ABSTRACT
In RFID protocols, tags identify and authenticate themselves to readers. At Asiacrypt 2007, Vaudenay studied security and privacy models for these protocols. We extend this model to protocols which offer reader authentication to tags. Whenever corruption is allowed, we prove that secure protocols cannot protect privacy unless we assume tags have a temporary memory which vanishes by itself. Under this assumption, we study several protocols. We enrich a few basic protocols to get secure mutual authentication RFID protocols which achieve weak privacy based on pseudorandom functions only, narrow-destructive privacy based on random oracles, and narrow-strong and forward privacy based on public-key cryptography.
- G. Avoine. Cryptography in Radio Frequency Identification and Fair Exchange Protocols. PhD thesis, EPFL, Lausanne, Switzerland, December 2005. http://library.epfl.ch/theses/?nr=3407.Google Scholar
- G. Avoine, E. Dysli, and P. Oechslin. Reducing time complexity in RFID systems. In B. Preneel and S. Tavares, editors, Selected Areas in Cryptography -- SAC 2005, volume 3897 of Lecture Notes in Computer Science, pages 291--306, Kingston, Canada, August 2005. Springer-Verlag. Google ScholarDigital Library
- M. Burmester, T. van Le, and B. de Medeiros. Provably secure ubiquitous systems: Universally composable RFID authentication protocols. In Conference on Security and Privacy for Emerging Areas in Communication Networks -- SecureComm 2006, Baltimore, Maryland, USA, August-September 2006. IEEE.Google ScholarCross Ref
- T. Dimitriou. A lightweight RFID protocol to protect against traceability and cloning attacks. In Conference on Security and Privacy for Emerging Areas in Communication Networks -- SecureComm 2005, Athens, Greece, September 2005. IEEE. Google ScholarDigital Library
- M. Feldhofer, S. Dominikus, and J. Wolkerstorfer. Strong authentication for RFID systems using the AES algorithm. In M. Joye and J.-J. Quisquater, editors, Workshop on Cryptographic Hardware and Embedded Systems -- CHES 2004, volume 3156 of Lecture Notes in Computer Science, pages 357--370, Boston, Massachusetts, USA, August 2004. IACR, Springer-Verlag.Google Scholar
- A. Juels and S. Weis. Defining strong privacy for RFID. Cryptology ePrint Archive, Report 2006/137, 2006.Google Scholar
- C. H. Lim and T. Kwon. Strong and robust RFID authentication enabling perfect ownership transfer. In P. Ning, S. Qing, and N. Li, editors, Conference on Information and Communications Security -- ICICS 2006, volume 4307 of Lecture Notes in Computer Science, pages 1--20, Raleigh, North Carolina, USA, December 2006. Springer-Verlag. Google ScholarDigital Library
- D. Molnar and D. Wagner. Privacy and security in library RFID: Issues, practices, and architectures. In B. Pfitzmann and P. Liu, editors, Conference on Computer and Communications Security -- ACM CCS 2004, pages 210--219, Washington, DC, USA, October 2004. ACM, ACM Press. Google ScholarDigital Library
- M. Ohkubo and K. Suzuki. RFID privacy issues and technical challenges. Communications of the ACM, 48(9):66--71, 2005. Google ScholarDigital Library
- M. Ohkubo, K. Suzuki, and S. Kinoshita. Cryptographic approach to "privacy-friendly" tags. In RFID Privacy Workshop 2003, MIT, MA, USA, November 2003.Google Scholar
- M. Ohkubo, K. Suzuki, and S. Kinoshita. Efficient hash-chain based RFID privacy protection scheme. In International Conference on Ubiquitous Computing -- Ubicomp 2004, Workshop Privacy: Current Status and Future Directions, Nottingham, England, September 2004.Google Scholar
- G. Tsudik. A family of dunces: Trivial RFID identification and authentication protocols. In N. Borisov and P. Golle, editors, Privacy Enhancing Technologies -- PET 2007, volume 4776 of Lecture Notes in Computer Science, pages 45--61, Ottawa, Canada, 2007. Springer-Verlag. Google ScholarDigital Library
- T. van Le, M. Burmester, and B. de Medeiros. Universally composable and forward secure RFID authentication and authenticated key exchange. In F. Bao and S. Miller, editors, ACM Symposium on Information, Computer and Communications Security -- ASIACCS 2007, pages 242--252, Singapore, 2007. ACM. Google ScholarDigital Library
- S. Vaudenay. On privacy models for RFID. In T. Okamoto, editor, Advances in Cryptology -- Asiacrypt 2007, volume 4833 of Lecture Notes in Computer Science, pages 68--87, Kuching, Malaysia, December 2007. Springer-Verlag. Google ScholarDigital Library
- S. Weis, S. Sarma, R. Rivest, and D. Engels. Security and privacy aspects of low-cost radio frequency identification systems. In D. Hutter, G. Müller, W. Stephan, and M. Ullmann, editors, International Conference on Security in Pervasive Computing -- SPC 2003, volume 2802 of Lecture Notes in Computer Science, pages 454--469, Boppard, Germany, March 2003. Springer-Verlag.Google Scholar
Index Terms
- Mutual authentication in RFID: security and privacy
Recommendations
On Elliptic Curve Based Untraceable RFID Authentication Protocols
IH&MMSec '15: Proceedings of the 3rd ACM Workshop on Information Hiding and Multimedia SecurityAn untraceable RFID authentication scheme allows a legitimate reader to authenticate a tag, and at the same time it assures the privacy of the tag against unauthorized tracing. In this paper, we revisit three elliptic-curve based untraceable RFID ...
On RFID privacy with mutual authentication and tag corruption
ACNS'10: Proceedings of the 8th international conference on Applied cryptography and network securityRFID systems have become increasingly popular and are already used in many real-life applications. Although very useful, RFIDs also introduce privacy risks since they carry identifying information that can be traced. Hence, several RFID privacy models ...
Cryptanalysis of a New Ultralightweight RFID Authentication Protocol—SASI
Since RFID tags are ubiquitous and at times even oblivious to the human user, all modern RFID protocols are designed to resist tracking so that the location privacy of the human RFID user is not violated. Another design criterion for RFIDs is the low ...
Comments