We present a dynamic key generation method, KeyQ, for establishing shared secret keys in EPCglobal Generation 2 (Gen2) compliant systems. Widespread adoption of Gen2 technologies has increased the need for protecting communications in these systems. The highly constrained resources on Gen2 tags limit the usability of traditional key distribution techniques. Dynamic key generation provides a secure method to protect communications with limited key distribution requirements. Our KeyQ method dynamically generates fresh secret keys based on the Gen2 adaptive Q algorithm. We show that the KeyQ method generates fresh and unique secret keys that cannot be predicted with probability greater than 10-250 when the number of tags exceeds 100.

Security plays an important role in several ZigBee applications such as Smart Energy and medical sensor applications. For a secure communication among ZigBee devices, a secret key should be shared among any two ZigBee devices using the Key Distribution protocol. Recently, Yüksel and Nielson proposed a new Key Distribution protocol for ZigBee addressing the security weaknesses of the original ZigBee Key Distribution protocol. In this letter, it is shown that their protocol is not secure against a key de-synchronization attack, and a security-enhanced Key Distribution protocol is newly proposed and analyzed in terms of security.

Authenticated Key Establishment (AKE) protocols enable two entities, say a client (or a user) and a server, to share common session keys in an authentic way. In this paper, we review the previous AKE protocols, all of which turn out to be insecure, under the following realistic assumptions: (1) High-entropy secrets that should be stored on devices may leak out due to accidents such as bugs or mis-configureations of the system; (2) The size of human-memorable secret, i.e. password, is short enough to memorize, but large enough to avoid on-line exhaustive search; (3) TRM (Tamper-Resistant Modules) used to store secrets are not perfectly free from bugs and mis-configurations; (4) A client remembers only one password, even if he/she communicates with several different servers. Then, we propose a simple leakage-resilient AKE protocol (cf.[41]) which is described as follows: the client keeps one password in mind and stores one secret value on devices, both of which are used to establish an authenticated session key with the server. The advantages of leakage-resilient AKEs to the previous AKEs are that the former is secure against active adversaries under the above-mentioned assumptions and has immunity to the leakage of stored secrets from a client and a server (or servers), respectively. In addition, the advantage of the proposed protocol to is the reduction of memory size of the client's secrets. And we extend our protocol to be possible for updating secret values registered in server(s) or password remembered by a client. Some applications and the formal security proof in the standard model of our protocol are also provided.