Abstract
We investigate an application of RFIDs referred to in the literature as group scanning, in which several tags are “simultaneously” scanned by a reader device. Our goal is to study the group scanning problem in strong adversarial models. We present a security model for this application and give a formal description of the attending security requirements, focusing on the privacy (anonymity) of the grouped tags, and/ or forward-security properties. Our model is based on the Universal Composability framework and supports re-usability (through modularity of security guarantees). We introduce novel protocols that realize the security models, focusing on efficient solutions based on off-the-shelf components, such as highly optimized pseudo-random function designs that require fewer than 2000 Gate-Equivalents.
Part of this material is based on work supported by the U.S. Army Research Laboratory, and the U.S. Research Office under grant number DAAD 19-02-1-0235.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Ateniese, G., Camenisch, J., de Medeiros, B.: Untraceable RFID tags via insubvertible encryption. In: Atluri, V., Meadows, C., Juels, A. (eds.) Proceedings of the 12th ACM Conference on Computer and Communications Security, CCS 2005, Alexandria, VA, USA, November 7-11, 2005, pp. 92–101. ACM, New York (2005)
Avoine, G., Oechslin, P.: A Scalable and Provably Secure Hash-Based RFID Protocol. In: 3rd IEEE Conference on Pervasive Computing and Communications Workshops (PerCom 2005 Workshops), pp. 110–114. IEEE Computer Society, Los Alamitos (2005)
Bellare, M., Rogawa, P.: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In: ACM Conference on Computer and Communications Security, pp. 62–73 (1993)
Bolotnyy, L., Rose, G.: Generalized Yoking-Proofs for a group of Radio Frequency Identification Tags. In: International Conference on Mobile and Ubiquitous Systems, MOBIQUITOUS 2006, San Jose, CA (2006)
Bono, S.C., Green, M., Stubblefield, A., Juels, A., Rubin, A.D., Szydlo, M.: Security analysis of a cryptographically-enabled RFID device. In: Proc. USENIX Security Symposium (USENIX Security 2005), pp. 1–16. USENIX (2005)
Burmester, M., van Le, T., de Medeiros, B.: Provably secure ubiquitous systems: Universally composable RFID authentication protocols. In: Proceedings of the 2nd IEEE/CreateNet International Conference on Security and Privacy in Communication Networks (SECURECOMM 2006), IEEE Press, Los Alamitos (2006)
Dimitriou, T.: A lightweight RFID protocol to protect against traceability and cloning attacks. In: Proc. IEEE Intern. Conf. on Security and Privacy in Communication Networks (SECURECOMM 2005). IEEE Press, Los Alamitos (2005)
Dimitriou, T.: A secure and efficient RFID protocol that can make big brother obsolete. In: Proc. Intern. Conf. on Pervasive Computing and Communications (PerCom 2006). IEEE Press, Los Alamitos (2006)
Engberg, S.J., Harning, M.B., Jensen, C.D.: Zero-knowledge device authentication: Privacy & security enhanced rfid preserving business value and consumer convenience. In: Proceedings of Second Annual Conference on Privacy, Security and Trust (PST 2004), October 13-15, 2004, pp. 89–101. Wu Centre, University of New Brunswick, Fredericton (2004)
EPC Global. EPC tag data standards, vs. 1.3, http://www.epcglobalinc.org/standards/EPCglobal_Tag_Data_Standard_TDS_%Version_1.3.pdf
Juels, A.: Yoking-Proofs for RFID tags. In: PERCOMW 2004: Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops, pp. 138–142. IEEE Computer Society, Washington (2004)
Van Le, T., Burmester, M., de Medeiros, B.: Universally composable and forward-secure RFID authentication and authenticated key exchange. In: Bao, F., Miller, S. (eds.) Proceedings of the 2007 ACM Symposium on Information, Computer and Communications Security (ASIACCS 2007), Singapore, March 20-22, 2007, pp. 242–252. ACM, New York (2007)
Molnar, D., Soppera, A., Wagner, D.: A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897. Springer, Heidelberg (2006)
Oren, Y., Shamir, A.: Power analysis of RFID tags. In: RSA Conference, Cryptographer’s Track (RSA-CT 2006) (2006), http://www.wisdom.weizmann.ac.il/~yossio/rfid
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: Solving the simultaneous scanning problem anonymously: clumping proofs for RFID tags. In: Third International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing, SecPerl 2007, Istambul, Turkey, IEEE Computer Society Press, Los Alamitos (2007)
Piramuthu, S.: On existence proofs for multiple RFID tags. In: IEEE International Conference on Pervasive Services, Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing – SecPerU 2006, Lyon, France, June 2006. IEEE Computer Society Press, Los Alamitos (2006)
Saito, J., Sakurai, K.: Grouping Proof for RFID Tags. In: 19th International Conference on Advanced Information Networking and Applications (AINA 2005), Taipei, Taiwan, 28-30 March 2005, pp. 621–624. IEEE Computer Society, Los Alamitos (2005)
Sarma, S.E., Weis, S.A., Engels, D.W.: RFID systems and security and privacy implications. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems - CHES 2002, 4th International Workshop, Redwood Shores, CA, USA, August 13-15, 2002. LNCS, vol. 2523, pp. 454–469. Springer, Heidelberg (2003)
Tan, C.C., Sheng, B., Li, Q.: Severless Search and Authentication Protocols for RFID. In: Fifth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom 2007), White Plains, New York, USA, 19-23 March 2007, pp. 3–12. IEEE Computer Society, Los Alamitos (2007)
Tsudik, G.: YA-TRAP: Yet Another Trivial RFID Authentication Protocol. In: 4th IEEE Conference on Pervasive Computing and Communications Workshops (PerCom 2006 Workshops), Pisa, Italy, 13-17 March 2006, pp. 640–643. IEEE Computer Society, Los Alamitos (2006)
Vajda, I., Buttyan, L.: Lightweight authentication protocols for low-cost RFID tags. In: Proc. Workshop on Security in Ubiquitous Computing (UBICOMP 2003) (2003)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 IFIP International Federation for Information Processing
About this paper
Cite this paper
Burmester, M., de Medeiros, B., Motta, R. (2008). Provably Secure Grouping-Proofs for RFID Tags. In: Grimaud, G., Standaert, FX. (eds) Smart Card Research and Advanced Applications. CARDIS 2008. Lecture Notes in Computer Science, vol 5189. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85893-5_13
Download citation
DOI: https://doi.org/10.1007/978-3-540-85893-5_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-85892-8
Online ISBN: 978-3-540-85893-5
eBook Packages: Computer ScienceComputer Science (R0)