Skip to main content
Top
Published in: Electronic Commerce Research 1/2015

01-03-2015

ECC-based untraceable authentication for large-scale active-tag RFID systems

Authors: Yalin Chen, Jue-Sam Chou

Published in: Electronic Commerce Research | Issue 1/2015

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Radio frequency identification tag authentication protocols are generally classified as non-full-fledged and full-fledged, according to the resource usage of the tags. The non-full-fledged protocols typically suffer de-synchronization, impersonation and tracking attacks, and usually lack scalability. The full-fledged protocols, supporting cryptographic functions, are designed to overcome these weaknesses. This paper examines several elliptic-curve-cryptography (ECC)-based full-fledged protocols. We found that some still have security and privacy issues, and others generate excessive communication costs between the tag and the back-end server. Motivated by these observations, we construct two novel protocols, PI and PII. PI is designed for secure environments and is suitable for applications, including E-Passport and toll payment in vehicular ad-hoc networks. PII is for hostile environments and can be applied in pseudonymous payment and anti-counterfeiting services. After analysis, we conclude that PII can resist many attacks, outperform previous ECC-based proposals in communication efficiency, and provide mutual authentication function and scalability.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Literature
1.
go back to reference Abid, M., & Afifi, H. (2008). Secure E-passport protocol using elliptic curve Diffie–Hellman key agreement protocol. In International Conference on Information Assurance and Security (pp. 99–102). Abid, M., & Afifi, H. (2008). Secure E-passport protocol using elliptic curve Diffie–Hellman key agreement protocol. In International Conference on Information Assurance and Security (pp. 99–102).
2.
go back to reference Abid, M., Kanade, S., Petrovska-Delacrétaz, D., Dorizzi, B., & Afifi, H. (2010). Iris based authentication mechanism for E-passports. In International Workshop on Security and Communication Networks (IWSCN’10) (pp. 1–5). Abid, M., Kanade, S., Petrovska-Delacrétaz, D., Dorizzi, B., & Afifi, H. (2010). Iris based authentication mechanism for E-passports. In International Workshop on Security and Communication Networks (IWSCN’10) (pp. 1–5).
3.
go back to reference Ahamed, S. I., Rahman, F., & Hoque, M. E. (2008). ERAP: ECC based RFID authentication protocol. In IEEE International Workshop on Future Trends of Distributed Computing Systems (pp. 219–225). Ahamed, S. I., Rahman, F., & Hoque, M. E. (2008). ERAP: ECC based RFID authentication protocol. In IEEE International Workshop on Future Trends of Distributed Computing Systems (pp. 219–225).
4.
go back to reference Alomair, B., Clark, A., Cuellar, J., & Poovendran, R. (2012). Scalable RFID systems: A privacy-preserving protocol with constant-time identification. IEEE Transactions on Parallel and Distributed Systems, 23(8), 1536–1550.CrossRef Alomair, B., Clark, A., Cuellar, J., & Poovendran, R. (2012). Scalable RFID systems: A privacy-preserving protocol with constant-time identification. IEEE Transactions on Parallel and Distributed Systems, 23(8), 1536–1550.CrossRef
5.
go back to reference Avoine, G., & Oechslin, P. (2005). A scalable and provably secure hash based RFID protocol. In IEEE Pervasive Computing and Communication Security (PerSec’05) (pp. 110–114). Avoine, G., & Oechslin, P. (2005). A scalable and provably secure hash based RFID protocol. In IEEE Pervasive Computing and Communication Security (PerSec’05) (pp. 110–114).
6.
go back to reference Batina, L., Guajardo, J., Kerins, T., Mentens, N., Tuyls, P., & Verbauwhede, I. (2007). Public-key cryptography for RFID-tags. In IEEE International Conference on Pervasive Computing and Communications Workshops (Per’07) (pp. 217–222). Batina, L., Guajardo, J., Kerins, T., Mentens, N., Tuyls, P., & Verbauwhede, I. (2007). Public-key cryptography for RFID-tags. In IEEE International Conference on Pervasive Computing and Communications Workshops (Per’07) (pp. 217–222).
7.
go back to reference Bianchi, G. (2011). Revisiting an RFID identification-free batch authentication approach. IEEE Communication Letters, 15(6), 632–634.CrossRef Bianchi, G. (2011). Revisiting an RFID identification-free batch authentication approach. IEEE Communication Letters, 15(6), 632–634.CrossRef
8.
go back to reference Bogdanov, A., Leander, G., Paar, C., Poschmann, A., Robshaw, M. J. B., & Seurin, Y. (2008). Hash functions and RFID tags: Mind the gap. In CHES 2008. LNCS. (pp. 283–299). Bogdanov, A., Leander, G., Paar, C., Poschmann, A., Robshaw, M. J. B., & Seurin, Y. (2008). Hash functions and RFID tags: Mind the gap. In CHES 2008. LNCS. (pp. 283–299).
