Mutual authentication in RFID

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Mutual authentication in RFID: security and privacy

Full text

Pdf (279 KB)

Source

ASIAN ACM Symposium on Information, Computer and Communications Security archive
Proceedings of the 2008 ACM symposium on Information, computer and communications security table of contents

Tokyo, Japan

SESSION: RFID security table of contents

Pages 292-299

Year of Publication: 2008

ISBN:978-1-59593-979-1

Authors

Radu-Ioan Paise	EPFL, Lausanne, Switzerland
Serge Vaudenay	EPFL, Lausanne, Switzerland

Sponsor

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 49, Downloads (12 Months): 444, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1368310.1368352 What is a DOI?

ABSTRACT

In RFID protocols, tags identify and authenticate themselves to readers. At Asiacrypt 2007, Vaudenay studied security and privacy models for these protocols. We extend this model to protocols which offer reader authentication to tags. Whenever corruption is allowed, we prove that secure protocols cannot protect privacy unless we assume tags have a temporary memory which vanishes by itself. Under this assumption, we study several protocols. We enrich a few basic protocols to get secure mutual authentication RFID protocols which achieve weak privacy based on pseudorandom functions only, narrow-destructive privacy based on random oracles, and narrow-strong and forward privacy based on public-key cryptography.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	G. Avoine. Cryptography in Radio Frequency Identification and Fair Exchange Protocols. PhD thesis, EPFL, Lausanne, Switzerland, December 2005. http://library.epfl.ch/theses/?nr=3407.
	2	G. Avoine, E. Dysli, and P. Oechslin. Reducing time complexity in RFID systems. In B. Preneel and S. Tavares, editors, Selected Areas in Cryptography -- SAC 2005, volume 3897 of Lecture Notes in Computer Science, pages 291--306, Kingston, Canada, August 2005. Springer-Verlag.
	3	M. Burmester, T. van Le, and B. de Medeiros. Provably secure ubiquitous systems: Universally composable RFID authentication protocols. In Conference on Security and Privacy for Emerging Areas in Communication Networks -- SecureComm 2006, Baltimore, Maryland, USA, August-September 2006. IEEE.
	4	Tassos Dimitriou, A Lightweight RFID Protocol to protect against Traceability and Cloning attacks, Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks, p.59-66, September 05-09, 2005 [doi>10.1109/SECURECOMM.2005.4]
	5	M. Feldhofer, S. Dominikus, and J. Wolkerstorfer. Strong authentication for RFID systems using the AES algorithm. In M. Joye and J.-J. Quisquater, editors, Workshop on Cryptographic Hardware and Embedded Systems -- CHES 2004, volume 3156 of Lecture Notes in Computer Science, pages 357--370, Boston, Massachusetts, USA, August 2004. IACR, Springer-Verlag.
	6	A. Juels and S. Weis. Defining strong privacy for RFID. Cryptology ePrint Archive, Report 2006/137, 2006.
	7	C. H. Lim and T. Kwon. Strong and robust RFID authentication enabling perfect ownership transfer. In P. Ning, S. Qing, and N. Li, editors, Conference on Information and Communications Security -- ICICS 2006, volume 4307 of Lecture Notes in Computer Science, pages 1--20, Raleigh, North Carolina, USA, December 2006. Springer-Verlag.
	8	David Molnar , David Wagner, Privacy and security in library RFID: issues, practices, and architectures, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA [doi>10.1145/1030083.1030112]
	9	Miyako Ohkubo , Koutarou Suzuki , Shingo Kinoshita, RFID privacy issues and technical challenges, Communications of the ACM, v.48 n.9, September 2005 [doi>10.1145/1081992.1082022]
	10	M. Ohkubo, K. Suzuki, and S. Kinoshita. Cryptographic approach to "privacy-friendly" tags. In RFID Privacy Workshop 2003, MIT, MA, USA, November 2003.
	11	M. Ohkubo, K. Suzuki, and S. Kinoshita. Efficient hash-chain based RFID privacy protection scheme. In International Conference on Ubiquitous Computing -- Ubicomp 2004, Workshop Privacy: Current Status and Future Directions, Nottingham, England, September 2004.
	12	G. Tsudik. A family of dunces: Trivial RFID identification and authentication protocols. In N. Borisov and P. Golle, editors, Privacy Enhancing Technologies -- PET 2007, volume 4776 of Lecture Notes in Computer Science, pages 45--61, Ottawa, Canada, 2007. Springer-Verlag.
	13	Tri Van Le , Mike Burmester , Breno de Medeiros, Universally composable and forward-secure RFID authentication and authenticated key exchange, Proceedings of the 2nd ACM symposium on Information, computer and communications security, March 20-22, 2007, Singapore [doi>10.1145/1229285.1229319]
	14	S. Vaudenay. On privacy models for RFID. In T. Okamoto, editor, Advances in Cryptology -- Asiacrypt 2007, volume 4833 of Lecture Notes in Computer Science, pages 68--87, Kuching, Malaysia, December 2007. Springer-Verlag.
	15	S. Weis, S. Sarma, R. Rivest, and D. Engels. Security and privacy aspects of low-cost radio frequency identification systems. In D. Hutter, G. Müller, W. Stephan, and M. Ullmann, editors, International Conference on Security in Pervasive Computing -- SPC 2003, volume 2802 of Lecture Notes in Computer Science, pages 454--469, Boppard, Germany, March 2003. Springer-Verlag.