Cryptology ePrint Archive: Report 2007/402

Robust, Anonymous RFID Authentication with Constant Key-Lookup

Mike Burmester and Breno de Medeiros and Rossana Motta

Abstract: A considerable number of anonymous RFID authentication schemes have been proposed. However, current proposals either do not provide robust security guarantees, or suffer from scalability issues when the number of tags issued by the system is very large. In this paper, we focus on approaches that reconcile these important requirements. In particular, we seek to reduce the complexity of identifying tags by the back-end server in anonymous RFID authentication protocols---what we term the key-lookup problem. We propose a compiler that transforms a generic RFID authentication protocol (supporting anonymity) into one that achieves the same guarantees with constant key-lookup cost even when the number of tags is very large (billions of tags and beyond). This approach uses a lightweight one-way trapdoor function and produces protocols that are suitable for deployment into current tag architectures. We then explore the issue of minimal assumptions required, and show that one-way trapdoor functions are necessary to achieve highly scalable, robustly secure solutions. We then relax the requirement of unlinkable anonymity, and consider scalable solutions that are provably secure and for which the loss of privacy is minimal.

Category / Keywords: cryptographic protocols / RFID, privacy, availability, scalability, unlinkability, robust security.

Date: received 19 Oct 2007

Contact author: burmester at cs fsu edu

Available format(s): PDF | BibTeX Citation

Version: 20071021:183029 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]