Cryptology ePrint Archive: Report 2008/476

The $F_f$-Family of Protocols for RFID-Privacy and Authentication

Erik-Oliver Blass and Anil Kurmus and Refik Molva and Guevara Noubir and Abdullatif Shikfa

Abstract: In this paper, we present the design of the lightweight $F_f$ family of privacy-preserving authentication protocols for RFID-systems. $F_f$ is based on a new algebraic framework for reasoning about and analyzing this kind of authentication protocols. $F_f$ offers user-adjustable, strong authenticity and privacy against known algebraic and also recent SAT-solving attacks. In contrast to related work, $F_f$ achieves these two security properties without requiring an expensive cryptographic hash function. $F_f$ is designed for a challenge-response protocol, where the tag sends random nonces and the results of HMAC-like computations of one of the nonces together with its secret key. In this paper, the authenticity and privacy of $F_f$ is evaluated using analytical and experimental methods.

Category / Keywords: RFID, authentication, privacy

Date: received 10 Nov 2008, last revised 11 Nov 2008

Contact author: erik-oliver blass at eurecom fr

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20081118:215145 (All versions of this report)

Short URL: ia.cr/2008/476

Discussion forum: Show discussion | Start new discussion