9.
go back to reference Buccafurri, F., & Lax, G. (2011). Implementing disposable credit card numbers by mobile phones. Electronic Commerce Research, 11(3), 271–296.CrossRef Buccafurri, F., & Lax, G. (2011). Implementing disposable credit card numbers by mobile phones. Electronic Commerce Research, 11(3), 271–296.CrossRef
10.
go back to reference Burmester, M., & Medeiros, B. (2008). The security of EPC Gen2 compliant RFID protocols. In International Conference on Applied Cryptography and Network Security (ACNS’08) (pp. 490–506). Burmester, M., & Medeiros, B. (2008). The security of EPC Gen2 compliant RFID protocols. In International Conference on Applied Cryptography and Network Security (ACNS’08) (pp. 490–506).
11.
go back to reference Cao, T., Bertino, E., & Lei, H. (2009). Security analysis of the SASI protocol. IEEE Transactions on Dependable and Secure Computing, 6(1), 73–77.CrossRef Cao, T., Bertino, E., & Lei, H. (2009). Security analysis of the SASI protocol. IEEE Transactions on Dependable and Secure Computing, 6(1), 73–77.CrossRef
12.
go back to reference Cheon, J. H., Hong, J., & Tsudik, G. (2012). Reducing RFID reader load with the meet-in-the-middle strategy. Journal of Communications and Networks, 14(1), 10–14.CrossRef Cheon, J. H., Hong, J., & Tsudik, G. (2012). Reducing RFID reader load with the meet-in-the-middle strategy. Journal of Communications and Networks, 14(1), 10–14.CrossRef
13.
go back to reference Chen, Y., Chou, J. S., & Sun, H. M. (2008). A novel mutual authentication scheme based on quadratic residues for RFID systems. Computer Networks, 51(12), 2373–2380.CrossRef Chen, Y., Chou, J. S., & Sun, H. M. (2008). A novel mutual authentication scheme based on quadratic residues for RFID systems. Computer Networks, 51(12), 2373–2380.CrossRef
14.
go back to reference Chien, H. Y. (2007). SASI: A new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Transactions on Dependable and Secure Computing, 4(4), 337–340.CrossRef Chien, H. Y. (2007). SASI: A new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Transactions on Dependable and Secure Computing, 4(4), 337–340.CrossRef
15.
go back to reference Chien, H. Y., & Chen, C. H. (2007). Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards. Computer Standards & Interfaces, 9(2), 254–259.CrossRef Chien, H. Y., & Chen, C. H. (2007). Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards. Computer Standards & Interfaces, 9(2), 254–259.CrossRef
16.
go back to reference Chou, J. S., Chen, Y., Wu, C. L., & Lin, C. F. (2011). An efficient RFID mutual authentication scheme based on ECC. Cryptology ePrint Archive: Report 2011/418. Chou, J. S., Chen, Y., Wu, C. L., & Lin, C. F. (2011). An efficient RFID mutual authentication scheme based on ECC. Cryptology ePrint Archive: Report 2011/418.
17.
go back to reference D’Arco, P., & Santis, A. D. (2011). On ultralightweight RFID authentication protocols. IEEE Transactions on Dependable and Secure Computing, 8(4), 548–563.CrossRef D’Arco, P., & Santis, A. D. (2011). On ultralightweight RFID authentication protocols. IEEE Transactions on Dependable and Secure Computing, 8(4), 548–563.CrossRef
18.
go back to reference Deng, R.H., Li, Y., Yung, M., & Zhao, Y. (2010). A new framework for RFID privacy. Computer Security—ESORICS, LNCS# 6345 (pp. 1–18). Deng, R.H., Li, Y., Yung, M., & Zhao, Y. (2010). A new framework for RFID privacy. Computer Security—ESORICS, LNCS# 6345 (pp. 1–18).
