Forge-resistant radio-frequency identification tags for secure internet of things applications

Aim: Internet of Things (IoT) represents a key aspect within several application domains, and it enables growing opportunities for both organizations and end-users. Radio-frequency identification tags are probably the most relevant enabling solution for ubiquitous IoT systems and are often seen as a prerequisite for IoT itself. In this study, we analyzed one of the most promising radio-frequency identification tags to determine whether or not it represents a viable solution for secure IoT applications. Methods: The study was conducted relying on an Android OS application developed within our laboratories, which helped us to inspect the chip and describe its logical data structure. We studied the capabilities of the tag in relation to the application protocol data unit it supports, and we described the cryptographic protocols with which it is equipped. Results: This tag is resistant to forging activities, and it also preserves confidentiality and authenticity on exchanged data. We discussed several known privacy and security patterns that may be addressed relying on the tag we focused on and we underlined some deficiencies concerning chip cloning attack. Again, secure dynamic messaging and mirroring allow the surpassing of several privacy limitations. Conclusion: In this paper we investigated the capabilities of the NT4H2421Gx tag. The deep Android inspection performed on the tag showed that it represents an option to rely on when we need to design secure IoT applications.