power supply of the tag, the voltage from the antenna is first fed into
the rectifier and buffered by a storage capacitor before it goes through the regulator that keeps the supply voltage at a constant
value.

Fig. 2: Analog front end

61

GJTE-Vol(2)-Issue(4)

April 2015

ISSN: 2393-9923

Global Journal of Trends in Engineering

This reset signal activates the other components of the analog front-end and also the digital part. The clock signal for the
digital part is directly extracted from the RF field via the clock-extraction circuit.Hence; the tag operates synchronously with
the RF field via the clock-extraction circuit. Hence, the tag operates synchronously with the RF field.For receiving data from
the reader, a demodulator is used.
The demodulator has an envelope detector integrated as the reader data is amplitude modulated on the RF signal. The output
of the demodulator provides a clean digital signal that can be further processed by the FL. For transmitting data to the reader
that comes from the FL, a modulator is used. The modulator switches impedance in step with the data that needs to be
transmitted, resulting in a classical load modulation.
Framing logic
The FL is some kind of serial-to-parallel interface that handles also basic tag functionality. Fig.3 sketches the architectural
overview of the FL with the following main blocks: receive-and-transmit (RxTx) unit, control unit, and AMBA interface. The
RxTx unit is the interface between the serial data signals of the analog front-end and the parallel data signals of the control
unit. Additionally, the RxTx unit receives a clock signal from the analog front-end, which is used to extract a bit-clock signal
that is provided to the microcontroller and the other components of the tags digital part.

Fig. 3: FL Architecture
Incoming serial data from the analog front-end is first sampled by the RxTx unit, decoded into bits, transformed to byte data,
and checked for integrity (parity bits and CRC). Byte-level data coming from the control unit is appended with a checksum,
encoded, and then transmitted bit-by-bit to the analog front-end. The RxTx unit is also responsible for proper timing of the tag
response, which needs to be transmitted within certain time slots. The control unit steers the RxTx unit
as well as the AMBA interface and handles also the initialization and anti-collision phase of the tag (basic tag functionality).
When data coming from the microcontroller needs to be transmitted by the FL, it is first placed in the FIFO buffer and then
forwarded by the control unit to the RxTx unit.
For connecting the FL with the AMBA bus, the AMBA interface is used. Although the data width of the AMBA bus is 16 b,
only the lower 8 b is used by the FL, since it operates on byte level. The AMBA interface also contains a status register that
provides information about the internal state of the FL and a configuration register that allows the microcontroller to adjust
various parameters. Both registers can be accessed by the microcontroller via the AMBA bus. Besides the AMBA bus, some
additional direct signals are shared between FL and the microcontroller to speed up communication.
8-b Microcontroller
An overview of the microcontroller architecture is depicted in Fig.4. The design uses a Harvard architecture, which has the
advantage that data memory (8 b) and program memory (16 b) can have different word sizes. When the ALU performs
arithmetic and logical operations on a byte (8-bits) at an instruction, the microcontroller is an 8-bit microcontroller. The
internal bus width of 8-bit microcontroller is of 8-bit.

62

GJTE-Vol(2)-Issue(4)

April 2015

ISSN: 2393-9923

Global Journal of Trends in Engineering

Fig.4: Microcontroller architecture.

There are mainly two categories of processors, namely, Von-Neumann (or Princeton) architecture and Harvard Architecture.
These two architecture differ in the way data and programs are stored and accessed.
Microcontrollers based on the Von-Neumann architecture have a single _data_ bus that is used to fetch both instructions and
data. Program instructions and data are stored in a common main memory. When such a controller addresses main memory, it
first fetches an instruction, and then it fetches the data to support the instruction. The two separate fetches slows up the
controllers operation the Von-Neumann Architecture. The Von-Neumann architectures main advantage is that it simplifies
the microcontroller design because only one memory is accessed. In microcontrollers, the contents of RAM can be used for
data storage and program instruction storage.
Microcontrollers based on the Von-Neumann architecture have a single _data_ bus that is used to fetch both instructions and
data. Program instructions and data are stored in a common main memory. When such a controller addresses main memory, it
first fetches an instruction, and then it fetches the data to support the instruction. The two separate fetches slows up the
controllers operation the Von-Neumann Architecture. The Von-Neumann architectures main advantage is that it simplifies
the microcontroller design because only one memory is accessed. In microcontrollers, the contents of RAM can be used for
data storage and program instruction storage.
Microcontrollers based on the Harvard Architecture have separate data bus and an instruction bus. This allows execution to
occur in parallel. As an instruction is being pre-fetched, the current instruction is executing on the data bus. Once the
current instruction is complete, the next instruction is ready to go. This pre-fetch theoretically allows for much faster
execution than Von-Neumann architecture, on the expense of complexity. The Harvard Architecture. The Harvard
Architecture executes instructions in fewer instruction cycles than the Von-Neumann architecture. There are several reasons
why using an 8-b data path width for the microcontroller of our CRYPTA tag is beneficial. First, using a smaller data path
width reduces the area of the microcontroller core and also lowers the power consumption. Although a larger data path width
(e.g., 16 or 32 b) typically allows a more efficient handling of data (i.e., with less instructions), this no longer holds true when
using a microcontroller mainly for control tasks. Instructions are executed within a two-stage pipeline that consists of a fetch
and a decode execute step. First, the instruction that is addressed by the 12-b PC is loaded from the program ROM into the
instruction decode unit. Then the instruction is decoded by the instruction decode unit and executed by the ALU. The
microcontroller supports 31 instructions, which can be divided into four groups: logical operations (AND, XOR), arithmetic
operations (ADD, SUB), control-flow operations (CALL, RET), and an operation for executing micro-code patterns (MICRO
instruction). In order to reduce overhead, no interrupts are supported, which means that polling has to be implemented when
waiting for an event.
Memory Unit
The memory unit consists of three memory types that are RAM, ROM, and EEPROM. They are addressable using a 16-b
linear dual-port memory space. The 12816-b dual-port RAM has been realized using a dedicated macro block. This
significantly reduces the chip area and production costs, respectively, as compared to a standard-cell based RAM. A dual-port
RAM showed to be advantageous since it allows reading of two words within one clock cycle. Also writing into one port and
reading from the other is possible. This fact decreases the execution time of modular multiplication significantly. Also the size
of the RAM, namely 128 16 b, is advantageous since the data path also has a width of 16 b. pseudo random number
63