19.
go back to reference Eurich, M., Oertel, N., & Boutellier, R. (2010). The impact of perceived privacy risks on organizations’ willingness to share item-level event data across the supply chain. Electronic Commerce Research, 10(3–4), 423–440.CrossRef Eurich, M., Oertel, N., & Boutellier, R. (2010). The impact of perceived privacy risks on organizations’ willingness to share item-level event data across the supply chain. Electronic Commerce Research, 10(3–4), 423–440.CrossRef
20.
go back to reference Fan, J., Batina, L., & Verbauwhede, I. (2009). Light-weight implementation options for curve-based cryptography: HECC is also ready for RFID. In International conference for Internet Technology and Secured Transactions (pp. 1–6). Fan, J., Batina, L., & Verbauwhede, I. (2009). Light-weight implementation options for curve-based cryptography: HECC is also ready for RFID. In International conference for Internet Technology and Secured Transactions (pp. 1–6).
21.
go back to reference Fürbass, F. (2006). ECC signature generation device for RFID tags. Fürbass, F. (2006). ECC signature generation device for RFID tags.
22.
go back to reference Fürbass, F. & Wolkerstorfer, J. (2007). ECC processor with low die size for RFID applications. In IEEE International Symposium on Circuit and Systems (ISCAS’07) (pp. 1835–1838). Fürbass, F. & Wolkerstorfer, J. (2007). ECC processor with low die size for RFID applications. In IEEE International Symposium on Circuit and Systems (ISCAS’07) (pp. 1835–1838).
23.
go back to reference Girault, M. (1991). Self-certified public keys. In Eurocrypt ‘91, LNCS# 547 (pp. 490–497). Girault, M. (1991). Self-certified public keys. In Eurocrypt ‘91, LNCS# 547 (pp. 490–497).
24.
go back to reference Godor, G., Giczi, N., & Imre, S. (2010). Elliptic curve cryptography based mutual authentication protocol for low computational capacity RFID systems-performance analysis by simulations. In IEEE International Symposium on Wireless Pervasive Computing (ISWPC) (pp. 331–336). Godor, G., Giczi, N., & Imre, S. (2010). Elliptic curve cryptography based mutual authentication protocol for low computational capacity RFID systems-performance analysis by simulations. In IEEE International Symposium on Wireless Pervasive Computing (ISWPC) (pp. 331–336).
25.
go back to reference Habibi, M. H., Aref, M. R., & Ma, D. (2011). Addressing flaws in RFID authentication protocols. In INDOCRYPT 2011, LNCS#7107, (pp. 216–235). Habibi, M. H., Aref, M. R., & Ma, D. (2011). Addressing flaws in RFID authentication protocols. In INDOCRYPT 2011, LNCS#7107, (pp. 216–235).
26.
go back to reference Han, D., & Kwon, D. (2009). Vulnerability of an RFID authentication protocol conforming to EPC Class 1 Generation 2 Standards. Computer Standards & Interfaces, 31(4), 648–652.CrossRef Han, D., & Kwon, D. (2009). Vulnerability of an RFID authentication protocol conforming to EPC Class 1 Generation 2 Standards. Computer Standards & Interfaces, 31(4), 648–652.CrossRef
27.
go back to reference Huang, Y. J., Lin, W. C., & Li, H. L. (2012). Efficient implementation of RFID mutual authentication protocol. IEEE Transactions on Industrial Electronics, 59(12), 4784–4791.CrossRef Huang, Y. J., Lin, W. C., & Li, H. L. (2012). Efficient implementation of RFID mutual authentication protocol. IEEE Transactions on Industrial Electronics, 59(12), 4784–4791.CrossRef
28.
go back to reference Isaac, J. T., Zeadally, S., & Sierra, J. C. (2010). Implementation and performance evaluation of a payment protocol for vehicular ad hoc networks. Electronic Commerce Research, 10(2), 209–233.CrossRef Isaac, J. T., Zeadally, S., & Sierra, J. C. (2010). Implementation and performance evaluation of a payment protocol for vehicular ad hoc networks. Electronic Commerce Research, 10(2), 209–233.CrossRef
29.
go back to reference Isaac, J. T., Zeadally, S., & Sierra, J. C. (2012). A lightweight secure mobile payment protocol for vehicular ad-hoc networks (VNETs). Electronic Commerce Research, 12(1), 97–123.CrossRef Isaac, J. T., Zeadally, S., & Sierra, J. C. (2012). A lightweight secure mobile payment protocol for vehicular ad-hoc networks (VNETs). Electronic Commerce Research, 12(1), 97–123.CrossRef
30.
go back to reference Jeng, A. B., & Chen, L. Y. (2009). How to enhance the security of E-passport. In Proceedings of International Conference on Machine Learning and Cybernetics (pp. 2922–2926). Jeng, A. B., & Chen, L. Y. (2009). How to enhance the security of E-passport. In Proceedings of International Conference on Machine Learning and Cybernetics (pp. 2922–2926).
