Abstract
The privacy and security problems in RFID systems have been extensively studied. However, less research has been done on formal analysis of RFID security. The existing adversarial models proposed in the literature have limitations for analyzing RFID location privacy. In this paper, we propose a new formal proof model based on random oracle and indistinguishability. It not only considers passive/active attacks to the message flows between RFID reader and tag, but also takes into account physical attacks for disclosing tag’s internal state, thus making it more suitable for real RFID systems. We further apply our model to analyze location privacy of an existing RFID protocol.
Chapter PDF
References
Avoine, G.: Adversarial Model for Radio Frequency Identificatin. Cryptology ePrint Archieve, Report 2005/049 (2005), http://eprint.iacr.org
Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)
Golle, P., Jakobsson, M., Jules, A., Syverson, P.: Universal Re-encryption for Mixnets. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 163–178. Springer, Heidelberg (2004)
Ha, J., Ha, J., Moon, S., Boyd, C.: LRMAP: Lightweight and Resynchronous Mutual Authentication Protocol for RFID System. In: Stajano, F., Kim, H.-J., Chae, J.-S., Kim, S.-D. (eds.) ICUCT 2006. LNCS, vol. 4412, pp. 80–89. Springer, Heidelberg (2007)
Henrici, D., Müller, P.: Hash-based Enhancement of Loaction Privacy for Radio Frequency Identification Devices using Varing Identifiers. In: PERCOMW 2004, pp. 149–162. IEEE, Los Alamitos (2004)
Juels, A., Pappu, R.: Squealing Euros: Privacy Protection in RFID-enabled Banknotes. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 103–121. Springer, Heidelberg (2003)
Juels, A., Rivest, R.L., Szydlo, M.: The Blocker Tag: Selective Blocking of RFID Tags for consumer Privacy. In: ACM CCS 2003, pp. 103–111. ACM, New York (2003)
Jules, A., Weis, S.A.: Defining Strong Privacy for RFID, Cryptology ePrint Archieve, Report 2006/137 (2006), http://eprint.iacr.org
Juels, A.: RFID Security and Privacy: A Research Survey, RSA Laboratories (2005)
Li, Y., Cho, Y., Um, N., Lee, S.: Security and Privacy on Authentication for Low-cost RFID. In: Wang, Y., Cheung, Y.-m., Liu, H. (eds.) CIS 2006. LNCS (LNAI), vol. 4456, pp. 788–794. Springer, Heidelberg (2007)
Li, Y., Jeong, Y., Sun, N., Lee, S.: Low-cost Authenticatoin Protocol of the RFID System Using Partial ID. In: Wang, Y., Cheung, Y.-m., Liu, H. (eds.) CIS 2006. LNCS (LNAI), vol. 4456, pp. 598–604. Springer, Heidelberg (2007)
Lee, S., Asano, T., Kim, K.: RFID Mutual Authentication Scheme based on Synchronized Secret Information. In: SCIS 2006 (2006)
Mao, W.: Modern Cryptography, Theory and Practice. Prentice Hall, Englewood Cliffs (2003)
Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic Apprach to Privacy-Friendly Tags. In: RFID Privacy Workshop (2003)
Ohkubo, M., Suzuki, K., Kinoshita, S.: Hash-Chain Based Forward-Secure Privacy Protection Scheme for Low-Cost RFID. In: SCIS 2004, pp. 719–724 (2004)
Rhee, K., Kwak, J., Kim, S., Won, D.: Challenge-Response Based RFID Authentication Protocol for Distributed Database Envirionment. In: Hutter, D., Ullmann, M. (eds.) SPC 2005. LNCS, vol. 3450, pp. 70–84. Springer, Heidelberg (2005)
Saito, J., Ryou, J., Sakurai, K.: Enhancing Privacy of Universal Re-encryption Scheme for RFID Tags. In: Yang, L.T., Guo, M., Gao, G.R., Jha, N.K. (eds.) EUC 2004. LNCS, vol. 3207, pp. 879–890. Springer, Heidelberg (2004)
Sarma, S.E., Weis, S.A., Engels, D.W.: Radio-Frequency Identification: Security Risks and Challenges, RSA Laboratories, vol. 6(1) (2003)
Vaudenay, S.: On Privacy Models for RFID. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 68–87. Springer, Heidelberg (2007)
Weis, S.A.: Security and Privacy in Radio-Frequency Identification Devices, MS Thesis, MIT (2003)
Weis, S.A., Sarma, S.E., Rivest, R.L., Engles, D.W.: Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 285–289. Springer, Heidelberg (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ha, J., Moon, S., Zhou, J., Ha, J. (2008). A New Formal Proof Model for RFID Location Privacy. In: Jajodia, S., Lopez, J. (eds) Computer Security - ESORICS 2008. ESORICS 2008. Lecture Notes in Computer Science, vol 5283. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88313-5_18
Download citation
DOI: https://doi.org/10.1007/978-3-540-88313-5_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-88312-8
Online ISBN: 978-3-540-88313-5
eBook Packages: Computer ScienceComputer Science (R0)