Cryptology ePrint Archive: Report 2007/294

Improved Privacy of the Tree-Based Hash protocols using Physically Unclonable Function

Julien Bringer and Herve Chabanne and Thomas Icart

Abstract: In 2004, Molnar and Wagner introduced a very appealing scheme dedicated to the identification of RFID tags. Their protocol relies on a binary tree of secrets which are shared -- for all nodes except the leaves -- amongst the tags. Hence the compromise of one tag also has implications on the other tags with whom it shares keys. We describe a new man-in-the-middle attack against this protocol which allows to break privacy even without opening tags. Moreover, it can be applied to some other RFID protocols which use correlated keys as the one described recently by Damgard and Pedersen at CT-RSA 2008.

We introduce a modification of the initial scheme to allow us to thwart this and to strengthen RFID tags by implementing secrets with Physical Obfuscated Keys (POKs). This doing, we augment tags and scheme privacy, particularly general resistance against physical threats.

Category / Keywords: RFID tags, Tree-Based Hash Protocol, POK, PUF, Privacy.

Date: received 30 Jul 2007, last revised 17 Apr 2008

Contact author: julien bringer at sagem com

Available format(s): PDF | BibTeX Citation

Note: Extended version

Version: 20080417:193016 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]