31.
go back to reference Juels, A., Molnar, D., & Wagner, D. (2005). Security and privacy issues in E-passports. In IEEE International Conference on Security and Privacy for Emerging Areas in Communications Networks (pp. 1–12). Juels, A., Molnar, D., & Wagner, D. (2005). Security and privacy issues in E-passports. In IEEE International Conference on Security and Privacy for Emerging Areas in Communications Networks (pp. 1–12).
32.
go back to reference Juels, A., & Weis, S. (2006). Defining strong privacy for RFID. Cryptology ePrint Archive, Report 2006/137. Juels, A., & Weis, S. (2006). Defining strong privacy for RFID. Cryptology ePrint Archive, Report 2006/137.
33.
go back to reference Kapoor, G., & Piramuthu, S. (2010). Vulnerabilities in some recently proposed RFID ownership transfer protocols. IEEE Communication Letters, 14(3), 260–262.CrossRef Kapoor, G., & Piramuthu, S. (2010). Vulnerabilities in some recently proposed RFID ownership transfer protocols. IEEE Communication Letters, 14(3), 260–262.CrossRef
34.
go back to reference Kapoor, G., & Piramuthu, S. (2012). Single RFID tag ownership transfer protocols. IEEE Transactions on Systems, Man, and Cybernetics-Part C, 42(2), 164–173.CrossRef Kapoor, G., & Piramuthu, S. (2012). Single RFID tag ownership transfer protocols. IEEE Transactions on Systems, Man, and Cybernetics-Part C, 42(2), 164–173.CrossRef
35.
go back to reference Kaya, S. V., Savas, E., Levi, A., & Ercetin, O. (2009). Public key cryptography based privacy preserving multi-context RFID infrastructure. Ad Hoc Networks, 7(1), 136–151.CrossRef Kaya, S. V., Savas, E., Levi, A., & Ercetin, O. (2009). Public key cryptography based privacy preserving multi-context RFID infrastructure. Ad Hoc Networks, 7(1), 136–151.CrossRef
36.
go back to reference Kim, H. W., Lim, S. Y., & Lee, H. J. (2006). Symmetric encryption in RFID authentication protocol for strong location privacy and forward-security. In International Conference on hybrid information technology (ICHIT’06) (pp. 718–723). Kim, H. W., Lim, S. Y., & Lee, H. J. (2006). Symmetric encryption in RFID authentication protocol for strong location privacy and forward-security. In International Conference on hybrid information technology (ICHIT’06) (pp. 718–723).
37.
go back to reference Kinoshita, S., Ohkubo, M., Hoshino, F., Morohashi, G., Shionoiri, O., & Kanai, A. (2005). Privacy enhanced active RFID tag. Proceedings of Environments: International Workshop on Exploiting Context Histories in Smart (pp. 1–5). Kinoshita, S., Ohkubo, M., Hoshino, F., Morohashi, G., Shionoiri, O., & Kanai, A. (2005). Privacy enhanced active RFID tag. Proceedings of Environments: International Workshop on Exploiting Context Histories in Smart (pp. 1–5).
38.
go back to reference Ko, W. T., Chiou, S. V., Lu, E. H., & Chang, H. K. (2011). An improvement of privacy-preserving ECC-based grouping proof for RFID. In Cross Strait Quad-Regional Radio Science and Wireless Technology Conference (pp. 1062–1064). Ko, W. T., Chiou, S. V., Lu, E. H., & Chang, H. K. (2011). An improvement of privacy-preserving ECC-based grouping proof for RFID. In Cross Strait Quad-Regional Radio Science and Wireless Technology Conference (pp. 1062–1064).
39.
go back to reference Kumar, S. & Paar, C. (2006). Are standards compliant elliptic curve cryptosystems feasible on RFID? In Workshop on RFID Security (pp. 1–19). Kumar, S. & Paar, C. (2006). Are standards compliant elliptic curve cryptosystems feasible on RFID? In Workshop on RFID Security (pp. 1–19).
40.
go back to reference Lee, Y. K., & Batina, L. (2010). Low-cost untraceable authentication protocols for RFID. In ACM conference on Wireless Network Security (WiSec’10) (pp. 55–64). Lee, Y. K., & Batina, L. (2010). Low-cost untraceable authentication protocols for RFID. In ACM conference on Wireless Network Security (WiSec’10) (pp. 55–64).
41.
go back to reference Lee, Y. K., Batina, L., Singelee, D., Preneel, B., & Verbauwhede, I. (2010). Anti-counterfeiting untraceability and other security challenges for RFID systems—Public-key-based protocols and hardware. Information security and cryptography, Part 5 (pp. 237–257). Lee, Y. K., Batina, L., Singelee, D., Preneel, B., & Verbauwhede, I. (2010). Anti-counterfeiting untraceability and other security challenges for RFID systems—Public-key-based protocols and hardware. Information security and cryptography, Part 5 (pp. 237–257).
