Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Information Security Applications

WISA 2009: Information Security Applications pp 36–50Cite as

When Compromised Readers Meet RFID

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5932))

Abstract

RFID-based access control solutions for mobile environments, e.g. ticketing systems for sport events, commonly rely on readers that are not continuously connected to the back-end system. The readers must so be able to perform their tasks even in offline mode, what commonly requires the management by the readers of sensitive data.

We stress in this paper the problem of compromised readers and its impact in practice. We provide a thorough review of the existing authentication protocols faced to this constraint, and extend our analysis with the privacy property. We show that none of the reviewed protocols fits the required properties in case of compromised readers. We then design a sporadically-online solution that meets our expectations in terms of both security and privacy.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Atici, A.C., Batina, L., Fan, J., Verbauwhede, I., Yalcin, S.B.O.: Low-cost Implementations of NTRU for Pervasive Security. In: International Conference on Application-Specific Systems, Architectures and Processors – ASAP 2008, Leuven, Belgium, pp. 79–84 (July 2008)

    Google Scholar 

  2. Avoine, G., Dysli, E., Oechslin, P.: Reducing Time Complexity in RFID Systems. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 291–306. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  3. Avoine, G., Oechslin, P.: RFID Traceability: A Multilayer Problem. In: Patrick, A.S., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 125–140. Springer, Heidelberg (2005)

    Google Scholar 

  4. Baudron, O., Boudot, F., Bourel, P., Bresson, E., Corbel, J., Frisch, L., Gilbert, H., Girault, M., Goubin, L., Misarsky, J.-F., Nguyen, P., Patarin, J., Pointcheval, D., Poupard, G., Stern, J., Traoré, J.: GPS - An Asymmetric Identification Scheme for on the Fly Authentication of Low Cost Smart Cards. In: A proposal to NESSIE (2001)

    Google Scholar 

  5. Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J., Seurin, Y., Vikkelsoe, C.: PRESENT: An Ultra-Lightweight Block Cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  6. Bogdanov, A., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J., Seurin, Y.: Hash Functions and RFID Tags: Mind The Gap. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 283–299. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  7. Bringer, J., Chabanne, H., Icart, T.: Efficient Zero-Knowledge Identification Schemes which respect Privacy. In: ACM Symposium on Information, Computer and Communication Security – ASIACCS 2009, Sydney, Australia, March 2009, pp. 195–205. ACM Press, New York (2009)

    Chapter  Google Scholar 

  8. Feldhofer, M., Dominikus, S., Wolkerstorfer, J.: Strong Authentication for RFID Systems using the AES Algorithm. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 357–370. Springer, Heidelberg (2004)

    Google Scholar 

  9. Fiat, A., Shamir, A.: How To Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)

    Google Scholar 

  10. Gama, N., Nguyen, P.Q.: New Chosen-Ciphertext Attacks on NTRU. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 89–106. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  11. Hein, D., Wolkerstorfer, J., Felber, N.: ECC is Ready for RFID – A Proof in Silicon. In: Conference on RFID Security, Budapest, Hungary (July 2008)

    Google Scholar 

  12. International Organization for Standardization. ISO/IEC 9798 – Information technology – Security techniques – Entity authentication (1997 – 2008)

    Google Scholar 

  13. Mathas, C.: Altera CPLDs go to the Beijing Olympics (2008), http://www.eetimes.com/showArticle.jhtml?articleID=208800197

  14. McLoone, M., Robshaw, M.J.: Public Key Cryptography and RFID Tags. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 372–384. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  15. Naccache, D.: Method, Sender Apparatus and Receiver Apparatus for Modulo Operation. European patent application no. 91402958.2 (1992)

    Google Scholar 

  16. NESSIE consortium. Portfolio of recommended cryptographic primitives. Technical report (2003)

    Google Scholar 

  17. O’Neill, M., (McLoone).: Low-Cost SHA-1 Hash Function Architecture for RFID Tags. In: Conference on RFID Security, Budapest, Hungary (July 2008)

    Google Scholar 

  18. Oren, Y., Feldhofer, M.: WIPR - a Public Key Implementation on Two Grains of Sand. In: Conference on RFID Security, Budapest, Hungary (July 2008)

    Google Scholar 

  19. Oren, Y., Feldhofer, M.: A Low-Resource Public-Key Identification Scheme for RFID Tags and Sensor Nodes. In: Proceedings of the second ACM Conference on Wireless Network Security – WiSec 2009, Zurich, Switzerland. ACM Press, New York (2009)

    Google Scholar 

  20. Rabin, M.O.: Digitalized Signatures and Public-Key Functions as Intractable as Factorization. Technical report, Massachusetts Institute of Technology, Cambridge, Massachusetts, USA (1979)

    Google Scholar 

  21. Shamir, A.: Memory Efficient Variant of Public-key Schemes for Smart Card Applications. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 445–449. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  22. Tan, C.C., Sheng, B., Li, Q.: Serverless Search and Authentication Protocols for RFID. In: International Conference on Pervasive Computing and Communications – PerCom 2007, New York, USA. IEEE Computer Society Press, Los Alamitos (2007)

    Google Scholar 

  23. Wu, J., Stinson, D.: How to Improve Security and Reduce Hardware Demands of the WIPR RFID Protocol. In: IEEE International Conference on RFID – RFID 2009, Orlando, Florida, USA (April 2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Group, Université catholique de Louvain, B-1348, Louvain-La-Neuve, Belgium

    Gildas Avoine, Cédric Lauradoux & Tania Martin

Authors
  1. Gildas Avoine
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Cédric Lauradoux
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tania Martin
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Information Security Engineering, Soonchunhyang University, 646, Eupnae-ri, Shinchang-myun, Asan-si, Chungnam-do, 336-745, Korea

    Heung Youl Youm

  2. Computer Science Department, Google Inc. and Columbia University, Room 464, S.W. Mudd Building, NY 10027, New York, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Avoine, G., Lauradoux, C., Martin, T. (2009). When Compromised Readers Meet RFID. In: Youm, H.Y., Yung, M. (eds) Information Security Applications. WISA 2009. Lecture Notes in Computer Science, vol 5932. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10838-9_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-10838-9_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-10837-2

  • Online ISBN: 978-3-642-10838-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation