Chinese Internet of Things security test technology adopted as an international standard

Recently, a Chinese Internet of Things security test technology – TRAIS-P TEST – has been published by the International Organisation for Standardisation/International Electrotechnical Commission (ISO/IEC) as an international standard. The standard is accessible at: ISO/IEC 19823-16:2020 Information technology — Conformance test methods for security service crypto suites — Part 16: Crypto suite ECDSA-ECDH security services for air interface communications.

This standard is an international test standard for TRAIS-P. Specifically, it standardises conformance test methods for Radio Frequency Identification (RFID) security cipher suites, so as to protect the security of RFID active products and systems. The standard will further improve the international standard system of the Tag and Reader Air Interface Security (TRAIS), particularly in terms of product test. Therefore, the standard also marks the completion of the establishment of the TRAIS international standards system, based on two levels of technology test and product test, thus safeguarding more effectively the air interface security connection for the global RFID system.

This standard was developed by the WAPI Industry Alliance, and it represents a significant step for China’s technological contribution to ISO international standards. China has submitted 26 standards with the essential patent declarations; among these, 12 standards relate to cybersecurity and were all submitted by members of the WAPI Industry Alliance.

Background:

Radio Frequency Identification (RFID) is the key technology at the core of the Internet of things, which is widely used in different fields – including warehousing logistics, access control, parking management, automation of production line, and anti-counterfeit of commodities.

The TRAIS technology system, put forward by China, can provide air interface security services such as entity authentication, confidential communication, and access control; these are able to resist the security threats faced by RFID, including tag forgery, data eavesdropping and data tampering, and thus ensure the extensive and safe use of RFID. Two technologies of security protocol in the system have already been adopted as international standards:

• ISO/IEC 29167-16:2015 Information technology – Automatic identification and data capture techniques – Part 16: Crypto suite ECDSA-ECDH security services for air interface communication;
• ISO/IEC TS 29167-15:2017 Information technology – Automatic identification and data capture techniques – Part 15: Crypto suite XOR services for air interface communication.

In addition, TRAIS technology has also been adopted in China’s national standards:

• GB/T 28925-2012 Information technology – Radio frequency identification: 2.45GHz Air Interface Protocol;
• GB/T 28926-2012 Information technology – Radio frequency identification: 2.45 GHz Air Interface Conformance Test Method;
• GB/T 29768-2013 Information technology – Radio frequency identification: 80000/900 MHz Air Interface Protocol;
• GB/T 35102-2017 Information technology – Radio frequency identification: 800/900MHz Air Interface Conformance Test Method.

Link of related news (in Chinese language): http://www.cac.gov.cn/2020-12/15/c_1609599870440682.htm