Abstract
Low power devices, such as smart-card and RFID-tags, will be used around our life including in commercial and financial activities. A prime application of such devices is entity authentication in pervasive environment. The obvious concerns in this environment involves getting security against tag-forgery (even by adversary controlled readers) and, on the other hand, giving users privacy against linking of different authentication transcripts. Many cryptographic protocols have realizes such requirements. However, there is no scheme which realizes, both, forward-privacy and tag-forgery right after some leakage is occurred. Since some devices among the huge quantity of expected devices will surely be compromised, it seems highly important, from an engineering point of view, to deal with limited damage of such exposures. In this paper, we address the gap by proposing the first RFID scheme that realizes both requirements.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Alwen, J., Dodis, Y., Wichs, D.: Leakage-Resilient Public-Key Cryptography in the Bounded-Retrieval Model. In: Halevi, S. (ed.) Advances in Cryptology - CRYPTO 2009. LNCS, vol. 5677, pp. 36–54. Springer, Heidelberg (2009)
Avoine, G., Oechslin, P.: A Scalable and Provably Secure Hash Based RFID Protocol. In: Proc. of IEEE Int. Workshop on Pervasive Computing & Communication Security (PerSec 2005). IEEE Computer Society Press, Los Alamitos (2005)
Berbain, C., Billet, O., Etrog, J., Gilbert, H.: An efficient forward private RFID protocol. In: ACM Conference on Computer and Communications Security 2009 (ACM CCS 2009), pp. 43–53 (2009)
Burmester, M., van Le, T., De Medeiros, B.: Provably Secure Ubiquitous Systems: Universally Composable RFID Authentication Protocols. In: Proc. of 2nd IEEE Create Net Int. Conf. on Security and Privacy in Networks (SECURECOMM 2006). IEEE Press, Los Alamitos (2006)
Bogdanov, A., Leander, G., Paar, C., Posehmann, A., Robshaw, M.J.B., Seurin, Y.: Hash Functions and RFID Tags: Mind the Gap. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 283–299. Springer, Heidelberg (2008)
Burmester, M., De Medeiros, B.: The Security of EPC Gen2 Compliant RFID Protocols. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 490–506. Springer, Heidelberg (2008)
Burmester, M., Munila, J.: A Flyweight RFID Authentication Protocol. In: Workshop on RFID Security, RFIDSec 2009, Leuven, Belgium (July 2009), http://eprint.iacr.org/2009/212.pdf
Cash, D., Ding, Y.Z., Dodis, Y., Lee, W., Lipton, R., Walfish, S.: Intrusion-Resilient Key Exchange in the Bounded Retrieval Model. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 479–498. Springer, Heidelberg (2007)
Di Crescenzo, G., Lipton, R., Walfish, S.: Perfectly Secure Password Protocols in the Bounded Retrieval Model. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 225–244. Springer, Heidelberg (2006)
Dziembowski, S., Pietrzak, K.: Leakage-resilient cryptography. In: Proc. In FOCS (2008), October 25-28, pp. 293–302 (2008)
European Network of Excellence (ECRYPT). The side channel cryptanalysis lounge, http://www.crypto.ruhr-uni-bochum.de/en_sclounge.html
Goldreich, O., Goldwasser, S., Micali, S.: How to construct pseudo-random functions. Journal of ACM 33(4) (1986)
Henrici, D., Muller, P.M.: Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers. In: Proc. of IEEE Int. Conf. on Pervasive Computing and Communications, pp. 149–153 (2004)
Juels, A., Pappu, R.: Squealing Euros:Privacy-Protection in RFID-Enabled Banknotes. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 103–121. Springer, Heidelberg (2003)
Juels, A., Weis, S.A.: Defining Strong Privacy for RFID, http://eprint.iacr.org/2006/137
Le, T.V., Burmester, M., de Medeiros, B.: Universally Composable and Forward-secure RFID Authentication and Authenticated Key Exchange. In: Proc. of ASIACCS 2007, pp. 242–252 (2007)
Naor, M., Segev, G.: Public-Key Cryptosystem Resilient to Key leakage. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 18–35. Springer, Heidelberg (2009)
Ng, C.Y., Susilo, W., Mu, Y., Safavi-Naini, R.: RFID Privacy Models Revisited. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 251–266. Springer, Heidelberg (2008)
Ohkubo, M., Suzuki, K.: Forward Security RFID Privacy Protection Scheme with Restricted Traceability. In: Proc. of ACNS 2006 in Industrial Track, pp. 1–16 (2006)
Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic Approach to a Privacy Friendly Tags. Presented at the RFID Privacy Workshop, MIT, USA (2003)
Pietrzak, K.: A Leakage-Resilient Mode of Operation. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 462–482. Springer, Heidelberg (2010)
Pietrzak, K., Sjodin, J.: Range Extension for Weak PRFs; The Good, the Bad, and the Ugly. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 517–533. Springer, Heidelberg (2007)
Petit, C., Standaert, F.-X., Pereira, O., Malkin, T., Yung, M.: A Block Cipher based Pseudo Random Number Generator Secure against Side-channel Key Recovery. In: Proc. of ASIACCS 2008, pp. 56–65 (2008)
Shaltiel, R.: Recent developments in explicit constructions of extractors. Bulletin of the EATCS 77, 67–95 (2002)
Sharma, S.E., Weiss, S.A., Engels, D.W.: RFID systems and security and privacy implications. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 454–469. Springer, Heidelberg (2003)
Vaudenay, S.: On Privacy Models for RFID. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 68–87. Springer, Heidelberg (2007)
Yu, Y., Standaert, F.-X., Pereira, O., Yung, M.: Practical Leakage-Resilient Pseudorandom Generators. In: Proc. of ACM CCS 2010 (to appear, 2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Matsuo, S., Phong, L.T., Ohkubo, M., Yung, M. (2010). Leakage-Resilient RFID Authentication with Forward-Privacy. In: Ors Yalcin, S.B. (eds) Radio Frequency Identification: Security and Privacy Issues. RFIDSec 2010. Lecture Notes in Computer Science, vol 6370. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16822-2_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-16822-2_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16821-5
Online ISBN: 978-3-642-16822-2
eBook Packages: Computer ScienceComputer Science (R0)