Abstract
The paper discusses a privacy definition for offline RFID schemes, called privacy+. We analyse this notion and we describe an attack that proves that it can not be achieved by the accompanying protocol. In order to achieve offline privacy we develop a novel approach based on using PUFs on the reader together with encrypting the reader database. Our approach contradicts the standard assumption that privacy must be lost when a reader is compromised and that privacy restoring mechanisms must be developed. We design a protocol that implements this idea and prove it to be secure, destructive-private and immune to reader corruption in a slightly modified version of Vaudenay’s model.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Finkenzeller, K.: RFID Handbook: Fundamentals and Applications in Contactless Smart Cards and Identification, 3rd ed. Wiley Publishing (2010)
Vaudenay, S.: On privacy models for RFID. In: Proceedings of the Advances in Crypotology 13th International Conference on Theory and Application of Cryptology and Information Security, service. ASIACRYPT 2007, pp. 68–87. Springer-Verlag (2007)
Hristea, C., Tiplea, F.L.: Destructive privacy and mutual authentication in Vaudenay’s RFID model. IACR Cryptol. ePrint Arch., 2019, 73 (2019). https://eprint.iacr.org/2019/073
Sadeghi, A.-R., Visconti, I., Wachsmann, C.: PUF-enhanced RFID security and privacy. In: Workshop on Secure Component and System Identification (SECSI), vol. 110 (2010)
Kardaş, S., Çelik, S., Yildiz, M., Levi, A.: PUF-enhanced offline RFID security and privacy. J. Netw. Comput. Appl. 35(6), 2059–2067 (2012)
Paise, R.-I., Vaudenay, S.: Mutual authentication in RFID: Security and privacy. In: Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ser. ASIACCS 2008, pp. 292–299. ACM, New York (2008)
Juels, A., Weis, S.A.: Defining strong privacy for RFID. ACM Trans. Inf. Syst. Secur. 13(1), 1–23 (2009)
Hermans, J., Peeters, R., Preneel, B.: Proper RFID privacy: model and protocols. IEEE Trans. Mob. Comput. 13(12), 2888–2902 (2014)
Avoine, G., Lauradoux, C., Martin, T.: When compromised readers meet RFID. In: Youm, H.Y., Yung, M. (eds.) WISA 2009. LNCS, vol. 5932, pp. 36–50. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10838-9_4
Garcia, F.D., van Rossum, P.: Modeling privacy for off-line RFID systems. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 194–208. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-12510-2_14
Avoine, G., Coisel, I., Martin, T.: A privacy-restoring mechanism for offline RFID systems. In: Proceedings of the fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 63-74 (2012)
Maes, R.: Physically Unclonable Functions: Constructions. Springer Verlag, Properties and Applications (2013)
Devadas, S., Suh, E., Paral, S., Sowell, R., Ziola, T., Khandelwal, V.: Design and implementation of PUF-based “unclonable” RFID ICs for anti-counterfeiting and security applications. In: 2008 IEEE International Conference on RFID, pp. 58-64. IEEE (2008)
Tuyls, P., Batina, L.: RFID-tags for anti-counterfeiting. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 115–131. Springer, Heidelberg (2006). https://doi.org/10.1007/11605805_8
Katz, J., Lindell, Y.: Introduction to Modern Cryptography. CRC press, United States (2020)
Sipser, M.: Introduction to the Theory of Computation. Cengage Learning (2012)
Delvaux, J., Gu, D., Schellekens, D., Verbauwhede, I.: Helper data algorithms for puf-based key generation: overview and analysis. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 34(6), 889–902 (2014)
Chuang, K.-H., Bury, E., Degraeve, R., Kaczer, B., Linien, D., Verbauwhede, I.: A physically unclonable function with 0% ber using soft oxide breakdown in 40nm cmos. In: IEEE Asian Solid-State Circuits Conference (A-SSCC), pp. 157–160. IEEE (2018)
Hermans, J., Pashalidis, A., Vercauteren, F., Preneel, B.: A new RFID privacy model. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 568–587. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23822-2_31
Tiplea, F.L., Hristea, C.: Privacy and reader-first authentication in Vaudenay’s RFID model with temporary state disclosure. In: IACR Cryptol. ePrint Arch., p. 113 (2019)
Ohkubo, M., Suzuki, K. and Kinoshita, S.: Cryptographic approach to privacy-friendly tags. In: RFID Privacy Workshop. vol. 82 (2003)
Shoup, V.: Sequences of games: a tool for taming complexity in security proofs (2004)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Hash and PUF-Based RFID Scheme
A Hash and PUF-Based RFID Scheme
RFID scheme from [5]
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Hristea, C. (2021). Reliable RFID Offline Privacy. In: Maimut, D., Oprina, AG., Sauveron, D. (eds) Innovative Security Solutions for Information Technology and Communications. SecITC 2020. Lecture Notes in Computer Science(), vol 12596. Springer, Cham. https://doi.org/10.1007/978-3-030-69255-1_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-69255-1_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-69254-4
Online ISBN: 978-3-030-69255-1
eBook Packages: Computer ScienceComputer Science (R0)