nach oben

Wireless Personal Communications

Erschienen in:

01.07.2014

Simulation-Based Traceability Analysis of RFID Authentication Protocols

verfasst von: Mahdi R. Alagheband, Mohammad R. Aref

Erschienen in: Wireless Personal Communications | Ausgabe 2/2014

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Nowadays low-cost RFID systems have moved from obscurity into mainstream applications which cause growing security and privacy concerns. The lightweight cryptographic primitives and authentication protocols are indispensable requirements for these devices to grow pervasive. In recent years, there has been an increasing interest in intuitive analysis of RFID protocols. This concept has recently been challenged by formal privacy models. This paper investigates how to analyse and solve privacy problems in formal model. First, we highlight some vague drawbacks especially in forward and backward traceability analysis and extend it in the simulation-based privacy model family. Then, the privacy weaknesses of three new-found RFID authentication protocols are analysed in formal privacy models and three improved protocols are proposed to prevent the aforementioned attacks.

Vorheriger Artikel FRAS: Fair Rate Adaptation Scheme for Directional Multicast in 60 GHz Multi-Gigabit WLANs

Nächster Artikel Fast Convergence Algorithm for Earthquake Prediction Using Electromagnetic Fields Excited by SLF/ELF Horizontal Magnetic Dipole and Schumann Resonance

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Kulseng, L. S. (2009). Lightweight mutual authentication, owner transfer, and secure search protocols for RFID systems. Msc Thesis in Iowa State University.

Konomi, S., & Roussos, G. (2007). Ubiquitous computing in the real world: Lessons learnt from large scale RFID deployments. Personal and Ubiquitous Computing, 11(7), 507–521.

Koscher, K., Juels, A., Kohno, T., & Brajkovic, V. (2008). EPC RFID tags in security applications: Passport cards, enhanced drivers licenses, and beyond. In 16th ACM conference on computer and communications security (pp. 33–42).

Ouafi, K., & Vaudenay, S. (2009). Pathchecker: An RFID application for tracing products in supply-chains. In RFIDsec.

Chai, Q. (2012). Design and analysis of security schemes for low-cost RFID systems. PhD thesis presented to the University of Waterloo.

Tsudik, G. (2006). YA-TRAP: Yet another trivial RFID authentication protocol. In 4th annual IEEE international conference on pervasive computing and communications workshops (pp. 640–643).

Juels, A. (2005). Strengthening EPC tags against cloning. In Workshop on wireless security (WiSec) (pp. 67–76).

Li, T., & Deng, R. (2008). Scalable RFID authentication and discovery in EPCglobal network. In Communications and networking in China (ChinaCom) (pp. 1138–1142).

Duc, D. N., & Kim, K. (2011). Defending RFID authentication protocols against DoS attacks. Journal of Computer Communications, 34, 384–390.CrossRef

10.

Cho, J.-S., Yeo, S.-S., & Kim, S. K. (2011). Securing against brute-force attack: A hash-based RFID mutual authentication protocol using a secret value. Journal of Computer Communications, 34, 391–397.CrossRef

11.

EPCglobal. (2008). EPC radio-frequency identity protocols class-1 generation-2 UHF RFID protocol for communications at 860 MHz 960 MHz, Ver. 1.2.0. Specification for RFID Air Interface EPCglobal 2008.

12.

EPCglobal. (2007). Low level reader protocol (LLRP), Ver. 1.0.1. Ratified Standard, EPCglobal 2007.

13.

Coisel, I., & Martin, T. (2013). Untangling RFID privacy models. Journal of Computer Networks and Communications, 2013, 26. doi:10.1155/2013/710275.

14.

Avoine, G. (2005). Adversarial model for radio frequency identification. Cryptology ePrint archive, report 2005/049. http://eprint.iacr.org/2005/049.

15.

Avoine, G. (2005). Cryptography in radio frequency identification and fair ex-change protocols. Phd Thesis no. 3407, EPFL. http://library.epfl.ch/theses/?nr=3407.

16.

Avoine, G., Dysli, E., & Oechslin, P. (2006). Reducing time complexity in RFID systems. In B. Preneel & S. Tavares (Eds.), SAC 2005. LNCS (Vol. 3897, pp. 291–306). Heidelberg: Springer.

17.

Lim, C.H., & Kwon, T. (2006). Strong and robust RFID authentication enabling perfect ownership transfer. In Eighth international conference on information and communications security (ICICS) (pp. 1–20).

18.

Juels, A., & Weis, S. (2006). Defining strong privacy for RFID. Cryptology ePrint archive, report 2006/137.

19.

Ouafi, K., & Phan, R. C.-W. (2008). Privacy of recent RFID authentication protocols. In L. Chen, Y. Mu, & W. Susilo (Eds.), ISPEC 2008. LNCS (Vol. 4991, pp. 263–277). Heidelberg: Springer.

20.

Ouafi, K., & Phan, R. C.-W. (2008). Traceable privacy of recent provably-secure RFID Protocols. In S. M. Bellovin, et al. (Eds.), ACNS 2008. LNCS (Vol. 5037, pp. 479–489). Berlin, Heidelberg: Springer.

21.

Deng, R. H., Li, Y., Yung, M., & Zhao, Y. (2010). A new framework for RFID privacy. In 15th European symposium on research in computer security (ESORICS) (pp. 1–18).

