Abstract
The paper discusses a privacy definition for offline RFID schemes, called privacy+. We analyse this notion and we describe an attack that proves that it can not be achieved by the accompanying protocol. In order to achieve offline privacy we develop a novel approach based on using PUFs on the reader together with encrypting the reader database. Our approach contradicts the standard assumption that privacy must be lost when a reader is compromised and that privacy restoring mechanisms must be developed. We design a protocol that implements this idea and prove it to be secure, destructive-private and immune to reader corruption in a slightly modified version of Vaudenay’s model.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Finkenzeller, K.: RFID Handbook: Fundamentals and Applications in Contactless Smart Cards and Identification, 3rd ed. Wiley Publishing (2010)
Vaudenay, S.: On privacy models for RFID. In: Proceedings of the Advances in Crypotology 13th International Conference on Theory and Application of Cryptology and Information Security, service. ASIACRYPT 2007, pp. 68–87. Springer-Verlag (2007)
Hristea, C., Tiplea, F.L.: Destructive privacy and mutual authentication in Vaudenay’s RFID model. IACR Cryptol. ePrint Arch., 2019, 73 (2019). https://eprint.iacr.org/2019/073
Sadeghi, A.-R., Visconti, I., Wachsmann, C.: PUF-enhanced RFID security and privacy. In: Workshop on Secure Component and System Identification (SECSI), vol. 110 (2010)
Kardaş, S., Çelik, S., Yildiz, M., Levi, A.: PUF-enhanced offline RFID security and privacy. J. Netw. Comput. Appl. 35(6), 2059–2067 (2012)
Paise, R.-I., Vaudenay, S.: Mutual authentication in RFID: Security and privacy. In: Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ser. ASIACCS 2008, pp. 292–299. ACM, New York (2008)
Juels, A., Weis, S.A.: Defining strong privacy for RFID. ACM Trans. Inf. Syst. Secur. 13(1), 1–23 (2009)
Hermans, J., Peeters, R., Preneel, B.: Proper RFID privacy: model and protocols. IEEE Trans. Mob. Comput. 13(12), 2888–2902 (2014)
Avoine, G., Lauradoux, C., Martin, T.: When compromised readers meet RFID. In: Youm, H.Y., Yung, M. (eds.) WISA 2009. LNCS, vol. 5932, pp. 36–50. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10838-9_4
Garcia, F.D., van Rossum, P.: Modeling privacy for off-line RFID systems. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 194–208. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-12510-2_14
Avoine, G., Coisel, I., Martin, T.: A privacy-restoring mechanism for offline RFID systems. In: Proceedings of the fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 63-74 (2012)
Maes, R.: Physically Unclonable Functions: Constructions. Springer Verlag, Properties and Applications (2013)
Devadas, S., Suh, E., Paral, S., Sowell, R., Ziola, T., Khandelwal, V.: Design and implementation of PUF-based “unclonable” RFID ICs for anti-counterfeiting and security applications. In: 2008 IEEE International Conference on RFID, pp. 58-64. IEEE (2008)
Tuyls, P., Batina, L.: RFID-tags for anti-counterfeiting. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 115–131. Springer, Heidelberg (2006). https://doi.org/10.1007/11605805_8
Katz, J., Lindell, Y.: Introduction to Modern Cryptography. CRC press, United States (2020)
Sipser, M.: Introduction to the Theory of Computation. Cengage Learning (2012)
Delvaux, J., Gu, D., Schellekens, D., Verbauwhede, I.: Helper data algorithms for puf-based key generation: overview and analysis. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 34(6), 889–902 (2014)
Chuang, K.-H., Bury, E., Degraeve, R., Kaczer, B., Linien, D., Verbauwhede, I.: A physically unclonable function with 0% ber using soft oxide breakdown in 40nm cmos. In: IEEE Asian Solid-State Circuits Conference (A-SSCC), pp. 157–160. IEEE (2018)
Hermans, J., Pashalidis, A., Vercauteren, F., Preneel, B.: A new RFID privacy model. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 568–587. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23822-2_31
Tiplea, F.L., Hristea, C.: Privacy and reader-first authentication in Vaudenay’s RFID model with temporary state disclosure. In: IACR Cryptol. ePrint Arch., p. 113 (2019)
Ohkubo, M., Suzuki, K. and Kinoshita, S.: Cryptographic approach to privacy-friendly tags. In: RFID Privacy Workshop. vol. 82 (2003)
Shoup, V.: Sequences of games: a tool for taming complexity in security proofs (2004)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Hash and PUF-Based RFID Scheme
A Hash and PUF-Based RFID Scheme
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Hristea, C. (2021). Reliable RFID Offline Privacy. In: Maimut, D., Oprina, AG., Sauveron, D. (eds) Innovative Security Solutions for Information Technology and Communications. SecITC 2020. Lecture Notes in Computer Science(), vol 12596. Springer, Cham. https://doi.org/10.1007/978-3-030-69255-1_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-69255-1_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-69254-4
Online ISBN: 978-3-030-69255-1
eBook Packages: Computer ScienceComputer Science (R0)