|
 ABSTRACT
Recently, a universally composable framework for RFID authentication protocols providing availability, anonymity, and authenticity was proposed. In this paper we extend that framework to address forward-security issues in the presence of key compromise.We also introduce new, provably secure, and highly practical protocols for anonymous authentication and key-exchange by RFID devices. The new protocols are lightweight, requiring only a pseudo-random bit generator. The new protocols satisfy forward-secure anonymity, authenticity, and availability requirements in the Universal Composability model.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
 |
1
|
|
| |
2
|
Avoine, G. Security and privacy in RFID systems. http://lasecwww.epf1.ch/~gavoine/rfid/.
|
| |
3
|
|
| |
4
|
Batina, L., Lano, J., Mentens, N., Örs, S. B., Preneel, B., and Verbauwhede, I. Energy, performance, area versus security trade-offs for stream ciphers. In The State of the Art of Stream Ciphers, Workshop Record (2004), ECRYPT.
|
| |
5
|
|
| |
6
|
Beaver, D. Secure multi-party protocols and zero-knowledge proof systems tolerating a faulty minority. Journal of Cryptology 4:2 (1991), 75--122.
|
| |
7
|
|
| |
8
|
Bono, S. C., Green, M., Stubblefield, A., Rubin, A. J. A. D., and Szydlo, M. Security analysis of a cryptographically-enabled RFID device. In Proc. USENIX Security Symposium (USENIX Security 2005) (2005), USENIX, pp. 1--16.
|
| |
9
|
Burmester, M., Van Le, T., and De Medeiros, B. Provably secure ubiquitous systems: Universally composable RFID authentication protocols. In Proc. of IEEE International Conference on Security and Privacy in Communication Networks (SecureComm). August 2006, Baltimore, USA. ISBN 1-4244-0422-3, IEEE Press.
|
| |
10
|
Canetti, R. Studies in Secure Multiparty Computation and Application. PhD thesis, Weizmann Institute of Science, Rehovot 76100, Israel, June 1995.
|
| |
11
|
Canetti, R. Security and composition of multi-party cryptographic protocols. Journal of Cryptology 13:1 (2000), 143--202.
|
| |
12
|
|
| |
13
|
|
| |
14
|
Canetti, R., and Herzog., J. Universally composable symbolic analysis of cryptographic protocols (the case of encryption-based mutual authentication and key exchange). Tech. Rep. E-print Report # 2004/334, International Association for Cryptological Research, 2004.
|
| |
15
|
|
| |
16
|
Ran Canetti , Yehuda Lindell , Rafail Ostrovsky , Amit Sahai, Universally composable two-party and multi-party secure computation, Proceedings of the thiry-fourth annual ACM symposium on Theory of computing, May 19-21, 2002, Montreal, Quebec, Canada
[doi> 10.1145/509907.509980]
|
| |
17
|
|
| |
18
|
|
| |
19
|
Gilbert, H., Rodshaw, M., and Sibert, H. An active attack against HB+- a provably secure lightweight authentication protocol. Tech. rep., International Association for Cryptological Research, 2005.
|
| |
20
|
|
| |
21
|
|
| |
22
|
Hell, M., Johansson, T., and Meier, W. Grain - A stream cipher for constrained environments. Tech. Rep. eSTREAM # 2005/010, ECRYPT (European Network of Excellence for Cryptology), 2005.
|
| |
23
|
|
| |
24
|
Hofheinz, D., Müller-Quade, J., and Steinwandt, R. Initiator-resilient universally composable key exchange. In Proc. European Symp. on Research in Computer Security (ESORICS 2003) (2003), vol. 2808 of LNCS, Springer, pp. 61--84.
|
| |
25
|
Juels, A. Minimalist cryptography for low-cost RFID tags. In Proc. Intern. Conf. on Security in Communication Networks (SCN 2004) (2004), vol. 3352 of LNCS, Springer, pp. 149--164.
|
| |
26
|
Juels, A., and Weis, S. A. Authenticating pervasive devices with human protocols. In Proc. Advances in Cryptology (CRYPTO 2005) (2005), vol. 3621 of LNCS, Springer, p. 293.
|
| |
27
|
Juels, A., and Weis, S. A. Defining strong privacy for RFID. E-print report 2006/137, International Association for Cryptological Research, 2006.
|
| |
28
|
Katz, J., and S. Shin, J. Parallel and concurrent security of the HB and HB+ protocols. In Proc. Advances in Crypotology (EUROCRYPT 2006) (2006), LNCS, Springer.
|
| |
29
|
|
| |
30
|
|
| |
31
|
Molnar, D., Soppera, A., and Wagner, D. A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags. In Proc. Workshop on Selected Areas in Cryptography (SAC 2005) (2006), vol. 3897 of LNCS, Springer.
|
| |
32
|
Network of Excellence Within the Information Societies Technology (IST) Programme of the European Commission. Estream: The stream cipher project. http://www.ecrypt.eu.org/stream.
|
| |
33
|
Ohkubo, M., Suzuki, K., and Kinoshita, S. Cryptographic approach to "privacy-friendly" tags. RFID Privacy Workshop, November 2003.
|
| |
34
|
Oren, Y., and Shamir, A. Power analysis of RFID tags. Appeared in the rump session of Advances in Cryptology, CRYPTO 2006. Available online at http://www.wisdom.weizmann.ac.il/~yossio/rfid/, Weizmann Institute, 2006.
|
| |
35
|
|
| |
36
|
|
| |
37
|
|
| |
38
|
Yao, A. C. Theory and application of trapdoor functions. In Proc. IEEE Symp. on Foundations of Computer Science (FOCS 1982) (1982), pp. 80--91.
|
CITED BY 9
|
|
Mike Burmester , Breno de Medeiros , Rossana Motta, Robust, anonymous RFID authentication with constant key-lookup, Proceedings of the 2008 ACM symposium on Information, computer and communications security, March 18-20, 2008, Tokyo, Japan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Julien Bringer , Hervé Chabanne , Thomas Icart, Efficient zero-knowledge identification schemes which respect privacy, Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, March 10-12, 2009, Sydney, Australia
|
|
|
|
|
|
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
K.6