22.

Moriyama, D., Matsuo, S., & Ohkubo, M. (2012). Relation among the security models for RFID authentication protocol. In 17th European symposium on research in computer security (ESORICS) (pp. 661–678).

23.

Vaudenay, S. (2007). On privacy models for RFID. In K. Kurosawa (Ed.), ASIACRYPT 2007. LNCS (Vol. 4833, pp. 68–87). Heidelberg: Springer.

24.

Paise, R.-I., & Vaudenay, S. (2008). Mutual authentication in RFID: Security and privacy. In The 3rd ACM symposium on information, computer and communications security (ASIACCS) (pp. 292–299).

25.

Fernando, H., & Abawajy, J. (2011). Mutual authentication protocol for networked RFID systems. In IEEE TrustComm.

26.

Zhu, H., Zhao, Y., Ding, S., & Jin, B. (2011). An improved forward-secure anonymous RFID authentication protocol. In Wireless communications, networking and mobile computing (WiCOM) (pp. 1–5).

27.

Fan, X., Gong, G., Engels, D. W. & Smith, E. M. (2011). A lightweight privacy-preserving mutual authentication protocol for RFID systems. In IEEE GLOBECOM workshops (GC Wkshps) (pp. 1083–1087).

28.

Hermans, J., Pashalidis, A., Vercauteren, F. & Preneel, B. (2011). A new RFID privacy model. In V. Atluri, C. Diaz (Eds.), ESORICS 2011. LNCS (Vol. 6879, pp. 568–587).

29.

Ng, C. Y., Susilo, W., Mu, Y., & Safavi-Naini, R. (2010). Practical RFID ownership transfer scheme. In Workshop on RFID security (RFIDSec Asia) volume 4 of cryptology and information security. IOS press.

30.

Ng, C. Y., Susilo, W., Mu, Y., & Safavi-Naini, R. (2009). New privacy results on synchronized RFID authentication protocols against tag tracing. In M. Backes & P. Ning (Eds.), ESORICS 2009. LNCS (Vol. 5789, pp. 321–336). Heidelberg: Springer.

31.

Armknecht, F., Sadeghi, A., Scafuro, A., Visconti, I. & Wachsmann, C. (2010). On RFID privacy with mutual authentication and tag corruption. In Applied cryptography and network security (ACNS) 2010, LNCS (Vol. 6123, pp. 493–510).

32.

Armknecht, F., Sadeghi, A., Scafuro, A., Visconti, I., & Wachsmann, C. (2010). Impossibility results for RFID Privacy notions. In Transactions on computational science XI, LNCS, (Vol. 6480, pp. 39–63).

33.

Habibi, M. H., & Aref, M. R. (2011) Two RFID privacy models in front of a court. Eprint IACR archive. http://eprint.iacr.org/2011/625.

34.

Canard, S., Coisel, I., & Girauld, M. (2010). Security of privacy-preserving RFID systems. In IEEE International conference on RFID-technology and applications (RFID-TA) (pp. 269–274).

35.

Avoine, G., Coisel, I., & Martin, T. (2010). Time measurement threatens privacy-friendly RFID authentication protocols. In RFIDSec. Sprinfer LNCS (Vol. 6370, pp. 138–157).

36.

Lim, C. H., & Kwon, T. (2006). Strong and robust RFID authentication enabling perfect ownership transfer. In 8th international conference of information and communications security (ICICS) Springer-LNCS

37.

Akgün, M., & Çağlayan, M. (2011). Extending an RFID security and privacy model by considering forward untraceability. Security and trust management LNCS, (Vol. 6710, pp. 239–254).

38.

He, L., Jin, S., Zhang, T., & Li, N. (2009). An enhanced 2-pass optimistic anonymous RFID authentication protocol with forward security. In WiCOM (pp. 1–4).

39.

Engels, D., Saarinen, M.-J. O., & Smith, E. M. (2011). The Hummingbird-2 lightweight authenticated encryption algorithm. In RFIDSec 2011.

Titel: Simulation-Based Traceability Analysis of RFID Authentication Protocols
verfasst von: Mahdi R. Alagheband
Mohammad R. Aref
Publikationsdatum: 01.07.2014
Verlag: Springer US
Erschienen in: Wireless Personal Communications / Ausgabe 2/2014
Print ISSN: 0929-6212
Elektronische ISSN: 1572-834X
DOI: https://doi.org/10.1007/s11277-013-1552-7

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Beijing Auto Show 2024: Deutsche Hersteller wollen angreifen./© EKH-Pictures / Generated with AI / Stock.adobe.com, Buchstaben, die aus einem Megaphon kommen/© MicroStockHub/Getty Images/iStock, Digitale Lieferkette/© zapp2photo / stock.adobe.com, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Sustainibility Finance/© Robert Kneschke / stock.adobe.com / Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2014

Probabilistic Data Aggregation in Information-based Clustered Sensor Network

FRAS: Fair Rate Adaptation Scheme for Directional Multicast in 60 GHz Multi-Gigabit WLANs

Relay Selection in Two-Way Cooperative Systems

An Empirical Examination of Initial Trust in Mobile Payment

A Cooperative Transmission Scheme for the Secure Wireless Multicasting

The Fractal Characteristics of Signals in IR-UWB Communication System

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.