Paper 2007/402

Robust, Anonymous RFID Authentication with Constant Key-Lookup

Mike Burmester, Breno de Medeiros, and Rossana Motta

Abstract

A considerable number of anonymous RFID authentication schemes have been proposed. However, current proposals either do not provide robust security guarantees, or suffer from scalability issues when the number of tags issued by the system is very large. In this paper, we focus on approaches that reconcile these important requirements. In particular, we seek to reduce the complexity of identifying tags by the back-end server in anonymous RFID authentication protocols---what we term the key-lookup problem. We propose a compiler that transforms a generic RFID authentication protocol (supporting anonymity) into one that achieves the same guarantees with constant key-lookup cost even when the number of tags is very large (billions of tags and beyond). This approach uses a lightweight one-way trapdoor function and produces protocols that are suitable for deployment into current tag architectures. We then explore the issue of minimal assumptions required, and show that one-way trapdoor functions are necessary to achieve highly scalable, robustly secure solutions. We then relax the requirement of unlinkable anonymity, and consider scalable solutions that are provably secure and for which the loss of privacy is minimal.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
RFIDprivacyavailabilityscalabilityunlinkabilityrobust security.
Contact author(s)
burmester @ cs fsu edu
History
2007-10-21: received
Short URL
https://ia.cr/2007/402
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2007/402,
      author = {Mike Burmester and Breno de Medeiros and Rossana Motta},
      title = {Robust, Anonymous {RFID} Authentication with Constant Key-Lookup},
      howpublished = {Cryptology {ePrint} Archive, Paper 2007/402},
      year = {2007},
      url = {https://eprint.iacr.org/2007/402}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.