42.
go back to reference Lee, Y.K., Batina, L., & Verbauwhede, I. (2008). EC-RAC (ECDLP Based Randomized Access Control): Provably secure RFID authentication protocol. In IEEE International Conference on RFID (pp. 97–104). Lee, Y.K., Batina, L., & Verbauwhede, I. (2008). EC-RAC (ECDLP Based Randomized Access Control): Provably secure RFID authentication protocol. In IEEE International Conference on RFID (pp. 97–104).
43.
go back to reference Lee, Y. K., Batina, L., & Verbauwhede, I. (2009). Untraceable RFID authentication protocols: Revision of EC-RAC. In IEEE International Conference on RFID (pp. 178–185). Lee, Y. K., Batina, L., & Verbauwhede, I. (2009). Untraceable RFID authentication protocols: Revision of EC-RAC. In IEEE International Conference on RFID (pp. 178–185).
44.
go back to reference Lehtonen, M. O., Michahelles, F. M., & Fleisch, E. F. (2007). Trust and security in RFID-based product authentication systems. IEEE System Journal, 1(2), 129–144.CrossRef Lehtonen, M. O., Michahelles, F. M., & Fleisch, E. F. (2007). Trust and security in RFID-based product authentication systems. IEEE System Journal, 1(2), 129–144.CrossRef
45.
go back to reference Lim, C. H., & Kwon, T. (2006). Strong and robust RFID authentication enabling perfect ownership transfer. In ICICS’06, LNCS#4307 (pp. 1–20). Lim, C. H., & Kwon, T. (2006). Strong and robust RFID authentication enabling perfect ownership transfer. In ICICS’06, LNCS#4307 (pp. 1–20).
46.
go back to reference Liu, H., & Ning, H. (2011). Zero-knowledge authentication protocol based on alternative mode in RFID systems. IEEE Sensors Journal, 11(12), 3235–3245.CrossRef Liu, H., & Ning, H. (2011). Zero-knowledge authentication protocol based on alternative mode in RFID systems. IEEE Sensors Journal, 11(12), 3235–3245.CrossRef
47.
go back to reference Liu, H., Ning, H., Zhang, Y., He, D., Xiong, Q., & Yang, L. T. (2012). Grouping-proofs based authentication protocol for distributed RFID systems. IEEE Transactions on Parallel and Distributed Systems, 24(7), 1321–1330.CrossRef Liu, H., Ning, H., Zhang, Y., He, D., Xiong, Q., & Yang, L. T. (2012). Grouping-proofs based authentication protocol for distributed RFID systems. IEEE Transactions on Parallel and Distributed Systems, 24(7), 1321–1330.CrossRef
48.
go back to reference Luo, P., Wang, X., Feng, J., & Xu, Y. (2008). Low-power hardware implementation of ECC processor suitable for low-cost RFID tags. In International conference on solid-state and integrated-circuit technology (pp. 1681–1684). Luo, P., Wang, X., Feng, J., & Xu, Y. (2008). Low-power hardware implementation of ECC processor suitable for low-cost RFID tags. In International conference on solid-state and integrated-circuit technology (pp. 1681–1684).
49.
go back to reference Maimut, D., & Ouai, K. (2012). Lightweight cryptography for RFID tags. IEEE Security & Privacy, 10(2), 76–79.CrossRef Maimut, D., & Ouai, K. (2012). Lightweight cryptography for RFID tags. IEEE Security & Privacy, 10(2), 76–79.CrossRef
50.
go back to reference Mao, W. (2003). Modern cryptography—Theory and practice. New Jersey: Prentice Hall. Mao, W. (2003). Modern cryptography—Theory and practice. New Jersey: Prentice Hall.
51.
go back to reference Nathan, B. T., Meenakumari, R., & Usha, S. (2011). Formation of elliptic curve using finger print for network security. In International Conference on Process Automation, Control and Computing (PACC) (pp. 1–5). Nathan, B. T., Meenakumari, R., & Usha, S. (2011). Formation of elliptic curve using finger print for network security. In International Conference on Process Automation, Control and Computing (PACC) (pp. 1–5).