GJTE-Vol(2)-Issue(4)

April 2015

ISSN: 2393-9923

Global Journal of Trends in Engineering

generator (PRNG) to derive the random numbers from the seed. When used in a commercial product, the PRNG should be
replaced by a true random Number generator to ensure a maximum level of security.
IV. PROPOSED NFC TAG USING VARIABLE KEY SCHEME CRYPTO UNIT
The many possible attacks to an RFID system have been considered and presented. This proposition utilizes XTEA to provide
security against a few attacks. The XOR is already proved as an excellent function to encrypt values with minimal
computations. The connection between the reader and the database is secure. The tag and the reader communicate over the
vulnerable wireless medium. It is assumed that the tag is equipped to perform encryption/decryption using XTEA and the
XOR operation.
If it is possible to embed XTEA in an RFID chip, it is also meant to give an indication of whether it will be possible to embed
public key algorithms into RFID chips. The implementation of XTEA only makes use of one addition each cycle, while
public key algorithms like RSA uses more extensive operations (such as power functions).

Fig.5: Components and Their Interface for Variable Keys Authentication

The scheme is implemented using VHDL simulate the interaction between the reader and tag using the variable keys protocol
for authentication Shown in fig.5.Two separate components are designed i.e. Reader and Tag and encapsulated by a top-level
block There are some signals that form the interface between the two modules, which are used to emulate the behavior of the
system in an RF environment.
The top-level design instantiates these components and facilitates the behavior of the entire system with internal signals and
feedback. Simulation waveforms illustrate the functionality of the system in addition to the timing behavior. Two assumptions
are made in the design of the system. First, due to the Complexity of the system, a random Number
Generator is not used. Random number generators can be implemented as a look-up table in HDL, but for purposes of
simulation and testing, a random number is chosen and applied to the system (e.g. the case where a random number is to be
generated by tag and the case where a new key is to be computed by the reader as a random number). The new key generated
by the reader can be implemented using many widely used techniques such as a hash function, complex random number
generating scheme, by using XOR functions or a combination of them depending on the level of security desired. Since this is
ultimately implemented in software on a real RFID system, it can be designed to handle much more computational
complexity than the tag and is easier to implement using software. A separate technique to employ this in hardware is not
developed here; rather a number is chosen at random to simulate a new key generated from a reader or back-end database.
Secondly, for simplicity, it is also assumed that the reader performs functions of the back-end database (such as ID
verification and random number generation).
V. SIMULATION RESULT
The Near-Field Communication tag using variable key scheme crypto unit written in VHDL, compiled and simulation using
ISEsim in XILINX 12.1. The circuit simulated and synthesized. The simulated result for reader and tag.
Block diagram

64

GJTE-Vol(2)-Issue(4)

April 2015

ISSN: 2393-9923

Global Journal of Trends in Engineering

Fig .6 variable key schemes RFID Tag RTL Schematic

Technology Schematic

Fig.7: variable key schemes RFID Tag Technology Schematic

Device Summary of RFID Tag

65

GJTE-Vol(2)-Issue(4)

April 2015

ISSN: 2393-9923

Global Journal of Trends in Engineering

Fig.8: Variable Key Schemes RFID Tag Device Summary

Variable Key Schemes RFID Tag Simulation Result
The PID of the tag is defined as a 64-bit value of 0x123456789abcdef.
The key used for the initial session of the protocol is a 128-bit value defined as
Ox00112233445566778899aabbccddeeff.
The random number used by the reader is a 64-bit value of Ox00000028 or 40.The number of rounds used for all
encryption and decryption procedures at the reader and the tag are fixed to Ox00000032 or 50 rounds.
The new key generated is a value of0x34676398ad9c23ef814574346613712b which is a random number