52.
go back to reference Ning, H., Liu, H., Mao, J., & Zhang, Y. (2011). Scalable and distributed key array authentication protocol in radio frequency identification-based sensor systems. IET Communications, 5(12), 1755–1768.CrossRef Ning, H., Liu, H., Mao, J., & Zhang, Y. (2011). Scalable and distributed key array authentication protocol in radio frequency identification-based sensor systems. IET Communications, 5(12), 1755–1768.CrossRef
53.
go back to reference O’Neill, M., & Robshaw, M. J. B. (2010). Low-cost digital signature architecture suitable for radio frequency identification tags. IET Computers & Digital Techniques, 4(1), 14–26.CrossRef O’Neill, M., & Robshaw, M. J. B. (2010). Low-cost digital signature architecture suitable for radio frequency identification tags. IET Computers & Digital Techniques, 4(1), 14–26.CrossRef
54.
go back to reference Ouafi, K., & Phan, R. C.-W. (2008). Traceable privacy of recent provably-secure RFID protocols. In International Conference Applied Cryptography and Network Security (ACNS), LNCS#5037 (pp. 479–489). Ouafi, K., & Phan, R. C.-W. (2008). Traceable privacy of recent provably-secure RFID protocols. In International Conference Applied Cryptography and Network Security (ACNS), LNCS#5037 (pp. 479–489).
55.
go back to reference Oyarhossein, S., & Mohammadi, S. (2009). Cryptography and authentication processing framework on RFID active tags for carpet products. In International Conference on Communications Technology and Applications, (ICCTA’09) (pp. 26–31). Oyarhossein, S., & Mohammadi, S. (2009). Cryptography and authentication processing framework on RFID active tags for carpet products. In International Conference on Communications Technology and Applications, (ICCTA’09) (pp. 26–31).
56.
go back to reference Peeters, R., Singelée, D., & Preneel, B. (2012). Toward more secure and reliable access control. Pervasive Computing, 11(3), 76–83.CrossRef Peeters, R., Singelée, D., & Preneel, B. (2012). Toward more secure and reliable access control. Pervasive Computing, 11(3), 76–83.CrossRef
57.
go back to reference Pendl, C., Pelnar, M., & Hutter, M. (2012). Elliptic curve cryptography on the WISP UHF RFID tag. RFID Security and Privacy, LNCS#7055 (pp. 32–47). Pendl, C., Pelnar, M., & Hutter, M. (2012). Elliptic curve cryptography on the WISP UHF RFID tag. RFID Security and Privacy, LNCS#7055 (pp. 32–47).
58.
go back to reference Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Ribagorda, A. (2009). Advances in ultralightweight cryptography for low-cost RFID tags: Gossamer protocol. Information Security Applications, LNCE#5379 (pp. 56–68). Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Ribagorda, A. (2009). Advances in ultralightweight cryptography for low-cost RFID tags: Gossamer protocol. Information Security Applications, LNCE#5379 (pp. 56–68).
59.
go back to reference Phan, R. C.-W. (2009). Cryptanalysis of a new ultralightweight RFID authentication protocol—SASI. IEEE Transactions on Dependable and Secure Computing, 6(4), 316–320.CrossRef Phan, R. C.-W. (2009). Cryptanalysis of a new ultralightweight RFID authentication protocol—SASI. IEEE Transactions on Dependable and Secure Computing, 6(4), 316–320.CrossRef
60.
go back to reference Piramuthu, S. (2008). Lightweight cryptographic authentication in passive RFID-tagged systems. IEEE Transactions on Systems, Man, and Cybernetics-Part C, 38(3), 360–376.CrossRef Piramuthu, S. (2008). Lightweight cryptographic authentication in passive RFID-tagged systems. IEEE Transactions on Systems, Man, and Cybernetics-Part C, 38(3), 360–376.CrossRef
61.
go back to reference Piramuthu, S. (2011). RFID mutual authentication protocols. Decision Support Systems, 50(2), 387–393.CrossRef Piramuthu, S. (2011). RFID mutual authentication protocols. Decision Support Systems, 50(2), 387–393.CrossRef
62.
go back to reference Poupard, G., & Stern, J. (1998). Security analysis of a practical ‘On the Fly’ authentication and signature generation. In Eurocrypt’98, LNCS#1403 (pp. 422–436). Poupard, G., & Stern, J. (1998). Security analysis of a practical ‘On the Fly’ authentication and signature generation. In Eurocrypt’98, LNCS#1403 (pp. 422–436).
63.
go back to reference Rennhard, M., Rafeli, S., Mathy, L., Plattner, B., & Hutxhison, D. (2004). Towards pseudonymous e-commerce. Electronic Commerce Research, 4(1–2), 83–111.CrossRef Rennhard, M., Rafeli, S., Mathy, L., Plattner, B., & Hutxhison, D. (2004). Towards pseudonymous e-commerce. Electronic Commerce Research, 4(1–2), 83–111.CrossRef
64.
go back to reference Rizomiliotis, P., Rekleitis, E., & Gritzalis, S. (2009). Security analysis of the Song–Mitchell authentication protocol for low-cost RFID tags. IEEE Communication Letters, 13(4), 274–276.CrossRef Rizomiliotis, P., Rekleitis, E., & Gritzalis, S. (2009). Security analysis of the Song–Mitchell authentication protocol for low-cost RFID tags. IEEE Communication Letters, 13(4), 274–276.CrossRef
65.
go back to reference Roberti, M. (2007). A 5-cent breakthrougha. In International Workshop on RFID Technology - Concepts, Applications, Challenges (IWRT’07). Roberti, M. (2007). A 5-cent breakthrougha. In International Workshop on RFID Technology - Concepts, Applications, Challenges (IWRT’07).
66.
go back to reference Sadeghi, A. R., Visconti, I., & Wachsmann, C. (2010). Enhancing RFID security and privacy by physically unclonable functions. Information security and cryptography, Part 5 (pp. 281–305). Sadeghi, A. R., Visconti, I., & Wachsmann, C. (2010). Enhancing RFID security and privacy by physically unclonable functions. Information security and cryptography, Part 5 (pp. 281–305).
67.
go back to reference Seo, Y., Lee, H., & Kim, K. (2006). A scalable and untraceable authentication protocol for RFID. In International Conference on Emerging Directions in Embedded and Ubiquitous Computing (EUC’06) (pp. 252–261). Seo, Y., Lee, H., & Kim, K. (2006). A scalable and untraceable authentication protocol for RFID. In International Conference on Emerging Directions in Embedded and Ubiquitous Computing (EUC’06) (pp. 252–261).
68.
go back to reference Song, B., Hwang, J. Y., & Shim, K. A. (2011). Security improvement of an RFID security protocol of ISO/IEC WD 29167–6. IEEE Communication Letters, 15(12), 1375–1377.CrossRef Song, B., Hwang, J. Y., & Shim, K. A. (2011). Security improvement of an RFID security protocol of ISO/IEC WD 29167–6. IEEE Communication Letters, 15(12), 1375–1377.CrossRef
69.
go back to reference Song, B., & Mitchell, C. J. (2011). Scalable RFID security protocols supporting tag ownership transfer. Computer Communications, 34(1), 556–566.CrossRef Song, B., & Mitchell, C. J. (2011). Scalable RFID security protocols supporting tag ownership transfer. Computer Communications, 34(1), 556–566.CrossRef
70.
go back to reference Stinson, D. R. (1995). Cryptography—Theory and practice. Boca Raton: CRC Press Inc. Stinson, D. R. (1995). Cryptography—Theory and practice. Boca Raton: CRC Press Inc.
71.
go back to reference Sun, H. M., & Ting, W. C. (2009). A Gen2-based RFID authentication protocol for security and privacy. IEEE Transactions on Mobile Computing, 8(8), 1052–1062.CrossRef Sun, H. M., & Ting, W. C. (2009). A Gen2-based RFID authentication protocol for security and privacy. IEEE Transactions on Mobile Computing, 8(8), 1052–1062.CrossRef
72.
go back to reference Sun, H. M., Ting, W. C., & Wang, K. H. (2011). On the security of Chien’s ultralightweight RFID authentication protocol. IEEE Transactions on Dependable and Secure Computing, 8(2), 315–317.CrossRef Sun, H. M., Ting, W. C., & Wang, K. H. (2011). On the security of Chien’s ultralightweight RFID authentication protocol. IEEE Transactions on Dependable and Secure Computing, 8(2), 315–317.CrossRef
73.
go back to reference Tagra, D., Rahman, M., & Sampalli, S. (2010). Technique for preventing DoS attacks on RFID systems. Software, Telecommunications and Computer Networks, 23(25), 6–10. Tagra, D., Rahman, M., & Sampalli, S. (2010). Technique for preventing DoS attacks on RFID systems. Software, Telecommunications and Computer Networks, 23(25), 6–10.