Fig.9: NFC Tag Simulation Result

VI. CONCLUSION
In this paper, we presented a flexible NFCtag architecture that provides extended security features using variable key scheme
crypto unit. This crypto unit is using XTEA algorithm which is light weight consuming minimal resource of protocols.
Performance and feasibility to be adopted as an industry standard. In order to find use in credit-card transactions and other
such high risk applications it is essential to strengthen security by developing robust techniques in algorithms and
authentication procedures in RFID systems.
ACKNOWLEDGMENT
I express my sincere thanks to my guide K.Miranji Assistant Professor, Dept of ECE.SIR C R Reddy College of Engineering,
Eluru, for their valuable guidance and useful suggestions, which helped me in the project work.
REFERENCES
[1] ThomasPlos, Michael Hutter Security-Enabled Near-Field Communication Tag With Flexible Architecture
Supporting Asymmetric Cryptography, IEEE Transactions ON (VLSI) SYSTEMS, VOL. 21, NO. 11,
NOVEMBER 2013.
[2] L. Batina, J. Guajardo, T. Kerins, N. Mentens, P. Tuyls, and I. Verbauwhede,Public-key cryptography for RFIDtags, in Proc. RFIDsec,2006, pp. 116.
66

GJTE-Vol(2)-Issue(4)

April 2015

ISSN: 2393-9923

Global Journal of Trends in Engineering

[3] Information Technology - Identification Cards - Integrated Circuit(s) Cards with Contacts - Part 4: Interindustry
Commands for Interchange,ISO/IEC Standard 7816-4, 1995.
[4] T. Eisenbarth, S. Kumar, C. Paar,, "A Survey of Lightweight-Cryptography Implementations", Special Issue on
Secure ICs for Secure Embedded Computing, IEEE Design & Test of Computers, vol. 24, no. 6, Nov. 2007, pp.
522-533.
[5] P. Israsena, "On XTEA-based Authentication/Encryption Core for Wireless Pervasive Communication",
International Symposium on Communications and Information Technologies, Bangkok, Thailand, Sept. 2006, pp.
59-62
[6] P. Israsena, "Design and Implementation of Low Power Hardware Encryption for Low Cost Secure RFID using
TEA", Pro c. International Conference on Information and Communication Systems, Bangkok, Thailand, Dec.
2005, pp. 1402-1406
[7] A. V. Reddy, A Cryptanalysis of the Tiny Encryption algorithm , Master of Science, The university of Alabama,
2003.
[8] Y. Choi, S. Han, S. Shin, "A design of e-ID authentication protocol in Gen2environment" 1 01h International
Conference on Advanced Communication Technology, Phoenix Park, Korea, Feb. 2008, vol. 1, pp. 246- 251.
[9] M. Feldhofer, M. J. Aigner, M. Hutter, T. Plos, E. Wenger, and T. Baier, Semi-passive RFID development
platform for implementing and attacking security tags, in Proc. Int. Conf. RISC, 2010, pp. 16.
[10] Xiang Zhang; Baciu, G, "Low Cost Minimal Mutual Authentication Protocol for RFID", IEEE International
Conference on Networking, Sensing and Control, Sanya,China, Apr. 2008, pp. 620-624.
[11] D.J. Wheeler, R. M. Needham, "TEA, a tiny encryption algorithm", in the Proc.Fast Software Encryption: Second
International Workshop, Lecture Notes in Computer Science, vol. 1008, Leuven, Belgium, Dec. 1994, pp. 363-366.
[12] Identification Cards - Contactless Integrated Circuit(s) Cards Proximity Cards - Part 4: Transmission Protocol,
ISO/IEC Standard 14443-4,2008
[13] S. Weis, S. Sarma, R. Rivest and D. Engels, "Security and Privacy Aspects of LowCost Radio Frequency
Identification Systems", ls1 International Conference on Security in Pervasive Computing, Springer, Berlin,
Germany, Mar. 2003, LNCS vol. 2802, pp.201- 212.
Bibliographies
Mr. K.Durga Prasad received B.Tech degree in Electronics and communication from Swarnandhra
Engineering College, Narsapure, Jawaharlal Nehru technological university, Kakinada, in 2013.Currently
pursuing M.Tech in VLSI Design from Sir C R Reddy College of Engineering, Eluru, India

Mr.Miranji katta received the B.Tech degree in Electronics and communication from Jawaharlal Nehru
technological university, Hyderabad, India, in 2007, and the M.Tech degree in Embedded Systems from
Jawaharlal Nehru technological University, Kakinada, in 2011.His research interests include low-power
computing, real-time embedded systems, and operating systems.

67