74.
go back to reference Tan, C. C., Sheng, B., & Li, Q. (2008). Secure and serverless RFID authentication and search protocols. IEEE Transactions on Wireless Communications, 7(4), 1400–1407.CrossRef Tan, C. C., Sheng, B., & Li, Q. (2008). Secure and serverless RFID authentication and search protocols. IEEE Transactions on Wireless Communications, 7(4), 1400–1407.CrossRef
75.
go back to reference Tan, C. C., Sheng, B., & Li, Q. (2010). Efficient techniques for monitoring missing RFID tags. IEEE Transactions on Wireless Communications, 9(6), 1882–1889.CrossRef Tan, C. C., Sheng, B., & Li, Q. (2010). Efficient techniques for monitoring missing RFID tags. IEEE Transactions on Wireless Communications, 9(6), 1882–1889.CrossRef
76.
go back to reference Tian, Y., Chen, G., & Li, J. (2012). A new ultralightweight RFID authentication protocol with permutation. IEEE Communication Letters, 6(5), 702–705.CrossRef Tian, Y., Chen, G., & Li, J. (2012). A new ultralightweight RFID authentication protocol with permutation. IEEE Communication Letters, 6(5), 702–705.CrossRef
77.
go back to reference Tuyls, P., & Batina, L. (2006). RFID-tags for anti-counterfeiting. Topics in cryptology—CT-RSA, LNCE#3850 (pp. 115–131). Tuyls, P., & Batina, L. (2006). RFID-tags for anti-counterfeiting. Topics in cryptology—CT-RSA, LNCE#3850 (pp. 115–131).
78.
go back to reference Vaudenay, S. (2007). On privacy models for RFID. Advances in cryptology, LNCS#4822 (pp. 68–87). Vaudenay, S. (2007). On privacy models for RFID. Advances in cryptology, LNCS#4822 (pp. 68–87).
79.
go back to reference Vaudenay, S. (2007). E-passport threats. IEEE Security and Privacy, 5(6), 61–64.CrossRef Vaudenay, S. (2007). E-passport threats. IEEE Security and Privacy, 5(6), 61–64.CrossRef
80.
go back to reference Wang, B., & Ma, M. (2012). A server independent authentication scheme for RFID systems. IEEE Transactions on Industrial Informatics, 8(3), 689–696.CrossRef Wang, B., & Ma, M. (2012). A server independent authentication scheme for RFID systems. IEEE Transactions on Industrial Informatics, 8(3), 689–696.CrossRef
81.
go back to reference Wei, C. H., Hwang, M. S., & Chin, A. Y. (2011). A mutual authentication protocol for RFID. IT Professional, 13(2), 20–24.CrossRef Wei, C. H., Hwang, M. S., & Chin, A. Y. (2011). A mutual authentication protocol for RFID. IT Professional, 13(2), 20–24.CrossRef
82.
go back to reference Yamada, I., Shiotsu, S., Itasaki, A., Inano, S., Yasaki, K. & Takenaka, M. (2005). Secure active RFID tag system. In International Workshop on UbiComp Privacy (pp. 1–5). Yamada, I., Shiotsu, S., Itasaki, A., Inano, S., Yasaki, K. & Takenaka, M. (2005). Secure active RFID tag system. In International Workshop on UbiComp Privacy (pp. 1–5).
83.
go back to reference Yeh, K. H., & Lo, N. W. (2010). Improvement of two lightweight RFID authentication protocols. Information Assurance and Security Letters, 1, 6–11. Yeh, K. H., & Lo, N. W. (2010). Improvement of two lightweight RFID authentication protocols. Information Assurance and Security Letters, 1, 6–11.
84.
go back to reference Yeh, T. C., Wang, Y. J., Kuo, T. C., & Wang, S. S. (2010). Securing RFID systems conforming to EPC Class 1 Generation 2 standard. Expert Systems with Applications, 37(2), 7678–7683.CrossRef Yeh, T. C., Wang, Y. J., Kuo, T. C., & Wang, S. S. (2010). Securing RFID systems conforming to EPC Class 1 Generation 2 standard. Expert Systems with Applications, 37(2), 7678–7683.CrossRef
85.
go back to reference Zuo, Y. (2012). Survivability experiment and attack characterization for RFID. IEEE Transactions on Dependable and Secure Computing, 9(2), 289–302.CrossRef Zuo, Y. (2012). Survivability experiment and attack characterization for RFID. IEEE Transactions on Dependable and Secure Computing, 9(2), 289–302.CrossRef
Metadata
Title
ECC-based untraceable authentication for large-scale active-tag RFID systems
Authors
Yalin Chen
Jue-Sam Chou
Publication date
01-03-2015
Publisher
Springer US
Published in
Electronic Commerce Research / Issue 1/2015
Print ISSN: 1389-5753
Electronic ISSN: 1572-9362
DOI
https://doi.org/10.1007/s10660-014-9165-0

Other articles of this Issue 1/2015

Electronic Commerce Research 1/2015 Go to the issue